Cyber Security
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
News
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
A key figure behind Ryuk ransomware’s initial network intrusions has been extradited to the U.S., marking a major step in global efforts against ransomware operations. ...
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
News
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
A data breach at Episource has compromised the personal and medical information of over 5.4 million individuals in a targeted January 2025 cyberattack.
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
News
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
Veeam patched a critical RCE flaw (CVE-2025-23121) allowing domain users to hijack backup servers, risking ransomware exploitation in misconfigured enterprise environments.
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
News
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
BeyondTrust patched a critical vulnerability (CVE-2025-5309) in its Remote Support software that allowed unauthenticated attackers to gain full remote code execution on servers.
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
News
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
China-backed Salt Typhoon breached Viasat in a broader espionage campaign against U.S. telecoms ahead of the 2024 election, targeting both government and private networks.
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
News
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
A World Leaks ransomware attack on Freedman Healthcare may expose over 42,000 sensitive files. The health tech firm supports data systems for 27 U.S. state ...
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
News
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
CISA warns of active exploitation targeting outdated TP-Link routers with command injection flaws. Users and federal agencies must act fast to avoid security breaches.
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
News
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
Scattered Spider may have pivoted from retail to insurance, with Erie Indemnity likely its first U.S. victim. Experts urge insurers to prepare for advanced phishing ...
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
News
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
EDRi is calling for a full ban on spyware in the EU, warning that unchecked surveillance software threatens human rights, democratic institutions, and cybersecurity.
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
News
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
Several Washington Post journalists’ Microsoft email accounts were compromised in a cyberattack believed to be the work of a foreign government targeting national security reporting. ...
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
News
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
Cybercriminals are now targeting the U.S. insurance sector with Scattered Spider-style tactics—experts warn of imminent threats involving phishing, SIM swapping, and MFA abuse.
Zoomcar Confirms Data Breach Impacting 8.4 Million Users Following Threat Actor Alert
News
Zoomcar Confirms Data Breach Impacting 8.4 Million Users Following Threat Actor Alert
Zoomcar has confirmed a cybersecurity breach affecting 8.4 million users, exposing names, contact details, and vehicle data—but not financial information or passwords.
Hackers Claim Breach of Scania’s Corporate Insurance Arm, 34,000 Files Allegedly Stolen
News
Hackers Claim Breach of Scania’s Corporate Insurance Arm, 34,000 Files Allegedly Stolen
Hackers claim to have breached Scania’s corporate insurance arm, stealing 34,000 internal files. The targeted platform remains offline, citing maintenance.
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
News
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
A ransomware attack forced Germany’s century-old napkin manufacturer Fasana into insolvency, halting production, delaying salaries, and causing losses over €2 million in two weeks.
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
Cybersecurity
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
Hackers have claimed to leak a database containing 64 million records linked to T-Mobile, one of the largest mobile carriers ...
Debt Collection Breach at CCC Exposes Data of Over 9 Million Americans
News
Debt Collection Breach at CCC Exposes Data of Over 9 Million Americans
A cyberattack on Credit Control Corporation exposed data of 9.1 million Americans, including personal and financial records. Attackers may exploit the information for targeted scams. ...
Yes24 Ransomware Attack Disrupts South Korea’s Entertainment Industry, Exposes Millions to Risk
News
Yes24 Ransomware Attack Disrupts South Korea’s Entertainment Industry, Exposes Millions to Risk
A ransomware attack on Yes24, South Korea’s leading ticket platform, brought services to a halt, disrupted major K-pop events, and triggered fears over customer data ...
Cyberattack Disrupts WestJet Internal Systems, Airline Investigating with Authorities
News
Cyberattack Disrupts WestJet Internal Systems, Airline Investigating with Authorities
A cyberattack on Canada’s second-largest airline, WestJet, disrupted internal systems and app access, prompting an ongoing investigation involving law enforcement and transport authorities.
Over 46,000 Grafana Instances Still Vulnerable to 'Grafana Ghost' Account Takeover Bug
News
Over 46,000 Grafana Instances Still Vulnerable to ‘Grafana Ghost’ Account Takeover Bug
A critical vulnerability in Grafana leaves over 46,000 internet-facing instances exposed to account hijacking and JavaScript injection through malicious plugin redirects.
Victoria’s Secret Restores Critical Systems Following Cyberattack That Delayed Q1 Earnings
News
Victoria’s Secret Restores Critical Systems Following Cyberattack That Delayed Q1 Earnings
Victoria’s Secret confirms full restoration of core systems after a May cyberattack disrupted corporate operations and forced a delay in the company’s Q1 earnings release. ...

TOP CYBERSECURITY HEADLINES

SECURITYWEEK INDUSTRY EXPERTS

Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Over 1,500 Minecraft Users Infected in Stargazers Ghost Malware Campaign
A malware distribution network hiding in plain sight — on GitHub. This episode unpacks the Stargazers Ghost Network, a massive Distribution-as-a-Service (DaaS) infrastructure run by ...
Oxford City Council Breach Exposes 21 Years of Data
State and local governments are under cyber siege. In this episode, we break down how and why these public institutions have become top targets for ...
Weaponized GitHub Repositories: How Banana Squad and Water Curse Are Hitting Devs
Cybercriminals are increasingly turning GitHub into a malware distribution network. In this episode, we unpack two of the most alarming recent campaigns: Water Curse and ...
Chain IQ Breach Exposes UBS & Pictet Employee Data: A Supply Chain Failure
A single vendor was compromised — and suddenly, internal records from UBS, Pictet, Manor, and Implenia were leaked. The Chain IQ cyberattack is a textbook ...
Citrix NetScaler Flaws Expose Enterprise Networks: CVE-2025-5349 & CVE-2025-5777
Two newly disclosed critical vulnerabilities—CVE-2025-5349 and CVE-2025-5777—have put Citrix NetScaler ADC and Gateway deployments at serious risk, exposing enterprise environments to potential data breaches and ...
GerriScary: How CVE-2025-1568 Threatened Google’s Open-Source Supply Chain
CVE-2025-1568, dubbed “GerriScary”, has shaken the open-source ecosystem by exposing a fundamental weakness in Google’s Gerrit code review system—one that could have enabled attackers to ...
Cisco & Atlassian Under Fire: High-Severity Flaws and What’s at Risk
Cisco and Atlassian have both released urgent security advisories in response to newly discovered high-severity vulnerabilities—and the implications are serious. Cisco’s firmware flaws impact Meraki ...
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
A key figure behind Ryuk ransomware’s initial network intrusions has been extradited to the U.S., marking a major step in global efforts against ransomware operations. ...
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
A data breach at Episource has compromised the personal and medical information of over 5.4 million individuals in a targeted January 2025 cyberattack.
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
Veeam patched a critical RCE flaw (CVE-2025-23121) allowing domain users to hijack backup servers, risking ransomware exploitation in misconfigured enterprise environments.
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
BeyondTrust patched a critical vulnerability (CVE-2025-5309) in its Remote Support software that allowed unauthenticated attackers to gain full remote code execution on servers.
Double Extortion, Biometric Data, and Donuts: How Play Ransomware Hit Krispy Kreme
A deep dive into one of the most aggressive ransomware groups operating today—Play—and their latest high-profile target: Krispy Kreme. Operating since 2022, the Play ransomware ...
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
China-backed Salt Typhoon breached Viasat in a broader espionage campaign against U.S. telecoms ahead of the 2024 election, targeting both government and private networks.
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
A World Leaks ransomware attack on Freedman Healthcare may expose over 42,000 sensitive files. The health tech firm supports data systems for 27 U.S. state ...
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
CISA warns of active exploitation targeting outdated TP-Link routers with command injection flaws. Users and federal agencies must act fast to avoid security breaches.
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
Scattered Spider may have pivoted from retail to insurance, with Erie Indemnity likely its first U.S. victim. Experts urge insurers to prepare for advanced phishing ...
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
EDRi is calling for a full ban on spyware in the EU, warning that unchecked surveillance software threatens human rights, democratic institutions, and cybersecurity.
Archetyp Market Seized: €250M Drug Empire Toppled by Operation Deep Sentinel
In this episode, we unpack the dramatic takedown of Archetyp Market, a darknet marketplace that dominated the online drug trade since its launch in May ...
KillSec Exploits Zero-Day to Breach Ocuco: 241K Patients Exposed
In this episode, we break down one of 2025’s most significant healthcare cybersecurity incidents: the ransomware attack on Ocuco, a global eyecare software provider. On ...
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
Several Washington Post journalists’ Microsoft email accounts were compromised in a cyberattack believed to be the work of a foreign government targeting national security reporting. ...
Over 1,500 Minecraft Users Infected in Stargazers Ghost Malware Campaign
Oxford City Council Breach Exposes 21 Years of Data
Weaponized GitHub Repositories: How Banana Squad and Water Curse Are Hitting Devs
Chain IQ Breach Exposes UBS & Pictet Employee Data: A Supply Chain Failure
Citrix NetScaler Flaws Expose Enterprise Networks: CVE-2025-5349 & CVE-2025-5777
GerriScary: How CVE-2025-1568 Threatened Google’s Open-Source Supply Chain
Cisco & Atlassian Under Fire: High-Severity Flaws and What’s at Risk
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
Double Extortion, Biometric Data, and Donuts: How Play Ransomware Hit Krispy Kreme
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
Archetyp Market Seized: €250M Drug Empire Toppled by Operation Deep Sentinel
KillSec Exploits Zero-Day to Breach Ocuco: 241K Patients Exposed
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack