Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Claim your TfL Refund for Oyster Photocard Disruptions After Cyberattack
News
Transport for London (TFL) Restores Oyster Photocards Services and Offers Refunds
Mitchell Langley November 4, 2024
Transport for London (TfL) is now processing TfL refunds for Oyster photocard users affected by a recent cyberattack. Learn how to claim your reimbursement for ...
This Week In Cybersecurity: 28th October to 1st November
Cybersecurity
This Week In Cybersecurity: 28th October to 1st November
Mitchell Langley November 3, 2024
CRA Data Breach Exposes Tens of Thousands of Taxpayer Accounts, Millions Lost in Bogus Refunds A significant data breach at ...
Trinity Ransomware Major Threat to the Healthcare Industry
Blog
Trinity Ransomware: Major Threat to the Healthcare Industry
Gabby Lee November 1, 2024
The newly discovered Trinity ransomware is a significant threat to the healthcare industry, with at least one U.S. hospital already affected. HHS issued a warning ...
Nine Class-Action Lawsuits Filed After New Jersey Water Company Data Breached
News
Nine Class-Action Lawsuits Filed After New Jersey Water Company Data Breached
Mitchell Langley October 31, 2024
Nine class-action lawsuits have been filed against a New Jersey utility company following a data breach of unknown scope. The company, American Water, serves over ...
ZircoDATA Cybersecurity Breach Exposes Sensitive Australian Data
News
ZircoDATA Cybersecurity Breach Exposes Sensitive Australian Data
Gabby Lee October 31, 2024
A major cybersecurity breach at ZircoDATA, an Australian data firm, exposed sensitive personal information, impacting hundreds of organizations and highlighting the need for stronger data ...
PSAUX Ransomware Attack Cripples 22,000 CyberPanel Instances
News
PSAUX Ransomware Attack Cripples 22,000 CyberPanel Instances
Mitchell Langley October 31, 2024
The PSAUX ransomware attack exploited critical vulnerabilities in CyberPanel, crippling over 22,000 instances and encrypting countless files. A decryptor is now available.
Interbank Confirms Data Breach Following Failed Extortion Attempt
News
Interbank Confirms Data Breach Following Failed Extortion Attempt
Mitchell Langley October 31, 2024
Interbank, a Peruvian bank, confirms a massive data breach after a failed extortion attempt. Millions of customer records, including financial details, were leaked online.
LottieFiles npm Supply Chain Attack Drains Cryptocurrency Wallets
News
LottieFiles npm Supply Chain Attack Drains Cryptocurrency Wallets
Gabby Lee October 31, 2024
A npm supply chain attack targeted LottieFiles, compromising versions 2.0.5-2.0.7 of its "lottie-player" package and leading to cryptocurrency theft. Users are urged to upgrade immediately.
Advanced Recovery Equipment & Supplies Data Breach Impacts Customer Information
News
Advanced Recovery Equipment & Supplies Data Breach Impacts Customer Information
Mitchell Langley October 31, 2024
Advanced Recovery Equipment & Supplies LLC suffered a data breach in 2023, exposing customer names, Social Security numbers, medical information, and more. Data breach notification ...
Ticking Time Bomb or Opportunity How to Secure Remote Work Environments
Blog
Ticking Time Bomb or Opportunity? How to Secure Remote Work Environments
Mitchell Langley October 31, 2024
Remote work has revolutionized the workplace, but it has also introduced a new wave of security threats. Unvetted software, vulnerable home networks, and public Wi-Fi ...
Boart Longyear Data Breach Compromised Sensitive Customer Information
News
Boart Longyear Data Breach Compromised Sensitive Customer Information
Mitchell Langley October 30, 2024
Boart Longyear, a global drilling company, experienced a data breach exposing sensitive customer information, including Social Security numbers and medical records. The company is sending ...
France's Second-Largest ISP, Free, Suffers Data Breach
News
France’s Second-Largest ISP, Free, Suffers Data Breach
Gabby Lee October 30, 2024
France's second-largest internet service provider (ISP), Free, has confirmed a significant data breach affecting some of its 22.9 million subscribers.
Cash App Data Breach Settlement: Only Few Weeks to Claim $2,575 in Compensation
News
Cash App Data Breach Settlement: Only Few Weeks to Claim $2,575 in Compensation
Mitchell Langley October 30, 2024
Cash App users affected by the 2022 data breach have until November 19th to claim up to $2,575 in compensation for the incident.
Wichita County Cyberattack: 47,000 Residents Affected by Data Breach
News
Wichita County Cyberattack: 47,000 Residents Affected by Data Breach
Mitchell Langley October 30, 2024
The Wichita County cyberattack exposed the sensitive data of 47,000 residents, including SSNs and medical records. The Medusa ransomware gang claimed responsibility, demanding a ransom ...
CRA Data Breach Exposes Tens of Thousands of Taxpayer Accounts, Millions Lost in Bogus Refunds
News
CRA Data Breach Exposes Tens of Thousands of Taxpayer Accounts, Millions Lost in Bogus Refunds
Mitchell Langley October 30, 2024
Tens of thousands of Canadian taxpayers were victims of a massive CRA data breach, resulting in millions of dollars in fraudulent refunds and exposing systemic ...
Fog Ransomware Exploits SonicWall VPN Vulnerability to Breach Corporate Networks
News
Fog Ransomware Exploits SonicWall VPN Vulnerability to Breach Corporate Networks
Gabby Lee October 28, 2024
Fog ransomware exploits a critical SonicWall VPN vulnerability (CVE-2024-40766), enabling rapid network breaches and data encryption. Prompt patching is crucial.
This Week In Cybersecurity: 21st October to 25th October
Cybersecurity
This Week In Cybersecurity: 21st October to 25th October
Andrew Doyle October 25, 2024
Cyberattack Targets Critical Sectors in Cyprus A significant cyberattack has compromised critical infrastructure in Cyprus, highlighting vulnerabilities to sophisticated threats. ...
Johnson & Johnson Data Breach Exposes Personal Information of 3,200 Individuals
News
Johnson & Johnson Data Breach Exposes Personal Information of 3,200 Individuals
Mitchell Langley October 25, 2024
A data breach at Johnson & Johnson's insurance arm compromised personal information from 3,200 individuals. The company is offering credit monitoring and identity restoration services.
Hot Topic Data Breach: Millions of Customers Potentially Affected
News
Hot Topic Data Breach: Millions of Customers Potentially Affected
Gabby Lee October 25, 2024
A massive data breach at Hot Topic potentially exposed millions of customers' personal information, highlighting
Nidec Corporation Suffers Data Breach: Ransomware Attack Leaks Sensitive Information
News
Nidec Corporation Suffers Data Breach: Ransomware Attack Leaks Sensitive Information
Mitchell Langley October 25, 2024
Nidec Corporation confirms a ransomware attack leaked 50,694 files, including sensitive business documents, after negotiations with attackers failed.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Inside the AVCheck Takedown: How Law Enforcement Disrupted a Key Cybercrime Tool
June 2, 2025
Podcasts
Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers
May 30, 2025
Podcasts
ConnectWise Breach: Nation-State Exploits CVE-2025-3935 in ScreenConnect
May 30, 2025

Cyber Security News

WhatsApp Hack Uncovers 2 Low-Risk Vulnerabilities, No Arbitrary Code Execution
Application Security
WhatsApp Hack Uncovers 2 Low-Risk Vulnerabilities, No Arbitrary Code Execution
October 27, 2025
TP-Link Patches Critical Omada Gateway Vulnerabilities Preventing Remote Attacks
CVE Vulnerability Alerts
TP-Link Patches Critical Omada Gateway Vulnerabilities Preventing Remote Attacks
October 27, 2025
CoPhish Exploit via Microsoft Copilot OAuth Token Theft Exposes Trusted Domains
Application Security
CoPhish Exploit via Microsoft Copilot: OAuth Token Theft Exposes Trusted Domains
October 27, 2025
GutenKit, Hunk Companion, WP Ghost Exploits Drive New WordPress RCE Surge
Application Security
GutenKit, Hunk Companion, WP Ghost Exploits Drive New WordPress RCE Surge
October 27, 2025
Exploitable Bug in Rust async-tar Library — TARmageddon Gives Attackers RCE
Application Security
Exploitable Bug in Rust async-tar Library — TARmageddon Gives Attackers RCE
October 27, 2025
Critical WSUS Flaw (CVE-2025-61884) Drives Elevated RCE Attacks on Windows Server
CVE Vulnerability Alerts
Critical WSUS Flaw (CVE-2025-61884) Drives Elevated RCE Attacks on Windows Server
October 27, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Microsoft Exchange Online Outage Impacts Outlook Web Users
March 20, 2025
A Microsoft Exchange Online outage severely impacted Outlook on the web users globally, causing login and access issues. Microsoft attributed the problem to a code ...
