Main Menu
Cyber Security
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
Criminals Exploit Dubai Crisis With Elaborate Fake Police Scheme
Russian APT28 Allegedly Exploited MSHTML Vulnerability Before Microsoft Patch
Madison Square Garden Cyber Incident Revealed Months Later
Samsung Reaches Settlement with Texas Over Smart TV Data Collection
Hackers Used Claude Code to Steal 150GB of Mexican Government Data
Netherlands Faces Its Biggest Data Breach as ShinyHunters Leaks Odido’s Full Customer Database
‘Sandworm_Mode’ Supply Chain Attack Hits the NPM Ecosystem
ICO Fines Reddit £14.47 Million for Failing to Protect Children’s Data
ShinyHunters Leak Exposes Millions of CarGurus User Records
RoguePilot Vulnerability in GitHub Codespaces Has Been Patched by Microsoft
Broadcom Releases Patches for VMware Aria Operations Vulnerabilities
Cryptojacking Campaign Exploits Pirated Software to Deploy XMRig Miner
Arkanix Stealer Malware Quickly Vanishes After Its Initial Launch
Microsoft Investigates Vanishing Mouse Pointer Bug in Classic Outlook
GitHub’s Dependabot is Under Fire for Alert Accuracy Issues
BeyondTrust RS and PRA Vulnerability Is Being Actively Exploited by Threat Actors
Microsoft Expands Data Loss Prevention Controls for Microsoft 365 Copilot
New Security Concerns Arise with the Proliferation of Internal LLMs
Cybercriminal Group Exploits Hundreds of FortiGate Firewalls Using Off-the-Shelf AI Tools
Ring Bets $10,000 That Nobody Can Hack Its Local Streaming Feature
Romanian Hacker Admits to Selling Oregon State Network Access in Court
Privacy Groups Demand Compliance From Generative AI Image Creators
Spanish Hacker Arrested for Booking Luxury Hotel Rooms for One Cent
Anthropic Introduces Claude Code Security for Vulnerability Detection
PayPal Data Breach Exposed User Data for Six Months Due to Software Bug
Critical Grandstream Phone Vulnerability Allows for Eavesdropping Opportunities
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX
Cybersecurity
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX
Andrew Doyle March 3, 2026
Hundreds of Sangoma FreePBX systems compromised with web shells due to command injection flaw.
Alabama Man Pleads Guilty to Cyberstalking and Extortion After Hijacking Hundreds of Women's Accounts
Cybersecurity
Alabama Man Pleads Guilty to Cyberstalking and Extortion After Hijacking Hundreds of Women’s Accounts
Mitchell Langley March 3, 2026
A 22-year-old from Alabama pleaded guilty to cyberstalking, extortion, and computer fraud after hijacking the social media accounts of hundreds of you...
Phishing Attack Masquerades as Google Security Page to Steal Sensitive Information
News
Phishing Attack Masquerades as Google Security Page to Steal Sensitive Information
Mitchell Langley March 3, 2026
Cybercriminals deploy fake Google security pages to harvest one-time passcodes and cryptocurrency wallet addresses.
Chrome's Gemini Live Feature Left Users Exposed to Malicious Extensions
Cybersecurity
Chrome’s Gemini Live Feature Left Users Exposed to Malicious Extensions
Mitchell Langley March 3, 2026
A Chrome vulnerability allowed malicious extensions to exploit Gemini Live, potentially hijacking the AI assistant to spy on users and steal their fil...
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
Cybersecurity
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
Gabby Lee March 3, 2026
Google Chrome rolls out an experimental program to improve HTTPS certificate security against future quantum threats.
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
Cybersecurity
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
Mitchell Langley March 3, 2026
Florida resident sentenced to 22 months in prison for trafficking thousands of stolen Microsoft COA labels over several years.
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
Cybersecurity
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
Andrew Doyle March 3, 2026
Understand how deepfake and injection attacks affect identity verification processes and what enterprises can do to defend against them.
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
Cybersecurity
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
