Main Menu
Cyber Security
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
CISA Warns of Craft CMS Code Injection Flaw
Top Cyber Threats Facing Enterprise Businesses in 2025: A Comprehensive Guide
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
North Korean Hackers TA406 Target Ukraine to Gauge Russia's Military Demands
News
North Korean Hackers TA406 Target Ukraine to Gauge Russia’s Military Demands
Mitchell Langley May 15, 2025
North Korean hackers TA406 target Ukrainian government entities to assess Russia’s war demands, using phishing, PowerShell malware, and credential theft to inform DPRK military strategy. ...
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
News
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
Mitchell Langley May 15, 2025
Bank Street College of Education exposed 500,000+ personal files via a misconfigured AWS bucket, including resumes and contact details. Risk of phishing and ID fraud ...
Dior Confirms Data Breach Exposing Chinese Customer Information
News
Dior Confirms Data Breach Exposing Chinese Customer Information
Mitchell Langley May 15, 2025
Christian Dior confirms a customer data breach affecting Chinese users. Names, contacts, and shopping data were leaked; no financial details were compromised. Investigation ongoing.
Nucor Shuts Down Production Lines Following Cybersecurity Incident
News
Nucor Shuts Down Production Lines Following Cybersecurity Incident
Mitchell Langley May 15, 2025
Nucor Corporation has shut down select production operations following a cybersecurity incident that compromised internal systems. The company is investigating and restoring operations.
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
News
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
Mitchell Langley May 15, 2025
Hackers are selling 89 million Steam user records in an apparent supply chain breach involving vendor access. Valve denies a direct Steam breach but continues ...
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
News
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
Andrew Doyle May 15, 2025
HireClick leaked over 5.7 million resume files after leaving an AWS bucket unsecured. The data exposure poses significant risks of fraud, phishing, and identity theft. ...
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
News
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
Andrew Doyle May 15, 2025
Valve denies claims of a Steam data breach, stating leaked data consists of expired SMS codes with no account credentials, passwords, or personal information.
Memphis-Shelby County Schools Joins Growing Lawsuit Against PowerSchool After Data Breach
News
Memphis-Shelby County Schools Joins Growing Lawsuit Against PowerSchool After Data Breach
Andrew Doyle May 15, 2025
Tennessee’s largest school district has filed a federal lawsuit against PowerSchool, citing breach of contract and security failures linked to a December 2023 data breach. ...
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
News
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
Andrew Doyle May 14, 2025
Russian-aligned ransomware group DragonForce hit UK retailer Co-op, exposing customer data and disrupting operations, in a hybrid cyberattack blending financial and geopolitical motives.
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
News
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
Andrew Doyle May 14, 2025
The EU launches its own vulnerability database (EUVD) to strengthen cybersecurity, reduce reliance on CVE, and ensure greater digital sovereignty across European infrastructure.
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
News
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
Mitchell Langley May 14, 2025
Twilio denies breach after leaked Steam 2FA codes appear online. Experts suspect a third-party SMS provider may be the source of the data exposure.
M&S Confirms Customer Data Breach Following Cyberattack
News
M&S Confirms Customer Data Breach Following Cyberattack
Mitchell Langley May 13, 2025
M&S confirms a customer data breach exposing contact details and order history after a cyberattack, but reassures no payment data or passwords were compromised.
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
News
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Mitchell Langley May 13, 2025
Broadcom patches a critical VMware Tools vulnerability that allows attackers with limited VM access to tamper with files. Affects Windows, Linux, and open-vm-tools versions.
Thousands of Node Developers Compromised by Malware in Popular npm Packages
News
Thousands of Node Developers Compromised by Malware in Popular npm Packages
Andrew Doyle May 13, 2025
A sophisticated supply chain attack on npm injected malware into widely used packages, exposing thousands of developers to remote access trojans, data theft, and backdoors. ...
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
News
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Mitchell Langley May 13, 2025
A Türkiye-linked cyberespionage group exploited a zero-day in Output Messenger, enabling access to sensitive data and communications in targeted attacks on Kurdish-aligned users.
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
News
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
Andrew Doyle May 13, 2025
A Moldovan suspect has been arrested for a 2021 DoppelPaymer ransomware attack that crippled Dutch research systems and caused €4.5 million in damages.
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
Cybersecurity
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
Mitchell Langley May 12, 2025
Chinese threat group Chaya_004 exploited a zero-day flaw in SAP NetWeaver servers, compromising hundreds of systems using remote code execution and web shell deployments.
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
Cybersecurity
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
Andrew Doyle May 12, 2025
The iClicker website was hacked between April 12–16, 2025, using a fake CAPTCHA to deploy malware via a ClickFix attack targeting students and faculty.
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
LockBit's dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a leaked MySQL database.
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
News
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
Mitchell Langley May 12, 2025
Ascension confirms a third-party data breach affecting 437,329 patients, exposing sensitive personal and medical data, including Social Security numbers and health insurance details.
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Syed Arslan May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle April 21, 2025

TOP CYBERSECURITY HEADLINES

Nucor Shuts Down Production Lines Following Cybersecurity Incident
News
Nucor Shuts Down Production Lines Following Cybersecurity Incident
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
News
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
News
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
News
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes

SECURITYWEEK INDUSTRY EXPERTS

North Korean Hackers TA406 Target Ukraine to Gauge Russia's Military Demands
News
North Korean Hackers TA406 Target Ukraine to Gauge Russia’s Military Demands
Mitchell Langley May 15, 2025
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
News
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
Mitchell Langley May 15, 2025
Dior Confirms Data Breach Exposing Chinese Customer Information
News
Dior Confirms Data Breach Exposing Chinese Customer Information
Mitchell Langley May 15, 2025
Nucor Shuts Down Production Lines Following Cybersecurity Incident
News
Nucor Shuts Down Production Lines Following Cybersecurity Incident
Mitchell Langley May 15, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Scattered Spider Targets UK and US Retailers: The Growing Threat to Major Brands
May 16, 2025
Podcasts
Proofpoint Acquires Hornetsecurity for $1B: A New Era in Microsoft 365 Security
May 16, 2025
Podcasts
Exploited in the Wild: SAP NetWeaver Zero-Days Hit Fortune 500
May 14, 2025

Cyber Security News

Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
Cybersecurity
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
May 12, 2025
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
Cybersecurity
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
May 12, 2025
The Truth About Identity Attacks How to Protect Your Business and Data
Blog
The Truth About Identity Attacks: How to Protect Your Business and Data
May 8, 2025
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Cybersecurity
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
May 8, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
May 8, 2025
The Rising Tide of Supply Chain Cybersecurity Risks in 2025-min
Blog
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
May 6, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
North Korean Hackers TA406 Target Ukraine to Gauge Russia’s Military Demands
May 15, 2025
North Korean hackers TA406 target Ukrainian government entities to assess Russia’s war demands, using phishing, PowerShell malware, and credential theft to inform DPRK military strategy. ...
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
May 15, 2025
Bank Street College of Education exposed 500,000+ personal files via a misconfigured AWS bucket, including resumes and contact details. Risk of phishing and ID fraud ...
Dior Confirms Data Breach Exposing Chinese Customer Information
May 15, 2025
Christian Dior confirms a customer data breach affecting Chinese users. Names, contacts, and shopping data were leaked; no financial details were compromised. Investigation ongoing.
Nucor Shuts Down Production Lines Following Cybersecurity Incident
May 15, 2025
Nucor Corporation has shut down select production operations following a cybersecurity incident that compromised internal systems. The company is investigating and restoring operations.
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
May 15, 2025
Hackers are selling 89 million Steam user records in an apparent supply chain breach involving vendor access. Valve denies a direct Steam breach but continues ...
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
May 15, 2025
HireClick leaked over 5.7 million resume files after leaving an AWS bucket unsecured. The data exposure poses significant risks of fraud, phishing, and identity theft. ...
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
May 15, 2025
Valve denies claims of a Steam data breach, stating leaked data consists of expired SMS codes with no account credentials, passwords, or personal information.
Memphis-Shelby County Schools Joins Growing Lawsuit Against PowerSchool After Data Breach
May 15, 2025
Tennessee’s largest school district has filed a federal lawsuit against PowerSchool, citing breach of contract and security failures linked to a December 2023 data breach. ...
Exploited in the Wild: SAP NetWeaver Zero-Days Hit Fortune 500
May 14, 2025
In this episode, we dive into the active exploitation of two critical zero-day vulnerabilities in SAP NetWeaver—CVE-2025-31324 and CVE-2025-42999. Threat actors have been leveraging these ...
Checkout Chaos: Inside the £3.5 Million-a-Day M&S Cyber-Shutdown
May 14, 2025
The recent ransomware attack on Marks & Spencer (M&S) is a sobering example of the evolving cyber threat landscape confronting the retail industry. In this ...
Targeted iOS Attacks: The Zero-Days Apple Had to Patch Fast
May 14, 2025
In this episode, we break down Apple’s massive May 2025 security update blitz—a sweeping patch release that spanned iOS, macOS, iPadOS, tvOS, visionOS, and watchOS. ...
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
May 14, 2025
Russian-aligned ransomware group DragonForce hit UK retailer Co-op, exposing customer data and disrupting operations, in a hybrid cyberattack blending financial and geopolitical motives.
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
May 14, 2025
The EU launches its own vulnerability database (EUVD) to strengthen cybersecurity, reduce reliance on CVE, and ensure greater digital sovereignty across European infrastructure.
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
May 14, 2025
Twilio denies breach after leaked Steam 2FA codes appear online. Experts suspect a third-party SMS provider may be the source of the data exposure.
Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations
May 13, 2025
In this episode, we unpack the groundbreaking $1.4 billion privacy settlement between Google and the state of Texas—now the largest of its kind in U.S. ...
Marbled Dust’s Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
May 13, 2025
In April 2024, a sophisticated cyber espionage campaign orchestrated by the Türkiye-linked hacker group, Marbled Dust, began exploiting a previously unknown zero-day vulnerability in the ...
M&S Confirms Customer Data Breach Following Cyberattack
May 13, 2025
M&S confirms a customer data breach exposing contact details and order history after a cyberattack, but reassures no payment data or passwords were compromised.
TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP
May 13, 2025
In this episode, we dissect CVE-2025-47729, a critical vulnerability in TeleMessage, a message archiving app recently thrust into the spotlight due to its use by ...
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
May 13, 2025
Broadcom patches a critical VMware Tools vulnerability that allows attackers with limited VM access to tamper with files. Affects Windows, Linux, and open-vm-tools versions.
Thousands of Node Developers Compromised by Malware in Popular npm Packages
May 13, 2025
A sophisticated supply chain attack on npm injected malware into widely used packages, exposing thousands of developers to remote access trojans, data theft, and backdoors. ...
North Korean Hackers TA406 Target Ukraine to Gauge Russia’s Military Demands
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
Dior Confirms Data Breach Exposing Chinese Customer Information
Nucor Shuts Down Production Lines Following Cybersecurity Incident
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
Memphis-Shelby County Schools Joins Growing Lawsuit Against PowerSchool After Data Breach
Exploited in the Wild: SAP NetWeaver Zero-Days Hit Fortune 500
Checkout Chaos: Inside the £3.5 Million-a-Day M&S Cyber-Shutdown
Targeted iOS Attacks: The Zero-Days Apple Had to Patch Fast
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations
Marbled Dust’s Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
M&S Confirms Customer Data Breach Following Cyberattack
TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Thousands of Node Developers Compromised by Malware in Popular npm Packages