DollyWay Malware Campaign Compromises 20,000 WordPress Sites
March 20, 2025
The DollyWay malware campaign, active since 2016, has compromised over 20,000 WordPress sites, redirecting users to malicious sites and generating millions of fraudulent impressions monthly.
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
March 20, 2025
WhatsApp has patched a zero-click vulnerability exploited by Paragon spyware, affecting journalists and activists globally, highlighting ongoing cybersecurity challenges.
Ukrainian Military Targeted in New Signal Spear-Phishing Attacks
March 20, 2025
krainian military personnel are facing sophisticated spear-phishing attacks using compromised Signal accounts to deliver Dark Crystal RAT malware. Urgent security updates are needed.
Arcane Infostealer Infects YouTube and Discord Users Through Game Cheats
March 20, 2025
The Arcane infostealer, a new malware, is stealing data from YouTube and Discord users via game cheats, targeting VPNs, messengers, and cryptocurrency wallets. Its sophisticated ...
Pennsylvania Education Union Data Breach Impacts 500,000 Individuals
March 20, 2025
he Pennsylvania State Education Association (PSEA) suffered a data breach exposing the personal information of over 500,000 individuals, including financial and health records. Rhysida ransomware ...
Ransomware Victims on Dark Web – 12th March, 2025
March 20, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 3rd March, 2025
March 20, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Qilin/Agenda Ransomware: The Credential Stealers
March 20, 2025
Overview The Qilin ransomware group, also known as Agenda, is a Russia-based ransomware-as-a-service (RaaS) operation active since at least July 2022. Initially operating under the ...
MegaRAC CVE-2024-54085 Vulnerability: Critical BMC Flaw Threatening Data Centers
March 19, 2025
A newly discovered critical vulnerability (CVE-2024-54085) in AMI’s MegaRAC Baseboard Management Controller (BMC) software puts thousands of servers at risk—including those from HPE, Asus, and ...
California Cryobank Data Breach Exposes Sensitive Customer Information
March 19, 2025
California Cryobank, a major US sperm bank, suffered a data breach exposing customer names, bank details, Social Security numbers, and more. The company is offering ...
GitHub Action Hack May Cause Another Supply Chain Attack
March 19, 2025
A cascading supply chain attack, starting with a GitHub Action hack, exposed CI/CD secrets across 23,000 repositories, highlighting vulnerabilities in third-party code reliance.
Western Alliance Bank Data Breach Impacts 21,899 Customers
March 19, 2025
Western Alliance Bank suffered a data breach impacting 21,899 customers, exposing sensitive personal and financial information due to a third-party vendor's software vulnerability exploited by ...
11 State-Sponsored Hacking Groups Exploit Windows Zero-Day Exploit
March 19, 2025
A critical Windows zero-day exploit, ZDI-CAN-25373, has been exploited by 11 state-sponsored hacking groups since 2017, enabling data theft and espionage. Microsoft initially declined to ...
Microsoft Windows March Update Wipes Out Copilot
March 19, 2025
Microsoft’s latest Windows 10 and 11 updates (KB5053598 and KB5053606) have accidentally uninstalled Copilot, the AI assistant, from some users’ systems—leaving many relieved rather than ...
$6.1 Million Crypto Stolen in WEMIX Hack
March 19, 2025
WEMIX, a blockchain gaming platform, suffered a $6.1 million crypto theft. Hackers stole authentication keys, planning the attack for two months before executing 13 successful ...
The Mirai Botnet: The Infamous DDoS Weapon
March 19, 2025
The Mirai botnet, a notorious piece of malware, launched devastating DDoS attacks in 2016. This blog post delves into its origins, spread, impact, and the ...
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
March 18, 2025
Microsoft discovered StilachiRAT, a new RAT malware using sophisticated techniques to steal cryptocurrency and perform reconnaissance. Its advanced evasion capabilities make proactive defense crucial.
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
March 18, 2025
A supply chain attack on the popular tj-actions/changed-files GitHub Action exposed CI/CD secrets. Attackers compromised a PAT, impacting 23,000 repositories. GitHub has since removed the ...
Critical Apache Tomcat Flaw Actively Exploited in Attacks
March 18, 2025
Critical Apache Tomcat RCE vulnerability (CVE-2025-24813) is actively exploited, allowing attackers to take control of servers via simple PUT requests. Immediate patching is crucial.
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited