Cyber Security
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
CISA Warns of Craft CMS Code Injection Flaw
Top Cyber Threats Facing Enterprise Businesses in 2025: A Comprehensive Guide
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
Top 15 Networking Certifications to Supercharge Your Career in 2025
Top 10 Ransomware Groups of 2024: The Year’s Most Active Cyber Threats
Top 15 Cyberattacks of 2024: The Worst Incidents for Enterprise
Nuclei Vulnerability Allows Signature Bypass and Code Execution
This Week In Cybersecurity: 30th December to 03rd January
US Treasury Hack: Escalating Cyber Warfare Between US and China
Massive Healthcare Breaches Prompt Overhaul of US Cybersecurity Rules
WhatsApp Wins Against NSO Group: Judge Finds NSO Liable for Pegasus
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
News
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
Researchers uncovered a major AI vulnerability allowing attackers to bypass safeguards with a single prompt, gaining control over AI systems to generate dangerous content.
Marks & Spencer Halts Online Orders Following Cyberattack
News
Marks & Spencer Halts Online Orders Following Cyberattack
Marks & Spencer suspended online orders following a cyberattack impacting digital and in-store services, while investigations continue in collaboration with external cybersecurity specialists.
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
News
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
Marks & Spencer suspends online orders after a cyberattack disrupted services, affecting Click & Collect and contactless payments. Investigations continue with cybersecurity experts and government ...
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
News
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
Pro-Russian hackers NoName057(16) have intensified DDoS attacks against German organizations, targeting banks, manufacturers, and government websites in retaliation for political decisions related to Ukraine.
DragonForce Expands Ransomware Model with White-Label Branding
News
DragonForce Expands Ransomware Model with White-Label Branding
DragonForce expands its ransomware cartel with a white-label model, allowing affiliates to use its infrastructure under their own brand, taking a 20% cut of ransoms. ...
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
News
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
SK Telecom Reports Customer Data Breach Linked to Cyberattack SK Telecom, South Korea’s largest mobile carrier, announced that it suffered ...
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
News
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
Spyware hidden in a fake AlpineQuest app is stealing sensitive data from Russian soldiers, revealing operational plans via location tracking and real-time Telegram monitoring.
Frederick Health Data Breach Impacts 934,326 Patients
News
Frederick Health Data Breach Impacts 934,326 Patients
In January, a ransomware attack on Frederick Health Medical Group exposed sensitive data of 934,326 patients, triggering law enforcement involvement and mandatory federal breach reporting. ...
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
News
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
MTN confirms a data breach exposing limited customer data, assures core systems are safe. Law enforcement and regulators have been notified as investigations continue.
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
News
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
The Interlock ransomware group has claimed responsibility for a cyberattack on DaVita, leaking 1.5TB of sensitive data allegedly stolen from the Fortune 500 healthcare provider.
System Intrusions Surge Across EMEA, Verizon DBIR Warns
News
System Intrusions Surge Across EMEA, Verizon DBIR Warns
System intrusion breaches in EMEA doubled to 53% in one year, according to Verizon’s 2025 DBIR, as internal threats and third-party involvement surged globally.
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
News
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
Blue Shield of California disclosed a data breach impacting 4.7 million members after misconfigured Google Analytics exposed protected health information to Google Ads platforms.
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
News
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
A record-breaking 1.33 million-device botnet has driven a 110% surge in DDoS attacks in Q1 2025, targeting fintech, e-commerce, and telecom sectors.
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
News
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
A data breach at Yale New Haven Health exposed personal details of 5.5 million patients, with names, SSNs, and medical IDs among the data stolen. ...
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
News
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
Cybercrime losses in the U.S. hit $16.6 billion in 2024, with older adults and businesses suffering the most, according to new FBI complaint data.
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
News
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
Marks & Spencer confirms a cyberattack disrupting services, leading to delayed orders and affecting contactless payments, while assuring customers of ongoing efforts to resolve the ...
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Cybersecurity
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Varonis researchers reveal Cookie-Bite, a proof-of-concept Chrome extension attack that steals Azure Entra ID session cookies to bypass MFA and access Microsoft 365 services.
SK Telecom Malware Incident Targets USIM Customer Data
News
SK Telecom Malware Incident Targets USIM Customer Data
SK Telecom has disclosed a malware attack that exposed sensitive USIM data, prompting swift containment, investigation, and enhanced security measures for its 34 million subscribers. ...
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
News
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
Baltimore City Public Schools confirms 25,000 people were impacted by a February ransomware attack that exposed sensitive employee and student information, including identification documents.
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
News
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
A zero-day flaw in Active! Mail is under active exploitation in Japan, affecting major providers and exposing data across enterprise, education, and government sectors.

TOP CYBERSECURITY HEADLINES

SECURITYWEEK INDUSTRY EXPERTS

Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
Researchers uncovered a major AI vulnerability allowing attackers to bypass safeguards with a single prompt, gaining control over AI systems to generate dangerous content.
Hard-Coded Havoc: The Fatal Flaws in Planet’s Network Devices
A wave of critical vulnerabilities in Planet Technology’s industrial switches and network management systems could let attackers hijack devices, steal data, and sabotage industrial networks—with ...
Craft CMS Crisis: The 10.0-Rated RCE Flaw Every Developer Must Patch Now
A critical, actively exploited vulnerability (CVE-2025-32432) is wreaking havoc on Craft CMS—allowing attackers to execute arbitrary PHP code on unpatched servers with no authentication required. ...
Policy Puppetry: How a Single Prompt Can Trick ChatGPT, Gemini & More Into Revealing Secrets
Recent research by HiddenLayer has uncovered a shocking new AI vulnerability—dubbed the “Policy Puppetry Attack”—that can bypass safety guardrails in all major LLMs, including ChatGPT, ...
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Cybersecurity myths are more dangerous than you think. Here are 13 common myths that are silently sabotaging your security—and what to do instead.
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
Marks & Spencer suspends online orders after a cyberattack disrupted services, affecting Click & Collect and contactless payments. Investigations continue with cybersecurity experts and government ...
Marks & Spencer Halts Online Orders Following Cyberattack
Marks & Spencer suspended online orders following a cyberattack impacting digital and in-store services, while investigations continue in collaboration with external cybersecurity specialists.
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
Pro-Russian hackers NoName057(16) have intensified DDoS attacks against German organizations, targeting banks, manufacturers, and government websites in retaliation for political decisions related to Ukraine.
DragonForce Expands Ransomware Model with White-Label Branding
DragonForce expands its ransomware cartel with a white-label model, allowing affiliates to use its infrastructure under their own brand, taking a 20% cut of ransoms. ...
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
SK Telecom Reports Customer Data Breach Linked to Cyberattack SK Telecom, South Korea’s largest mobile carrier, announced that it suffered a major customer data breach ...
Lazarus Strikes Again: Inside Operation SyncHole and the 1-Day Exploitation Crisis
In this episode, we break down the most urgent cybersecurity developments from late April 2025—including the Lazarus Group’s high-profile “Operation SyncHole” targeting South Korean industries. ...
OAuth Phishing and Microsoft 365: The Hidden Threats SMBs Can’t Ignore
In this episode, we dissect the real-world challenges of securing Microsoft 365 environments—especially for small and medium-sized businesses—amid rising threats and licensing limitations. From Reddit ...
Navigating the Complex Intersection of AI and Data Privacy
The rise of artificial intelligence (AI) presents incredible opportunities, but it also introduces complex challenges regarding data privacy. This blog post delves into the crucial ...
Why Outlook Is Eating Your CPU — And What Microsoft Says About It
Microsoft has acknowledged a serious issue affecting users of classic Outlook for Windows: CPU usage spikes up to 50% just from typing emails. First appearing ...
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
Spyware hidden in a fake AlpineQuest app is stealing sensitive data from Russian soldiers, revealing operational plans via location tracking and real-time Telegram monitoring.
Frederick Health Data Breach Impacts 934,326 Patients
In January, a ransomware attack on Frederick Health Medical Group exposed sensitive data of 934,326 patients, triggering law enforcement involvement and mandatory federal breach reporting. ...
This Week In Cybersecurity: 21st – 25th April, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
The Interlock ransomware group has claimed responsibility for a cyberattack on DaVita, leaking 1.5TB of sensitive data allegedly stolen from the Fortune 500 healthcare provider.
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
MTN confirms a data breach exposing limited customer data, assures core systems are safe. Law enforcement and regulators have been notified as investigations continue.
Trojan Map App: Spyware Targets Russian Soldiers via Alpine Quest
A newly discovered Android spyware campaign is targeting Russian military personnel by weaponizing a popular mapping app. Disguised as a cracked version of Alpine Quest ...