Main Menu
Cyber Security
New Chrome Extensions Disguised as HR Tools Pose Security Threat
Verizon Offers Compensation after Nationwide Wireless Service Outage
Microsoft Patch Tuesday Update Sparks Unrest in PCs
HPE OneView Mass Vulnerability Exploitation Threatens Government Agencies
Project Eleven Secures $20 Million Funding to Propel Post-Quantum Security
Canada’s Investment Watchdog Suffers Massive Data Breach: 750,000 Impacted by CIRO Security Incident
XSS Vulnerability in StealC Malware’s Control Panel Uncovered
Analyzing AI in Security Testing: SQL Injection Strong yet Fails in Controls
New Vulnerability Affects Google’s Fast Pair Bluetooth Protocol
New Attack Method, Reprompt, Poses Significant Risk to AI Chatbots
Critical Security Vulnerabilities: Redis Found at Risk of Unauthenticated RCE
AMD’s ‘StackWarp’ Exploit Raises Concerns for Confidential Virtual Machines
Visual Studio Code’s Copilot Studio Extension Now Widely Available
AWS CodeBuild Critical Security Flaw Exposed GitHub Repositories
Critical Vulnerability in Modular DS WordPress Plugin Exploited
Microsoft and Law Enforcement Collaborate to Dismantle RedVDS
Critical Remote Code Execution Threat in Fortinet’s SIEM Solution Exposed
New Linux Malware, VoidLink, Exploits Cloud Infrastructures with Over 30 Plugins
Malware Campaign Exploits DLL Side-Loading in c-ares Library
Fortinet’s Latest Patches Target Critical Vulnerabilities in FortiFone and FortiSIEM
Court Dismisses Investor Dispute Against CrowdStrike Due to Insufficient Evidence
Lumen Technologies Disrupts AISURU and Kimwolf Botnet Networks
Telecom Giants Face Significant GDPR Fines Due to Data Breaches
Aikido Security Secures $60 Million Investment at $1 Billion Valuation
PLUGGYAPE Malware Targets Ukraine’s Defense Amid Rising Cyber Threats
Verizon Wireless Faces Widespread U.S. Outage and Service Issues
GoBruteforcer Botnet Exploits Weak Server Credentials to Target Crypto Ventures
Chrome Extension Impersonates Trading Tool to Steal MEXC API Keys
Android Users Encounter Issue with Volume Buttons When Accessibility Features are Enabled
Fried Frank Data Breach: Implications for High-Profile Clients
Google Chrome Introduces Option to Delete Local AI Models
Cybersecurity
Google Chrome Introduces Option to Delete Local AI Models
Andrew Doyle January 19, 2026
Google's Chrome browser introduces a new feature enabling users to delete local AI models linked to its Enhanced Protection feature. This change offers users greater ...
Tennessee Hacker Admits Guilt in Supreme Court Filing System Breach
Cybersecurity
Tennessee Hacker Admits Guilt in Supreme Court Filing System Breach
Mitchell Langley January 19, 2026
Nicholas Moore, a Tennessee man, confessed to hacking the U.S. Supreme Court’s filing system. His illegal activities also impacted other federal agencies, including AmeriCorps and ...
Monnai Secures $12 Million to Bolster Identity and Risk Data Services
Identity and Access Management
Monnai Secures $12 Million to Bolster Identity and Risk Data Services
Mitchell Langley January 19, 2026
The recent funding will enable Monnai to enhance its identity verification and risk management services, targeting financial institutions and digital firms.
New Chrome Extensions Disguised as HR Tools Pose Security Threat
Cybersecurity
New Chrome Extensions Disguised as HR Tools Pose Security Threat
Mitchell Langley January 19, 2026
Researchers have identified five Chrome extensions disguising themselves as HR and ERP tools. These malicious extensions aim to steal authentication tokens, obstruct incident response, and ...
GootLoader Employs Malformed ZIP Files to Evade Detection
News
GootLoader Employs Malformed ZIP Files to Evade Detection
Gabby Lee January 19, 2026
Cybersecurity analysts have discovered that GootLoader is using malformed ZIP archives in a bid to circumvent detection. By concatenating 500 to 1,000 archives, it employs ...
Verizon Offers Compensation after Nationwide Wireless Service Outage
Network Security
Verizon Offers Compensation after Nationwide Wireless Service Outage
Andrew Doyle January 19, 2026
Verizon Wireless addresses last week's widespread outage by informing affected customers about a $20 account credit. Customers are receiving text messages with precise steps on ...
Microsoft Patch Tuesday Update Sparks Unrest in PCs
Cybersecurity
Microsoft Patch Tuesday Update Sparks Unrest in PCs
Mitchell Langley January 19, 2026
Microsoft’s recent Patch Tuesday update introduced a peculiar bug affecting some PCs, preventing them from shutting down or entering hibernation. The issue, tied to Secure ...
Law Enforcement Identifies Black Basta Ransomware Leader
News
Law Enforcement Identifies Black Basta Ransomware Leader
Gabby Lee January 19, 2026
Ukraine and Germany confirm the identity of the Black Basta ransomware leader, now on the Europol and Interpol wanted lists. Law enforcement's collaboration highlights global ...
HPE OneView Mass Vulnerability Exploitation Threatens Government Agencies
Application Security
HPE OneView Mass Vulnerability Exploitation Threatens Government Agencies
Andrew Doyle January 18, 2026
Over 40,000 cyberattacks in four hours exploited a critical HPE OneView vulnerability. The attacks primarily targeted government agencies, utilizing the RondoDox botnet to execute mass, ...
Project Eleven Secures Significant Funding to Propel Post-Quantum Security
Cybersecurity
Project Eleven Secures $20 Million Funding to Propel Post-Quantum Security
Mitchell Langley January 18, 2026
Project Eleven has successfully raised $20 million in funding to develop infrastructure and tools essential for organizations transitioning to post-quantum computing. With this substantial investment, ...
UAT-8837 Threat Actor Linked to China Targeting North American Infrastructure
News
UAT-8837 Threat Actor Linked to China Targeting North American Infrastructure
Andrew Doyle January 18, 2026
The cyber threat actor UAT-8837, associated with China, targets North American critical infrastructure through the exploitation of known and zero-day vulnerabilities. This sophisticated adversary demonstrates ...
Canada's Investment Watchdog Suffers Massive Data Breach 750,000 Impacted by CIRO Security Incident
Data Security
Canada’s Investment Watchdog Suffers Massive Data Breach: 750,000 Impacted by CIRO Security Incident
Mitchell Langley January 18, 2026
The Canadian Investment Regulatory Organization (CIRO), responsible for regulating investment dealers, reported a significant data breach. Threat actors stole personal information from 750,000 people, highlighting ...
XSS Vulnerability in StealC Malware's Control Panel Uncovered
Application Security
XSS Vulnerability in StealC Malware’s Control Panel Uncovered
Gabby Lee January 18, 2026
Security researchers exploiting an XSS flaw in StealC malware's control panel gained visibility into attackers' activities and hardware details. This access offers critical insights into ...
Fleeing Ransomware Leader Now Among Germany's Most Wanted
News
Fleeing Ransomware Leader Now Among Germany’s Most Wanted
Andrew Doyle January 18, 2026
Russian national Oleg Evgenievich Nefekov, involved in major ransomware activities, has evaded capture, reportedly returning to his homeland. German authorities have now placed him on ...
Analyzing AI in Security Testing SQL Injection Strong yet Fails in Controls
Cybersecurity
Analyzing AI in Security Testing: SQL Injection Strong yet Fails in Controls
Mitchell Langley January 18, 2026
A recent test assessed AI's ability to tackle SQL injection (SQLi) vulnerabilities and security controls, revealing mixed outcomes. The AI agents adeptly handled SQLi but ...
New Vulnerability Affects Google’s Fast Pair Bluetooth Protocol
Cybersecurity
New Vulnerability Affects Google’s Fast Pair Bluetooth Protocol
Gabby Lee January 18, 2026
Google's Fast Pair protocol is facing scrutiny due to a significant vulnerability that permits unauthorized Bluetooth device hijacking, tracking, and eavesdropping.
