Cyber Security
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
‘PhantomRaven’ Supply-Chain Campaign Floods npm Registry with Malicious Packages
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
Fake Starlink Android Apps Spread BeatBanker Malware
ELECQ Data Breach May Have Exposed EV Charger Users’ Private Information
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
Malicious npm Package Disguises as OpenClaw Installer for Data Theft
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Tier 1 SOC Analysts Are Carrying More Weight Than They Should
Joint Operation Dismantles Criminal Syndicate Exploiting Ukrainian War Refugees
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
Russian Ransomware Operator Admits Guilt in U.S. Court
Meta’s Smart Glasses Face Privacy Investigation in Britain
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
HungerRush POS Platform Targeted in Data Extortion Scheme
Fake OpenClaw Installers on GitHub Are Stealing User Data
Coruna iOS Exploits Target Apple Devices in Espionage and Financial Attacks
FBI Seizes LeakBase and Disrupts a Major Cybercrime Forum
Zurich Forms Cyber Insurance Powerhouse with $11 Billion Beazley Acquisition
Retaliatory Hacktivism Escalates Amid Epic Fury and Roaring Lion Military Operations
Global Arrests Made in a Social Media Scam Targeting Thousands
Cybersecurity
Global Arrests Made in a Social Media Scam Targeting Thousands
Authorities dismantle a major social media scam ring, arresting suspects and affecting thousands.
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
Application Security
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
An SQL injection flaw in the Ally WordPress plugin poses data breach risks on over 400,000 websites.
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
Cybersecurity
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
WhatsApp rolls out a feature for parent-managed accounts, enhancing safety for pre-teen users.
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
The Senate has confirmed Joshua Rudd to head both the NSA and US Cyber Command, continuing the "dual-hat" arrangement.
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
Cybersecurity
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
Police Scotland faces a £66,000 fine due to mishandling sensitive data.
'PhantomRaven' Supply-Chain Campaign Floods npm Registry with Malicious Packages
Application Security
‘PhantomRaven’ Supply-Chain Campaign Floods npm Registry with Malicious Packages
'PhantomRaven' attacks are affecting JavaScript developers by targeting the npm registry with dozens of malicious packages designed to steal sensitive...
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
Cybersecurity
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
Stryker, a medical tech leader, attacked by pro-Palestinian hacktivist group Handala, using impactful wiper malware.
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Two critical security vulnerabilities in n8n automation platform have been patched.
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
Cybersecurity
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
Google completes $32 billion acquisition of cloud security leader Wiz, expanding its cybersecurity capabilities.
Fake Starlink Android Apps Spread BeatBanker Malware
Cybersecurity
Fake Starlink Android Apps Spread BeatBanker Malware
BeatBanker Android malware targets users through fake apps.
ELECQ Data Breach May Have Exposed EV Charger Users' Private Information
Cybersecurity
ELECQ Data Breach May Have Exposed EV Charger Users’ Private Information
ELECQ warns of potential data theft after ransomware attack on its cloud systems.
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
Cybersecurity
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
Ericsson Inc. reports data theft affecting employees and customers due to a service provider breach.
Malicious npm Package Disguises as OpenClaw Installer for Data Theft
Application Security
Malicious npm Package Disguises as OpenClaw Installer for Data Theft
New npm threat involves package posing as OpenClaw installer deploying RAT to steal sensitive data.
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant's Own Tool
Application Security
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
ShinyHunters claims responsibility for a high-profile data breach affecting Salesforce and other major companies, utilizing an open-source tool develo...
Salesforce's Experience Cloud Platform Faces Vulnerability Challenges
Application Security
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
Salesforce's Experience Cloud under scrutiny as vulnerabilities expose extensive data risks.
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
News
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
Russian hackers are targeting Signal and WhatsApp accounts of officials globally, posing cyber risks.
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
Cybersecurity
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
North Korean state-sponsored threat actors are suspected of a 2025 cryptocurrency cloud heist.
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
Cybersecurity
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
Microsoft is still working to resolve a bright white flash issue in Windows 11's File Explorer that continues to affect users on certain systems.
Dutch Police Give Suspected Scammers a Two-Week Deadline to Surrender
News
Dutch Police Give Suspected Scammers a Two-Week Deadline to Surrender
Dutch police give 100 alleged scammers two weeks to surrender, or their images could be displayed nationwide.
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
Cybersecurity
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
New ClickFix technique utilizes Windows Terminal instead of the Run dialog to bypass security measures.

TOP CYBERSECURITY HEADLINES

This Week’s Security Spotlight

Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
The Senate has confirmed Joshua Rudd to head both the NSA and US Cyber Command, continuing the "dual-hat" arrangement.
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
Police Scotland faces a £66,000 fine due to mishandling sensitive data.
‘PhantomRaven’ Supply-Chain Campaign Floods npm Registry with Malicious Packages
'PhantomRaven' attacks are affecting JavaScript developers by targeting the npm registry with dozens of malicious packages designed to steal sensitive...
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
Stryker, a medical tech leader, attacked by pro-Palestinian hacktivist group Handala, using impactful wiper malware.
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Two critical security vulnerabilities in n8n automation platform have been patched.
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
Google completes $32 billion acquisition of cloud security leader Wiz, expanding its cybersecurity capabilities.
Fake Starlink Android Apps Spread BeatBanker Malware
BeatBanker Android malware targets users through fake apps.
ELECQ Data Breach May Have Exposed EV Charger Users’ Private Information
ELECQ warns of potential data theft after ransomware attack on its cloud systems.
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
Ericsson Inc. reports data theft affecting employees and customers due to a service provider breach.
Malicious npm Package Disguises as OpenClaw Installer for Data Theft
New npm threat involves package posing as OpenClaw installer deploying RAT to steal sensitive data.
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
ShinyHunters claims responsibility for a high-profile data breach affecting Salesforce and other major companies, utilizing an open-source tool develo...
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
Salesforce's Experience Cloud under scrutiny as vulnerabilities expose extensive data risks.
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
Russian hackers are targeting Signal and WhatsApp accounts of officials globally, posing cyber risks.
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
North Korean state-sponsored threat actors are suspected of a 2025 cryptocurrency cloud heist.
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
Microsoft is still working to resolve a bright white flash issue in Windows 11's File Explorer that continues to affect users on certain systems.
Dutch Police Give Suspected Scammers a Two-Week Deadline to Surrender
Dutch police give 100 alleged scammers two weeks to surrender, or their images could be displayed nationwide.
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
New ClickFix technique utilizes Windows Terminal instead of the Run dialog to bypass security measures.
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
A vulnerability in Perplexity's Comet browser exposed local files to potential theft via calendar events.
Tier 1 SOC Analysts Are Carrying More Weight Than They Should
Tier 1 SOC analysts face unique challenges in threat detection due to their inexperience, affecting overall security operations center performance.
Joint Operation Dismantles Criminal Syndicate Exploiting Ukrainian War Refugees
Investigation dismantles online gambling criminal syndicate exploiting war-displaced women, highlights international collaboration in cybersecurity.