Cyber Security
News
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
Andrew Doyle
April 28, 2025
Researchers uncovered a major AI vulnerability allowing attackers to bypass safeguards with a single prompt, gaining control over AI systems to generate dangerous content.
News
Marks & Spencer Halts Online Orders Following Cyberattack
Andrew Doyle
April 28, 2025
Marks & Spencer suspended online orders following a cyberattack impacting digital and in-store services, while investigations continue in collaboration with external cybersecurity specialists.
News
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
Mitchell Langley
April 28, 2025
Marks & Spencer suspends online orders after a cyberattack disrupted services, affecting Click & Collect and contactless payments. Investigations continue with cybersecurity experts and government ...
News
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
Mitchell Langley
April 28, 2025
Pro-Russian hackers NoName057(16) have intensified DDoS attacks against German organizations, targeting banks, manufacturers, and government websites in retaliation for political decisions related to Ukraine.
News
DragonForce Expands Ransomware Model with White-Label Branding
Andrew Doyle
April 28, 2025
DragonForce expands its ransomware cartel with a white-label model, allowing affiliates to use its infrastructure under their own brand, taking a 20% cut of ransoms. ...
News
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
Mitchell Langley
April 28, 2025
SK Telecom Reports Customer Data Breach Linked to Cyberattack SK Telecom, South Korea’s largest mobile carrier, announced that it suffered ...
News
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
Mitchell Langley
April 25, 2025
Spyware hidden in a fake AlpineQuest app is stealing sensitive data from Russian soldiers, revealing operational plans via location tracking and real-time Telegram monitoring.
News
Frederick Health Data Breach Impacts 934,326 Patients
Mitchell Langley
April 25, 2025
In January, a ransomware attack on Frederick Health Medical Group exposed sensitive data of 934,326 patients, triggering law enforcement involvement and mandatory federal breach reporting. ...
News
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
Andrew Doyle
April 25, 2025
MTN confirms a data breach exposing limited customer data, assures core systems are safe. Law enforcement and regulators have been notified as investigations continue.
News
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
Andrew Doyle
April 25, 2025
The Interlock ransomware group has claimed responsibility for a cyberattack on DaVita, leaking 1.5TB of sensitive data allegedly stolen from the Fortune 500 healthcare provider.
News
System Intrusions Surge Across EMEA, Verizon DBIR Warns
Andrew Doyle
April 24, 2025
System intrusion breaches in EMEA doubled to 53% in one year, according to Verizon’s 2025 DBIR, as internal threats and third-party involvement surged globally.
News
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
Mitchell Langley
April 24, 2025
Blue Shield of California disclosed a data breach impacting 4.7 million members after misconfigured Google Analytics exposed protected health information to Google Ads platforms.
News
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
Andrew Doyle
April 24, 2025
A record-breaking 1.33 million-device botnet has driven a 110% surge in DDoS attacks in Q1 2025, targeting fintech, e-commerce, and telecom sectors.
News
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
Andrew Doyle
April 24, 2025
A data breach at Yale New Haven Health exposed personal details of 5.5 million patients, with names, SSNs, and medical IDs among the data stolen. ...
News
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
Mitchell Langley
April 24, 2025
Cybercrime losses in the U.S. hit $16.6 billion in 2024, with older adults and businesses suffering the most, according to new FBI complaint data.
News
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
Mitchell Langley
April 23, 2025
Marks & Spencer confirms a cyberattack disrupting services, leading to delayed orders and affecting contactless payments, while assuring customers of ongoing efforts to resolve the ...
Cybersecurity
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Syed Arslan
April 23, 2025
Varonis researchers reveal Cookie-Bite, a proof-of-concept Chrome extension attack that steals Azure Entra ID session cookies to bypass MFA and access Microsoft 365 services.
News
SK Telecom Malware Incident Targets USIM Customer Data
Andrew Doyle
April 23, 2025
SK Telecom has disclosed a malware attack that exposed sensitive USIM data, prompting swift containment, investigation, and enhanced security measures for its 34 million subscribers. ...
News
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
Mitchell Langley
April 23, 2025
Baltimore City Public Schools confirms 25,000 people were impacted by a February ransomware attack that exposed sensitive employee and student information, including identification documents.
News
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
Andrew Doyle
April 23, 2025
A zero-day flaw in Active! Mail is under active exploitation in Japan, affecting major providers and exposing data across enterprise, education, and government sectors.
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle
April 21, 2025
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
News
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
Mitchell Langley
April 28, 2025
News
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
Mitchell Langley
April 28, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
April 28, 2025
Researchers uncovered a major AI vulnerability allowing attackers to bypass safeguards with a single prompt, gaining control over AI systems to generate dangerous content.
Hard-Coded Havoc: The Fatal Flaws in Planet’s Network Devices
April 28, 2025
A wave of critical vulnerabilities in Planet Technology’s industrial switches and network management systems could let attackers hijack devices, steal data, and sabotage industrial networks—with ...
Craft CMS Crisis: The 10.0-Rated RCE Flaw Every Developer Must Patch Now
April 28, 2025
A critical, actively exploited vulnerability (CVE-2025-32432) is wreaking havoc on Craft CMS—allowing attackers to execute arbitrary PHP code on unpatched servers with no authentication required. ...
Policy Puppetry: How a Single Prompt Can Trick ChatGPT, Gemini & More Into Revealing Secrets
April 28, 2025
Recent research by HiddenLayer has uncovered a shocking new AI vulnerability—dubbed the “Policy Puppetry Attack”—that can bypass safety guardrails in all major LLMs, including ChatGPT, ...
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
April 28, 2025
Cybersecurity myths are more dangerous than you think. Here are 13 common myths that are silently sabotaging your security—and what to do instead.
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
April 28, 2025
Marks & Spencer suspends online orders after a cyberattack disrupted services, affecting Click & Collect and contactless payments. Investigations continue with cybersecurity experts and government ...
Marks & Spencer Halts Online Orders Following Cyberattack
April 28, 2025
Marks & Spencer suspended online orders following a cyberattack impacting digital and in-store services, while investigations continue in collaboration with external cybersecurity specialists.
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
April 28, 2025
Pro-Russian hackers NoName057(16) have intensified DDoS attacks against German organizations, targeting banks, manufacturers, and government websites in retaliation for political decisions related to Ukraine.
DragonForce Expands Ransomware Model with White-Label Branding
April 28, 2025
DragonForce expands its ransomware cartel with a white-label model, allowing affiliates to use its infrastructure under their own brand, taking a 20% cut of ransoms. ...
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
April 28, 2025
SK Telecom Reports Customer Data Breach Linked to Cyberattack SK Telecom, South Korea’s largest mobile carrier, announced that it suffered a major customer data breach ...
Lazarus Strikes Again: Inside Operation SyncHole and the 1-Day Exploitation Crisis
April 25, 2025
In this episode, we break down the most urgent cybersecurity developments from late April 2025—including the Lazarus Group’s high-profile “Operation SyncHole” targeting South Korean industries. ...
OAuth Phishing and Microsoft 365: The Hidden Threats SMBs Can’t Ignore
April 25, 2025
In this episode, we dissect the real-world challenges of securing Microsoft 365 environments—especially for small and medium-sized businesses—amid rising threats and licensing limitations. From Reddit ...
Navigating the Complex Intersection of AI and Data Privacy
April 25, 2025
The rise of artificial intelligence (AI) presents incredible opportunities, but it also introduces complex challenges regarding data privacy. This blog post delves into the crucial ...
Why Outlook Is Eating Your CPU — And What Microsoft Says About It
April 25, 2025
Microsoft has acknowledged a serious issue affecting users of classic Outlook for Windows: CPU usage spikes up to 50% just from typing emails. First appearing ...
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
April 25, 2025
Spyware hidden in a fake AlpineQuest app is stealing sensitive data from Russian soldiers, revealing operational plans via location tracking and real-time Telegram monitoring.
Frederick Health Data Breach Impacts 934,326 Patients
April 25, 2025
In January, a ransomware attack on Frederick Health Medical Group exposed sensitive data of 934,326 patients, triggering law enforcement involvement and mandatory federal breach reporting. ...
This Week In Cybersecurity: 21st – 25th April, 2025
April 25, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
April 25, 2025
The Interlock ransomware group has claimed responsibility for a cyberattack on DaVita, leaking 1.5TB of sensitive data allegedly stolen from the Fortune 500 healthcare provider.
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
April 25, 2025
MTN confirms a data breach exposing limited customer data, assures core systems are safe. Law enforcement and regulators have been notified as investigations continue.
Trojan Map App: Spyware Targets Russian Soldiers via Alpine Quest
April 24, 2025
A newly discovered Android spyware campaign is targeting Russian military personnel by weaponizing a popular mapping app. Disguised as a cracked version of Alpine Quest ...