Cyber Security
Cybersecurity
Match Group Confirms Data Breach Impacting Multiple Dating Platforms
Match Group, owner of dating platforms such as Tinder and OkCupid, confirmed a data breach compromising user information across its networks. This incident raises significant ...
Cybersecurity
Aisuru/Kimwolf Botnet Orchestrates Massive DDoS Attack
The Aisuru/Kimwolf botnet orchestrated a potent distributed denial of service (DDoS) attack in December 2025. The attack reached 31.4 Tbps and executed 200 million requests ...
Cybersecurity
Game Mods Conceal Infostealer Malware: A Threat to Corporate IT Systems
Seemingly innocuous game modifications can carry infostealer malware that quietly compromises identities and systems. An example is how Roblox mods could escalate PC infections into ...
Cybersecurity
Google Disrupts Major Residential Proxy Network to Weaken Cybercriminals’ Shield
Google has effectively disrupted one of the largest residential proxy networks, impacting cybercriminals who mask illegal activities by mimicking legitimate residential traffic. This intervention aims ...
Cybersecurity
Cybercriminals Exploit LLMs and MCPs in ‘Operation Bizarre Bazaar’
Cybercriminals have launched 'Operation Bizarre Bazaar,' targeting exposed Large Language Models (LLMs) and Machine Content Platforms (MCPs) with commercial intent. The operation manipulates these systems ...
Application Security
SolarWinds Web Help Desk Critical Vulnerabilities Patched
SolarWinds has released updates for six vulnerabilities in its Web Help Desk. Among these were four critical flaws enabling unauthenticated remote code execution or authentication ...
Application Security
Critical Vulnerabilities Found in n8n’s Sandbox Mechanism: Potential for Remote Code Execution
Two newly identified vulnerabilities within n8n's sandbox could allow attackers to execute remote code. Weaknesses in the AST sanitization logic are key factors.
Cybersecurity
Legal Dispute Arises Between eScan and Morphisec Over Update Server Breach
eScan and Morphisec are embroiled in a dispute following an update server incident affecting eScan customers. The contention centers on claims regarding the identification of ...
Cybersecurity
Mesh Security Secures $12 Million for CSMA Platform Innovation
Mesh Security has garnered significant investor support, securing $12 million to bolster its Cybersecurity Mesh Architecture (CSMA) platform. This investment will enhance its autonomous capabilities, ...
Application Security
Insecure Deployments of Moltbot Pose Risks in Enterprise Settings
Insecure deployments of Moltbot, an AI assistant, in enterprise environments raise severe risks of leaking sensitive data such as API keys, OAuth tokens, and conversation ...
Cybersecurity
FBI Successfully Seizes RAMP Cybercrime Forum Disrupting Ransomware Operations
The FBI has effectively dismantled RAMP, a prominent cybercriminal forum. Known for its bold promotion of ransomware activities, RAMP's seizure marks a significant law enforcement ...
Cybersecurity
Chinese Hackers Breach Phones of UK Officials in Long-term Cyber Espionage
Chinese hackers, linked to state-sponsored activities, reportedly penetrated the smartphones of UK officials, accessing sensitive communications for several years. The invasion probes the sophistication of ...
Application Security
Microsoft Office and Linux Kernel Among Newly Cataloged Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency updated its Known Exploited Vulnerabilities catalog with newly identified security flaws, including those in Microsoft Office and the ...
Cybersecurity
Meta Implements Enhanced Security Measures on WhatsApp
WhatsApp rolls out Strict Account Settings to secure high-risk users against advanced, targeted cyber threats. Meta's focus is on enhancing user safety amid increasing cyber ...
CVE Vulnerability Alerts
Exploitations of WinRAR Vulnerability CVE-2025-8088 Emerge as a Major Threat
Cyber attackers leverage the CVE-2025-8088 high-severity WinRAR vulnerability. This security loophole is targeted for initial access and malware delivery, affecting numerous organizations globally.
Application Security
Meta Introduces Enhanced WhatsApp Security for High-Risk Users
Meta's initiative to enhance the security of high-risk individuals on WhatsApp involves a trade-off between functionality and security, providing an extra layer of defense through ...
Application Security
ShinyHunters Allegedly Breach Panera Bread and Other Companies via Microsoft Entra SSO
ShinyHunters, an extortionist gang, claims to have accessed data from Panera Bread, CarMax, and Edmunds, using Microsoft Entra Single Sign-On (SSO). Understanding the technical breach ...
Cybersecurity
Memcyco Secures $37 Million to Expand Anti-Impersonation Technology Globally
Memcyco has successfully raised $37 million to expand its cutting-edge anti-impersonation technology worldwide, with a focus on Latin America. This significant investment will accelerate the ...
CVE Vulnerability Alerts
Major Security Flaw Found in vm2 Node.js Sandbox Tool
A serious vulnerability in the vm2 Node.js sandbox library, identified as CVE-2026-22709, could jeopardize system security by enabling the execution of arbitrary code outside the ...
News
Nebraska Grand Jury Indicts Additional Members in Tren de Aragua ATM Scheme
Nebraska federal authorities charge 31 more individuals linked to a Venezuelan crime syndicate for their part in a widespread ATM fraud operation. This development brings ...
