Cyber Security
Cybersecurity
Apple Warns Users of Sophisticated Spyware Attacks Across Multiple Countries
Mitchell Langley
September 15, 2025
Apple has warned users in over 150 countries of mercenary spyware attacks using zero-days and zero-click exploits, urging Lockdown Mode and emergency security assistance.
Cybersecurity
Microsoft to Roll Out Built-In Link Warnings for Teams Chats
Andrew Doyle
September 15, 2025
Microsoft will roll out real-time malicious link warnings for Teams chats in September 2025, adding another security layer to protect enterprise users from phishing and ...
Cybersecurity
National Cyber Director Pushes for Aggressive Cyber Strategy to Shift Risk to Adversaries
Gabby Lee
September 11, 2025
National Cyber Director Sean Cairncross calls for a unified cyber strategy, urging CISA 2015 reauthorization, IT modernization, and stronger deterrence measures to shift risk onto ...
Cybersecurity
U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
Mitchell Langley
September 11, 2025
The U.S. Treasury sanctioned 19 Southeast Asian cybercrime networks tied to forced labor, trafficking, and scams that stole over $10 billion from Americans in 2024.
Cybersecurity
Temu Fined $2 Million for INFORM Consumers Act Violations
Andrew Doyle
September 11, 2025
Temu will pay $2 million to settle FTC and DoJ claims it violated the INFORM Consumers Act by failing to disclose seller details and suspicious ...
Cybersecurity
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
Gabby Lee
September 11, 2025
A major data privacy lapse has rattled the New South Wales (NSW) health system after confidential records of nearly 600 ...
Cybersecurity
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development
Mitchell Langley
September 11, 2025
Attackers targeting exposed Docker APIs have upgraded their tools, enabling persistent access, lateral movement, and self-replication—laying the groundwork for a potential large-scale botnet campaign.
Cybersecurity
Dynatrace Confirms Customer Data Exposure in Salesforce Supply Chain Breach
Syed Arslan
September 11, 2025
Dynatrace confirmed customer data exposure in the Salesforce supply chain breach via Salesloft Drift, joining Cloudflare, Google, and others hit by the Scattered LapSus$ Hunters ...
Cybersecurity
Wealthsimple Data Breach Exposes Government IDs in Third-Party Attack
Gabby Lee
September 11, 2025
Wealthsimple confirmed a third-party data breach exposing account numbers, government IDs, and SINs of 30,000 clients. No funds stolen, but identity theft risks remain significant.
Cybersecurity
External Attack Surface Management: CISO’s Guide to Mitigating Risk Before It Strikes
Andrew Doyle
September 11, 2025
External Attack Surface Management gives CISOs continuous visibility into internet-facing assets, prioritizes risks by context, and enables proactive remediation—shrinking exposure before attackers exploit vulnerabilities.
Cybersecurity
Salesloft Data Breach Exposes 700 Companies Through OAuth Token Attack
Andrew Doyle
September 11, 2025
A major security breach at Salesloft has compromised sensitive information from more than 700 companies, marking one of the largest ...
Cybersecurity
U.S. Charges Ukrainian National for Administering Ransomware
Andrew Doyle
September 11, 2025
The U.S. charged Ukrainian national Volodymyr Tymoshchuk for administering LockerGoga, MegaCortex, and Nefilim ransomware, linked to hundreds of corporate breaches and millions in damages worldwide.
Cybersecurity
Doctors Outraged After NSW Health Department Leaks Personal and Professional Data
Gabby Lee
September 11, 2025
NSW Health exposed passports, medical credentials, and IDs of nearly 600 doctors, sparking outrage and raising serious risks of identity theft, fraud, and professional impersonation.
Cybersecurity
Salt Typhoon Breach Exposes U.S. Telecom Wiretap Systems
Gabby Lee
September 10, 2025
Chinese-linked APT group Salt Typhoon infiltrated major U.S. telecom providers in 2024, compromising surveillance systems and metadata from millions of users. The breach exposed lawful ...
Cybersecurity
China Is Blurring the Lines Between Civilian AI and Military Power
Andrew Doyle
September 9, 2025
China is merging civilian AI with military applications. Everyday tools like drones and voice apps are being leveraged by the PLA, according to a CSET ...
Cybersecurity
Rose Acre Farms Targeted in Alleged Lynx Ransomware Attack
Gabby Lee
September 9, 2025
Rose Acre Farms, America’s second-largest egg producer, was allegedly hit by Lynx ransomware, with attackers claiming encrypted data in a breach that threatens food supply ...
Cybersecurity
Lovesac Confirms Data Breach Following Ransomware Attack
Mitchell Langley
September 9, 2025
Lovesac confirmed a ransomware-linked data breach impacting personal information. Attackers accessed systems in February 2025, with stolen data linked to the RansomHub ransomware group’s extortion ...
Cybersecurity
GhostAction Supply Chain Attack on GitHub Exposes 3,325 Secrets
Mitchell Langley
September 9, 2025
The GhostAction supply chain attack on GitHub compromised 3,325 secrets, including npm, PyPI, AWS, and GitHub tokens, after attackers injected malicious workflows into 817 repositories.
Cybersecurity
Qantas Airways Reduces CEO’s Bonus Following July Data Breach
Andrew Doyle
September 9, 2025
Qantas Airways reduced CEO Vanessa Hudson’s pay by $250,000 following a July cyber attack that exposed 4.5 million customer records, reflecting leadership accountability and strengthened ...
Cybersecurity
This Week In Cybersecurity: September 1–5, 2025
Andrew Doyle
September 8, 2025
News Stories Jaguar Land Rover Cyberattack Severely Disrupts Production Systems Taken Offline Jaguar Land Rover halted operations after a cyberattack ...
Cybersecurity
Apple Warns Users of Sophisticated Spyware Attacks Across Multiple Countries
Mitchell Langley
September 15, 2025
Cybersecurity
Evertec Confirms $130M Fraud Attempt in Sinqia Pix Cyberattack
Gabby Lee
September 4, 2025
News
Maryland’s Paratransit Ransomware Strike: Cyberattack Disrupts Disabled Transit Services
Mitchell Langley
September 2, 2025
News
Inotiv Ransomware Attack Disrupts Operations After Qilin Claims 176GB Data Theft
Gabby Lee
August 19, 2025
TOP CYBERSECURITY HEADLINES
This Week’s Security Spotlight
Cybersecurity
Cloudflare Confirms Salesforce Breach in Growing Supply Chain Attack
Andrew Doyle
September 4, 2025
Cybersecurity
Hackers Threaten Google with Data Leak Unless it Fires Threat Intelligence Employees
Mitchell Langley
September 3, 2025
Cybersecurity
SK Telecom Hit with Record US$96.9 Million Fine After Data Breach Exposes 23 Million Users
Gabby Lee
September 3, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Detection Tools
U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
September 11, 2025
The U.S. Treasury sanctioned 19 Southeast Asian cybercrime networks tied to forced labor, trafficking, and scams that stole over $10 billion from Americans in 2024.
Temu Fined $2 Million for INFORM Consumers Act Violations
September 11, 2025
Temu will pay $2 million to settle FTC and DoJ claims it violated the INFORM Consumers Act by failing to disclose seller details and suspicious ...
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development
September 11, 2025
Attackers targeting exposed Docker APIs have upgraded their tools, enabling persistent access, lateral movement, and self-replication—laying the groundwork for a potential large-scale botnet campaign.
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
September 11, 2025
A major data privacy lapse has rattled the New South Wales (NSW) health system after confidential records of nearly 600 medical staff — including 67 ...
Wealthsimple Data Breach Exposes Government IDs in Third-Party Attack
September 11, 2025
Wealthsimple confirmed a third-party data breach exposing account numbers, government IDs, and SINs of 30,000 clients. No funds stolen, but identity theft risks remain significant.