Gabby Lee March 3, 2026
Malicious websites exploited a WebSocket flaw to hijack AI agents via OpenClaw.
Criminals Exploit Dubai Crisis With Elaborate Fake Police Scheme
Cybersecurity
Criminals Exploit Dubai Crisis With Elaborate Fake Police Scheme
Mitchell Langley March 3, 2026
Scammers impersonate police in Dubai, exploiting a crisis to access bank accounts.
Russian APT28 Allegedly Exploited MSHTML Vulnerability Before Microsoft Patch
Cybersecurity
Russian APT28 Allegedly Exploited MSHTML Vulnerability Before Microsoft Patch
Gabby Lee March 3, 2026
Russia-linked APT28 may have exploited MSHTML zero-day CVE-2026-21513, a high-severity flaw, before Microsoft issued a fix.
Madison Square Garden Cyber Incident Revealed Months Later
Cybersecurity
Madison Square Garden Cyber Incident Revealed Months Later
Gabby Lee March 3, 2026
Madison Square Garden disclosed a data breach months after being targeted in a hacking campaign.
Samsung Reaches Settlement with Texas Over Smart TV Data Collection
Cybersecurity
Samsung Reaches Settlement with Texas Over Smart TV Data Collection
Andrew Doyle March 2, 2026
Samsung resolves allegations of unauthorized data collection via smart TVs with Texas settlement.
Hackers Used Claude Code to Steal 150GB of Mexican Government Data
Cybersecurity
Hackers Used Claude Code to Steal 150GB of Mexican Government Data
Gabby Lee March 2, 2026
Hackers used Claude Code to infiltrate Mexican government systems, exfiltrating 150GB of sensitive data using AI-assisted exploits and automated theft...
Netherlands Faces Its Biggest Data Breach as ShinyHunters Leaks Odido's Full Customer Database
Cybersecurity
Netherlands Faces Its Biggest Data Breach as ShinyHunters Leaks Odido’s Full Customer Database
Mitchell Langley March 2, 2026
ShinyHunters group exposes a significant data breach at Odido, shaking the Dutch telecommunications sector.
How Safety Technology Is Transforming Workplace Protection
Blog
How Safety Technology Is Transforming Workplace Protection
Gabby Lee March 1, 2026
Companies are placing a greater emphasis on protecting their workforce. This shift from a reactive safety culture to a proactive ...
'Sandworm_Mode' Supply Chain Attack Hits the NPM Ecosystem
Cybersecurity
‘Sandworm_Mode’ Supply Chain Attack Hits the NPM Ecosystem
Mitchell Langley February 25, 2026
Analysis of the Sandworm_Mode supply chain attack impacting NPM.
ICO Fines Reddit £14.47 Million for Failing to Protect Children's Data
Cybersecurity
ICO Fines Reddit £14.47 Million for Failing to Protect Children’s Data
Gabby Lee February 25, 2026
The ICO has fined Reddit for collecting data on children under 13 without adequate safety measures in place.
ShinyHunters Leak Exposes Millions of CarGurus User Records
Cybersecurity
ShinyHunters Leak Exposes Millions of CarGurus User Records
Gabby Lee February 25, 2026
ShinyHunters have exposed over 12 million records reportedly taken from CarGurus, an automotive digital platform.
RoguePilot Vulnerability in GitHub Codespaces Has Been Patched by Microsoft
Cybersecurity
RoguePilot Vulnerability in GitHub Codespaces Has Been Patched by Microsoft
Mitchell Langley February 25, 2026
A vulnerability called RoguePilot in GitHub Codespaces risked repository control.
Broadcom Releases Patches for VMware Aria Operations Vulnerabilities
Cybersecurity
Broadcom Releases Patches for VMware Aria Operations Vulnerabilities
Andrew Doyle February 25, 2026
Broadcom addresses critical VMware Aria Operations vulnerabilities; users urged to update.
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX
Cybersecurity
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX
Andrew Doyle March 3, 2026
Samsung Reaches Settlement with Texas Over Smart TV Data Collection
Cybersecurity
Samsung Reaches Settlement with Texas Over Smart TV Data Collection
Andrew Doyle March 2, 2026
Lazarus Group Expands Its Ransomware Arsenal with Medusa
News
Lazarus Group Expands Its Ransomware Arsenal with Medusa
Andrew Doyle February 25, 2026
Polish Authorities Detain Suspected Phobos Ransomware Operative
News
Polish Authorities Detain Suspected Phobos Ransomware Operative
Andrew Doyle February 18, 2026