New Attack Method, Reprompt, Poses Significant Risk to AI Chatbots
Cybersecurity
New Attack Method, Reprompt, Poses Significant Risk to AI Chatbots
Andrew Doyle January 18, 2026
Cybersecurity experts have unveiled a novel attack strategy, Reprompt, that facilitates unauthorized data extraction from AI chatbots like Microsoft Copilot. Exploiting this vulnerability involves a ...
Critical Security Vulnerabilities Redis Found at Risk of Unauthenticated RCE
Application Security
Critical Security Vulnerabilities: Redis Found at Risk of Unauthenticated RCE
Mitchell Langley January 18, 2026
Recent discovery of a security flaw in Redis has left the system vulnerable to unauthenticated remote code execution (RCE). This unsettling development can have dire ...
AMD's ‘StackWarp’ Exploit Raises Concerns for Confidential Virtual Machines
Endpoint Security
AMD’s ‘StackWarp’ Exploit Raises Concerns for Confidential Virtual Machines
Gabby Lee January 18, 2026
Researchers spotlight the ‘StackWarp’ attack, a novel methodology targeting AMD processors. This vulnerability enables remote code execution in confidential virtual machines (VMs), challenging security paradigms ...
Visual Studio Code's Copilot Studio Extension Now Widely Available
Application Security
Visual Studio Code’s Copilot Studio Extension Now Widely Available
Andrew Doyle January 18, 2026
Microsoft's Copilot Studio extension for Visual Studio Code, designed to bolster application security, is now accessible to all users. This extension aims to enhance development ...
Google Chrome Introduces Option to Delete Local AI Models
Cybersecurity
Google Chrome Introduces Option to Delete Local AI Models
Andrew Doyle January 19, 2026
Canada's Investment Watchdog Suffers Massive Data Breach 750,000 Impacted by CIRO Security Incident
Data Security
Canada’s Investment Watchdog Suffers Massive Data Breach: 750,000 Impacted by CIRO Security Incident
Mitchell Langley January 18, 2026
GootLoader Employs Malformed ZIP Files to Evade Detection
News
GootLoader Employs Malformed ZIP Files to Evade Detection
Gabby Lee January 19, 2026
Law Enforcement Identifies Black Basta Ransomware Leader
News
Law Enforcement Identifies Black Basta Ransomware Leader
Gabby Lee January 19, 2026

TOP CYBERSECURITY HEADLINES

New Chrome Extensions Disguised as HR Tools Pose Security Threat
Cybersecurity
New Chrome Extensions Disguised as HR Tools Pose Security Threat
GootLoader Employs Malformed ZIP Files to Evade Detection
News
GootLoader Employs Malformed ZIP Files to Evade Detection
Verizon Offers Compensation after Nationwide Wireless Service Outage
Network Security
Verizon Offers Compensation after Nationwide Wireless Service Outage
Microsoft Patch Tuesday Update Sparks Unrest in PCs
Cybersecurity
Microsoft Patch Tuesday Update Sparks Unrest in PCs

This Week’s Security Spotlight

Canada's Investment Watchdog Suffers Massive Data Breach 750,000 Impacted by CIRO Security Incident
Data Security
Canada’s Investment Watchdog Suffers Massive Data Breach: 750,000 Impacted by CIRO Security Incident
Mitchell Langley January 18, 2026
AMD's ‘StackWarp’ Exploit Raises Concerns for Confidential Virtual Machines
Endpoint Security
AMD’s ‘StackWarp’ Exploit Raises Concerns for Confidential Virtual Machines
Gabby Lee January 18, 2026
Court Dismisses Investor Dispute Against CrowdStrike Due to Insufficient Evidence
Cybersecurity
Court Dismisses Investor Dispute Against CrowdStrike Due to Insufficient Evidence
Mitchell Langley January 15, 2026
Fried Frank Data Breach Implications for High-Profile Clients
Data Security
Fried Frank Data Breach: Implications for High-Profile Clients
Andrew Doyle January 14, 2026
More In News
Trending
How Misconfigured Email Routing Opens the Door for Credential Theft
Phishers Pose as Booking.com to Compromise European Hotels
Phishing Campaign Targets Users with Google Cloud Application Exploitation
Silver Fox Exploits Tax Lures in India to Spread ValleyRAT

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
October 28, 2025
Podcasts
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
October 28, 2025
Podcasts
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
October 28, 2025

Cyber Security News

Google Chrome Introduces Option to Delete Local AI Models
Cybersecurity
Google Chrome Introduces Option to Delete Local AI Models
January 19, 2026
Tennessee Hacker Admits Guilt in Supreme Court Filing System Breach
Cybersecurity
Tennessee Hacker Admits Guilt in Supreme Court Filing System Breach
January 19, 2026
Monnai Secures $12 Million to Bolster Identity and Risk Data Services
Identity and Access Management
Monnai Secures $12 Million to Bolster Identity and Risk Data Services
January 19, 2026
New Chrome Extensions Disguised as HR Tools Pose Security Threat
Cybersecurity
New Chrome Extensions Disguised as HR Tools Pose Security Threat
January 19, 2026
Verizon Offers Compensation after Nationwide Wireless Service Outage
Network Security
Verizon Offers Compensation after Nationwide Wireless Service Outage
January 19, 2026
Microsoft Patch Tuesday Update Sparks Unrest in PCs
Cybersecurity
Microsoft Patch Tuesday Update Sparks Unrest in PCs
January 19, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
New Chrome Extensions Disguised as HR Tools Pose Security Threat
January 19, 2026
Researchers have identified five Chrome extensions disguising themselves as HR and ERP tools. These malicious extensions aim to steal authentication tokens, obstruct incident response, and ...
GootLoader Employs Malformed ZIP Files to Evade Detection
January 19, 2026
Cybersecurity analysts have discovered that GootLoader is using malformed ZIP archives in a bid to circumvent detection. By concatenating 500 to 1,000 archives, it employs ...
Verizon Offers Compensation after Nationwide Wireless Service Outage
January 19, 2026
Verizon Wireless addresses last week's widespread outage by informing affected customers about a $20 account credit. Customers are receiving text messages with precise steps on ...
Microsoft Patch Tuesday Update Sparks Unrest in PCs
January 19, 2026
Microsoft’s recent Patch Tuesday update introduced a peculiar bug affecting some PCs, preventing them from shutting down or entering hibernation. The issue, tied to Secure ...
Law Enforcement Identifies Black Basta Ransomware Leader
January 19, 2026
Ukraine and Germany confirm the identity of the Black Basta ransomware leader, now on the Europol and Interpol wanted lists. Law enforcement's collaboration highlights global ...
HPE OneView Mass Vulnerability Exploitation Threatens Government Agencies
January 18, 2026
Over 40,000 cyberattacks in four hours exploited a critical HPE OneView vulnerability. The attacks primarily targeted government agencies, utilizing the RondoDox botnet to execute mass, ...
Project Eleven Secures $20 Million Funding to Propel Post-Quantum Security
January 18, 2026
Project Eleven has successfully raised $20 million in funding to develop infrastructure and tools essential for organizations transitioning to post-quantum computing. With this substantial investment, ...
UAT-8837 Threat Actor Linked to China Targeting North American Infrastructure
January 18, 2026
The cyber threat actor UAT-8837, associated with China, targets North American critical infrastructure through the exploitation of known and zero-day vulnerabilities. This sophisticated adversary demonstrates ...
Canada’s Investment Watchdog Suffers Massive Data Breach: 750,000 Impacted by CIRO Security Incident
January 18, 2026
The Canadian Investment Regulatory Organization (CIRO), responsible for regulating investment dealers, reported a significant data breach. Threat actors stole personal information from 750,000 people, highlighting ...
XSS Vulnerability in StealC Malware’s Control Panel Uncovered
January 18, 2026
Security researchers exploiting an XSS flaw in StealC malware's control panel gained visibility into attackers' activities and hardware details. This access offers critical insights into ...