Dynatrace Confirms Customer Data Exposure in Salesforce Supply Chain Breach
September 11, 2025
Dynatrace confirmed customer data exposure in the Salesforce supply chain breach via Salesloft Drift, joining Cloudflare, Google, and others hit by the Scattered LapSus$ Hunters ...
External Attack Surface Management: CISO’s Guide to Mitigating Risk Before It Strikes
September 11, 2025
External Attack Surface Management gives CISOs continuous visibility into internet-facing assets, prioritizes risks by context, and enables proactive remediation—shrinking exposure before attackers exploit vulnerabilities.
Salesloft Data Breach Exposes 700 Companies Through OAuth Token Attack
September 11, 2025
A major security breach at Salesloft has compromised sensitive information from more than 700 companies, marking one of the largest enterprise incidents linked to OAuth ...
U.S. Charges Ukrainian National for Administering Ransomware
September 11, 2025
The U.S. charged Ukrainian national Volodymyr Tymoshchuk for administering LockerGoga, MegaCortex, and Nefilim ransomware, linked to hundreds of corporate breaches and millions in damages worldwide.
Doctors Outraged After NSW Health Department Leaks Personal and Professional Data
September 11, 2025
NSW Health exposed passports, medical credentials, and IDs of nearly 600 doctors, sparking outrage and raising serious risks of identity theft, fraud, and professional impersonation.
Salt Typhoon Breach Exposes U.S. Telecom Wiretap Systems
September 10, 2025
Chinese-linked APT group Salt Typhoon infiltrated major U.S. telecom providers in 2024, compromising surveillance systems and metadata from millions of users. The breach exposed lawful ...
China Is Blurring the Lines Between Civilian AI and Military Power
September 9, 2025
China is merging civilian AI with military applications. Everyday tools like drones and voice apps are being leveraged by the PLA, according to a CSET ...
Rose Acre Farms Targeted in Alleged Lynx Ransomware Attack
September 9, 2025
Rose Acre Farms, America’s second-largest egg producer, was allegedly hit by Lynx ransomware, with attackers claiming encrypted data in a breach that threatens food supply ...
Lovesac Confirms Data Breach Following Ransomware Attack
September 9, 2025
Lovesac confirmed a ransomware-linked data breach impacting personal information. Attackers accessed systems in February 2025, with stolen data linked to the RansomHub ransomware group’s extortion ...
GhostAction Supply Chain Attack on GitHub Exposes 3,325 Secrets
September 9, 2025
The GhostAction supply chain attack on GitHub compromised 3,325 secrets, including npm, PyPI, AWS, and GitHub tokens, after attackers injected malicious workflows into 817 repositories.
Qantas Airways Reduces CEO’s Bonus Following July Data Breach
September 9, 2025
Qantas Airways reduced CEO Vanessa Hudson’s pay by $250,000 following a July cyber attack that exposed 4.5 million customer records, reflecting leadership accountability and strengthened ...
The “s1ngularity” Attack: How Hackers Hijacked Nx and Leaked Thousands of Repositories
September 8, 2025
In late August 2025, the open-source software ecosystem was rocked by a sophisticated two-phase supply chain attack, now known as “s1ngularity.” The incident began when ...
Canadian Investment Giant Wealthsimple Hit by Vendor Compromise
September 8, 2025
Wealthsimple, one of Canada’s largest online investment platforms, has confirmed a data breach that exposed the sensitive information of fewer than 1% of its three ...
FireCompass Raises $20M to Scale AI-Powered Offensive Security
September 8, 2025
In a year when cybercrime is projected to cost the world over $10.5 trillion, FireCompass has emerged as one of the most closely watched AI-driven ...
CVE-2025-42957: Active Exploits Target SAP S/4HANA Systems
September 8, 2025
A newly uncovered critical vulnerability, tracked as CVE-2025-42957, is sending shockwaves through the enterprise technology world. Affecting all SAP S/4HANA deployments, both on-premise and in ...