TOP CYBERSECURITY HEADLINES

Chrome's Gemini Live Feature Left Users Exposed to Malicious Extensions
Cybersecurity
Chrome’s Gemini Live Feature Left Users Exposed to Malicious Extensions
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
Cybersecurity
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
Cybersecurity
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
Cybersecurity
Deepfake and Injection Attacks Are Targeting Identity Verification Systems

This Week’s Security Spotlight

OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
CISA Faces Challenges With Limited Resources Amid DHS Shutdown
Cybersecurity
CISA Faces Challenges With Limited Resources Amid DHS Shutdown
Andrew Doyle February 17, 2026
Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
More In News
Trending
Germany Warns of Phishing Threats via Signal Targeting High-Profile Individuals
Dutch Police Arrest Suspect in JokerOTP Phishing Tool Operation
Trezor and Ledger Crypto Wallets Targeted by Mail Scam
Global Cloud Storage Scam Emails Threaten Users With False Data Deletion Alerts

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
October 28, 2025
Podcasts
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
October 28, 2025
Podcasts
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
October 28, 2025

Cyber Security News

Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX
Cybersecurity
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX
March 3, 2026
Alabama Man Pleads Guilty to Cyberstalking and Extortion After Hijacking Hundreds of Women's Accounts
Cybersecurity
Alabama Man Pleads Guilty to Cyberstalking and Extortion After Hijacking Hundreds of Women’s Accounts
March 3, 2026
Chrome's Gemini Live Feature Left Users Exposed to Malicious Extensions
Cybersecurity
Chrome’s Gemini Live Feature Left Users Exposed to Malicious Extensions
March 3, 2026
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
Cybersecurity
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
March 3, 2026
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
Cybersecurity
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
March 3, 2026
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
Cybersecurity
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
March 3, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Chrome’s Gemini Live Feature Left Users Exposed to Malicious Extensions
March 3, 2026
A Chrome vulnerability allowed malicious extensions to exploit Gemini Live, potentially hijacking the AI assistant to spy on users and steal their fil...
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
March 3, 2026
Google Chrome rolls out an experimental program to improve HTTPS certificate security against future quantum threats.
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
March 3, 2026
Florida resident sentenced to 22 months in prison for trafficking thousands of stolen Microsoft COA labels over several years.
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
March 3, 2026
Understand how deepfake and injection attacks affect identity verification processes and what enterprises can do to defend against them.
Russian APT28 Allegedly Exploited MSHTML Vulnerability Before Microsoft Patch
March 3, 2026
Russia-linked APT28 may have exploited MSHTML zero-day CVE-2026-21513, a high-severity flaw, before Microsoft issued a fix.
Criminals Exploit Dubai Crisis With Elaborate Fake Police Scheme
March 3, 2026
Scammers impersonate police in Dubai, exploiting a crisis to access bank accounts.
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
March 3, 2026
Malicious websites exploited a WebSocket flaw to hijack AI agents via OpenClaw.
Madison Square Garden Cyber Incident Revealed Months Later
March 3, 2026
Madison Square Garden disclosed a data breach months after being targeted in a hacking campaign.
Samsung Reaches Settlement with Texas Over Smart TV Data Collection
March 2, 2026
Samsung resolves allegations of unauthorized data collection via smart TVs with Texas settlement.
Hackers Used Claude Code to Steal 150GB of Mexican Government Data
March 2, 2026
Hackers used Claude Code to infiltrate Mexican government systems, exfiltrating 150GB of sensitive data using AI-assisted exploits and automated theft...
Netherlands Faces Its Biggest Data Breach as ShinyHunters Leaks Odido’s Full Customer Database
March 2, 2026
ShinyHunters group exposes a significant data breach at Odido, shaking the Dutch telecommunications sector.
How Safety Technology Is Transforming Workplace Protection
March 1, 2026
Companies are placing a greater emphasis on protecting their workforce. This shift from a reactive safety culture to a proactive one is creating new demand ...
‘Sandworm_Mode’ Supply Chain Attack Hits the NPM Ecosystem
February 25, 2026
Analysis of the Sandworm_Mode supply chain attack impacting NPM.
ICO Fines Reddit £14.47 Million for Failing to Protect Children’s Data
February 25, 2026
The ICO has fined Reddit for collecting data on children under 13 without adequate safety measures in place.
Broadcom Releases Patches for VMware Aria Operations Vulnerabilities
February 25, 2026
Broadcom addresses critical VMware Aria Operations vulnerabilities; users urged to update.
RoguePilot Vulnerability in GitHub Codespaces Has Been Patched by Microsoft
February 25, 2026
A vulnerability called RoguePilot in GitHub Codespaces risked repository control.
ShinyHunters Leak Exposes Millions of CarGurus User Records
February 25, 2026
ShinyHunters have exposed over 12 million records reportedly taken from CarGurus, an automotive digital platform.
Lazarus Group Expands Its Ransomware Arsenal with Medusa
February 25, 2026
North Korea's Lazarus Group deploys Medusa ransomware against critical sectors, targeting US healthcare.
Optimizely Suffers a Data Breach Through a Voice Phishing Attack
February 25, 2026
Optimizely has reported a data breach caused by a voice phishing attack, compromising customer data.
Cryptojacking Campaign Exploits Pirated Software to Deploy XMRig Miner
February 25, 2026
New cryptojacking campaign uses pirated software to deliver XMRig miner payloads onto hosts.
Chrome’s Gemini Live Feature Left Users Exposed to Malicious Extensions
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
Russian APT28 Allegedly Exploited MSHTML Vulnerability Before Microsoft Patch
Criminals Exploit Dubai Crisis With Elaborate Fake Police Scheme
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
Madison Square Garden Cyber Incident Revealed Months Later
Samsung Reaches Settlement with Texas Over Smart TV Data Collection
Hackers Used Claude Code to Steal 150GB of Mexican Government Data
Netherlands Faces Its Biggest Data Breach as ShinyHunters Leaks Odido’s Full Customer Database
How Safety Technology Is Transforming Workplace Protection
‘Sandworm_Mode’ Supply Chain Attack Hits the NPM Ecosystem
ICO Fines Reddit £14.47 Million for Failing to Protect Children’s Data
Broadcom Releases Patches for VMware Aria Operations Vulnerabilities
RoguePilot Vulnerability in GitHub Codespaces Has Been Patched by Microsoft
ShinyHunters Leak Exposes Millions of CarGurus User Records
Lazarus Group Expands Its Ransomware Arsenal with Medusa
Optimizely Suffers a Data Breach Through a Voice Phishing Attack
Cryptojacking Campaign Exploits Pirated Software to Deploy XMRig Miner