TOP CYBERSECURITY HEADLINES
Cybersecurity
Aisuru/Kimwolf Botnet Orchestrates Massive DDoS Attack
Application Security
SolarWinds Web Help Desk Critical Vulnerabilities Patched
This Week’s Security Spotlight
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Match Group Confirms Data Breach Impacting Multiple Dating Platforms
Match Group, owner of dating platforms such as Tinder and OkCupid, confirmed a data breach compromising user information across its networks. This incident raises significant ...
Cybercriminals Exploit LLMs and MCPs in ‘Operation Bizarre Bazaar’
Cybercriminals have launched 'Operation Bizarre Bazaar,' targeting exposed Large Language Models (LLMs) and Machine Content Platforms (MCPs) with commercial intent. The operation manipulates these systems ...
Critical Vulnerabilities Found in n8n’s Sandbox Mechanism: Potential for Remote Code Execution
Two newly identified vulnerabilities within n8n's sandbox could allow attackers to execute remote code. Weaknesses in the AST sanitization logic are key factors.
SolarWinds Web Help Desk Critical Vulnerabilities Patched
SolarWinds has released updates for six vulnerabilities in its Web Help Desk. Among these were four critical flaws enabling unauthenticated remote code execution or authentication ...
Legal Dispute Arises Between eScan and Morphisec Over Update Server Breach
eScan and Morphisec are embroiled in a dispute following an update server incident affecting eScan customers. The contention centers on claims regarding the identification of ...
Mesh Security Secures $12 Million for CSMA Platform Innovation
Mesh Security has garnered significant investor support, securing $12 million to bolster its Cybersecurity Mesh Architecture (CSMA) platform. This investment will enhance its autonomous capabilities, ...
Insecure Deployments of Moltbot Pose Risks in Enterprise Settings
Insecure deployments of Moltbot, an AI assistant, in enterprise environments raise severe risks of leaking sensitive data such as API keys, OAuth tokens, and conversation ...
FBI Successfully Seizes RAMP Cybercrime Forum Disrupting Ransomware Operations
The FBI has effectively dismantled RAMP, a prominent cybercriminal forum. Known for its bold promotion of ransomware activities, RAMP's seizure marks a significant law enforcement ...
Chinese Hackers Breach Phones of UK Officials in Long-term Cyber Espionage
Chinese hackers, linked to state-sponsored activities, reportedly penetrated the smartphones of UK officials, accessing sensitive communications for several years. The invasion probes the sophistication of ...
Microsoft Office and Linux Kernel Among Newly Cataloged Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency updated its Known Exploited Vulnerabilities catalog with newly identified security flaws, including those in Microsoft Office and the ...
Meta Implements Enhanced Security Measures on WhatsApp
WhatsApp rolls out Strict Account Settings to secure high-risk users against advanced, targeted cyber threats. Meta's focus is on enhancing user safety amid increasing cyber ...
Exploitations of WinRAR Vulnerability CVE-2025-8088 Emerge as a Major Threat
Cyber attackers leverage the CVE-2025-8088 high-severity WinRAR vulnerability. This security loophole is targeted for initial access and malware delivery, affecting numerous organizations globally.
Meta Introduces Enhanced WhatsApp Security for High-Risk Users
Meta's initiative to enhance the security of high-risk individuals on WhatsApp involves a trade-off between functionality and security, providing an extra layer of defense through ...
ShinyHunters Allegedly Breach Panera Bread and Other Companies via Microsoft Entra SSO
ShinyHunters, an extortionist gang, claims to have accessed data from Panera Bread, CarMax, and Edmunds, using Microsoft Entra Single Sign-On (SSO). Understanding the technical breach ...
Memcyco Secures $37 Million to Expand Anti-Impersonation Technology Globally
Memcyco has successfully raised $37 million to expand its cutting-edge anti-impersonation technology worldwide, with a focus on Latin America. This significant investment will accelerate the ...
Major Security Flaw Found in vm2 Node.js Sandbox Tool
A serious vulnerability in the vm2 Node.js sandbox library, identified as CVE-2026-22709, could jeopardize system security by enabling the execution of arbitrary code outside the ...
Nebraska Grand Jury Indicts Additional Members in Tren de Aragua ATM Scheme
Nebraska federal authorities charge 31 more individuals linked to a Venezuelan crime syndicate for their part in a widespread ATM fraud operation. This development brings ...
Crunchbase Data Breach Raises Security Concerns After ShinyHunters Attack
Cybercriminal group ShinyHunters reportedly compromised Crunchbase, stealing over 2 million personal records. The breach involved a 402 MB data file being leaked, prompting concerns about ...
NPM Security Measures Post-‘Shai-Hulud’ Attacks Show Vulnerabilities
Despite enhanced defense mechanisms by NPM following the 'Shai-Hulud' supply-chain attacks, Git dependencies reveal key vulnerabilities that threat actors could exploit, casting doubt over the ...
Phishing Attacks Target Indian Users with a Multi-Stage Backdoor
Cybersecurity researchers from eSentire uncovered an ongoing campaign targeting Indian users using a multi-stage backdoor. Phishing emails mimic the Income Tax Department to deceive victims.