Fleeing Ransomware Leader Now Among Germany’s Most Wanted
January 18, 2026
Russian national Oleg Evgenievich Nefekov, involved in major ransomware activities, has evaded capture, reportedly returning to his homeland. German authorities have now placed him on ...
Analyzing AI in Security Testing: SQL Injection Strong yet Fails in Controls
January 18, 2026
A recent test assessed AI's ability to tackle SQL injection (SQLi) vulnerabilities and security controls, revealing mixed outcomes. The AI agents adeptly handled SQLi but ...
New Vulnerability Affects Google’s Fast Pair Bluetooth Protocol
January 18, 2026
Google's Fast Pair protocol is facing scrutiny due to a significant vulnerability that permits unauthorized Bluetooth device hijacking, tracking, and eavesdropping.
New Attack Method, Reprompt, Poses Significant Risk to AI Chatbots
January 18, 2026
Cybersecurity experts have unveiled a novel attack strategy, Reprompt, that facilitates unauthorized data extraction from AI chatbots like Microsoft Copilot. Exploiting this vulnerability involves a ...
Critical Security Vulnerabilities: Redis Found at Risk of Unauthenticated RCE
January 18, 2026
Recent discovery of a security flaw in Redis has left the system vulnerable to unauthenticated remote code execution (RCE). This unsettling development can have dire ...
AMD’s ‘StackWarp’ Exploit Raises Concerns for Confidential Virtual Machines
January 18, 2026
Researchers spotlight the ‘StackWarp’ attack, a novel methodology targeting AMD processors. This vulnerability enables remote code execution in confidential virtual machines (VMs), challenging security paradigms ...
Visual Studio Code’s Copilot Studio Extension Now Widely Available
January 18, 2026
Microsoft's Copilot Studio extension for Visual Studio Code, designed to bolster application security, is now accessible to all users. This extension aims to enhance development ...
AWS CodeBuild Critical Security Flaw Exposed GitHub Repositories
January 18, 2026
A significant flaw in AWS CodeBuild could have exposed the cloud provider's GitHub repositories to unauthorized access, posing risks to multiple AWS environments. Addressed by ...
Critical Vulnerability in Modular DS WordPress Plugin Exploited
January 18, 2026
A serious security flaw in the Modular DS WordPress plugin has been identified and exploited, permitting unauthenticated privilege escalation. This vulnerability, CVE-2026-23550, has a maximum ...
OAuth Phishing Technique ConsentFix Poses New Threat to Microsoft Accounts
January 15, 2026
ConsentFix exploits browser-based OAuth flows to hijack Microsoft accounts. Understanding its mechanisms can help protect against this evolving phishing threat.
New Chrome Extensions Disguised as HR Tools Pose Security Threat
GootLoader Employs Malformed ZIP Files to Evade Detection
Verizon Offers Compensation after Nationwide Wireless Service Outage
Microsoft Patch Tuesday Update Sparks Unrest in PCs
Law Enforcement Identifies Black Basta Ransomware Leader
HPE OneView Mass Vulnerability Exploitation Threatens Government Agencies
Project Eleven Secures $20 Million Funding to Propel Post-Quantum Security
UAT-8837 Threat Actor Linked to China Targeting North American Infrastructure
Canada’s Investment Watchdog Suffers Massive Data Breach: 750,000 Impacted by CIRO Security Incident
XSS Vulnerability in StealC Malware’s Control Panel Uncovered
Fleeing Ransomware Leader Now Among Germany’s Most Wanted
Analyzing AI in Security Testing: SQL Injection Strong yet Fails in Controls
New Vulnerability Affects Google’s Fast Pair Bluetooth Protocol
New Attack Method, Reprompt, Poses Significant Risk to AI Chatbots
Critical Security Vulnerabilities: Redis Found at Risk of Unauthenticated RCE
AMD’s ‘StackWarp’ Exploit Raises Concerns for Confidential Virtual Machines
Visual Studio Code’s Copilot Studio Extension Now Widely Available
AWS CodeBuild Critical Security Flaw Exposed GitHub Repositories
Critical Vulnerability in Modular DS WordPress Plugin Exploited
OAuth Phishing Technique ConsentFix Poses New Threat to Microsoft Accounts