Cyber Security
News
Port of Seattle Ransomware Attack Impacts 90,000 Individuals
A ransomware attack on the Port of Seattle exposed the personal data of 90,000 individuals. The Rhysida ransomware group was responsible, and the Port refused ...
News
CISA Warns of Fast Flux DNS Evasion Used by Cybercrime Gangs
CISA warns of Fast Flux DNS evasion, a technique used by cybercrime gangs to mask malicious activity by rapidly changing DNS records, making detection and ...
Blog
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The IT world is constantly changing, and so are the frameworks that govern it. This blog post delves into the significant differences between COBIT 5 ...
News
Texas State Bar Data Breach: INC Ransomware Gang Claims Responsibility
The Texas State Bar suffered a data breach between January 28 and February 9, 2025, with the INC ransomware gang claiming responsibility and leaking stolen ...
News
GitHub Supply Chain Attack Traced to Leaked SpotBugs Token
A devastating GitHub supply chain attack, targeting Coinbase, stemmed from a leaked SpotBugs token, exposing secrets in 218 repositories and highlighting critical vulnerabilities in open-source ...
News
Oracle Cloud Breach Confirmed, Data Theft Impacts Legacy Systems
Oracle confirms a data breach impacting its legacy Oracle Cloud Classic system, resulting in the theft of client credentials. Investigations are underway, but the company's ...
News
$500,000 Lost in Australian Superannuation Fund Data Breach
Major Australian superannuation funds experienced a data breach, resulting in $500,000 in losses and impacting thousands of members via a credential stuffing attack.
News
Hunters International Shifts to Data Extortion and Rebrands as World Leaks
Hunters International, a notorious ransomware operation, has rebranded as World Leaks, shifting its focus to data extortion.
Resources
KillSec: Hacktivists Turned RaaS Syndicate
KillSec, a Russia-linked RaaS group, targets healthcare and finance, leveraging OSINT and affiliates for extortion, showing a preference for Asian victims over Western ones.
CVE Vulnerability Alerts
CVE Vulnerability Alerts – 18th March, 2025
This post summarizes various vulnerabilities from recent CVE alerts that could potentially be exploited by malicious actors. Each entry includes brief information on the vulnerability, ...
Blog
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
The cost of data breach is skyrocketing. This in-depth analysis reveals the staggering financial impact and strategies for mitigation. Learn more.
Cybersecurity
ChatGPT is Down Worldwide Impacting Millions
Global ChatGPT outage caused widespread disruption, displaying a "Something went wrong" error. OpenAI acknowledged the problem and implemented a fix.
News
Royal Mail Data Breach: No Operational Impact Reported
Royal Mail investigates a data breach involving third-party supplier Spectos GmbH. Over 144GB of data, including customer PII, was leaked; however, Royal Mail operations remain ...
News
Triada Malware Preloaded on Counterfeit Android Devices
Counterfeit Android phones are infecting users with Triada malware pre-installed in the firmware, stealing data and cryptocurrency. This supply chain attack highlights the risks of ...
News
Urgent Security Alert: Exploited CSLU Backdoor Threatens Cisco Systems
Exploited Cisco CSLU backdoor admin account enables unauthorized access and control. Immediate patching is critical to prevent attacks.
News
SimonMed Imaging Confirms Cybersecurity Breach in January 2025
SimonMed Imaging confirmed a cybersecurity breach in January 2025, exposing patient data through a vendor, prompting investigations, security upgrades, and at least one class-action lawsuit. ...
News
173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach
Chord Specialty Dental Partners reports a data breach impacting 173,000 patients, exposing personal and health data, and offering free credit monitoring services to affected individuals. ...
News
openSNP to Shut Down: Genetic Data Privacy Concerns Lead to Platform Closure
openSNP, a genetic data sharing platform, will close and delete all data on April 30th due to escalating privacy concerns and the risk of government ...
News
RedCurl Cyberespionage Group Deploys Ransomware Targeting Hyper-V
RedCurl, a known cyberespionage group, has deployed QWCrypt ransomware targeting Hyper-V servers, marking a significant shift in their tactics and raising concerns about their motivations.
News
Garden of Life Faces Three Class-Action Lawsuits Following Data Breach
Garden of Life faces three class-action lawsuits after a data breach exposed customer payment card information, alleging negligence and inadequate data security.
TOP CYBERSECURITY HEADLINES
Cybersecurity
Microsoft Disrupts Fox Tempest Malware-Signing Service
Cybersecurity
B1ack’s Stash Releases 4.6M Stolen Credit Cards Free
Application Security
Nx Console VS Code Extension Poisoned to Steal 1Password, AWS Keys
This Week’s Security Spotlight
Application Security
Drupal Issues Highly Critical Patch, Exploits Expected Within Hours
Application Security
SAP S/4HANA SQL Injection CVE-2026-34260 Rated CVSS 9.6
CVE Vulnerability Alerts
Dell DSA-2026-047: CVSS 9.8 Hard-Coded Credentials in ECS Storage
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
A ransomware attack forced Germany’s century-old napkin manufacturer Fasana into insolvency, halting production, delaying salaries, and causing losses over €2 million in two weeks.
Google’s $32B Bid for Wiz Faces DOJ Fire: A Cloud Security Power Play or Market Grab?
In this episode, we break down the seismic implications of Google’s proposed $32 billion acquisition of Wiz, the world’s largest cybersecurity unicorn—and why this isn’t ...
SimpleHelp Exploit Fallout: Ransomware Hits Utility Billing Platforms
In this critical episode, we dive into the alarming exploitation of CVE-2024-57727, a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software actively leveraged by ...
TeamFiltration and Token Theft: The Cyber Campaign Microsoft Never Saw Coming
In this episode, we dissect UNK_SneakyStrike—a major account takeover campaign targeting Microsoft Entra ID users with precision and scale. Tracked by Proofpoint, this campaign began ...
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
Hackers have claimed to leak a database containing 64 million records linked to T-Mobile, one of the largest mobile carriers in the U.S. The data ...
Debt Collection Breach at CCC Exposes Data of Over 9 Million Americans
A cyberattack on Credit Control Corporation exposed data of 9.1 million Americans, including personal and financial records. Attackers may exploit the information for targeted scams. ...
Yes24 Ransomware Attack Disrupts South Korea’s Entertainment Industry, Exposes Millions to Risk
A ransomware attack on Yes24, South Korea’s leading ticket platform, brought services to a halt, disrupted major K-pop events, and triggered fears over customer data ...
Cyberattack Disrupts WestJet Internal Systems, Airline Investigating with Authorities
A cyberattack on Canada’s second-largest airline, WestJet, disrupted internal systems and app access, prompting an ongoing investigation involving law enforcement and transport authorities.
Three CVEs, One Risk: Arbitrary Code Execution in Nessus Agent for Windows
In this episode, we dive deep into one of the most critical attack techniques in modern cyber warfare: privilege escalation—and how it recently hit center ...
WestJet Cyberattack: Cracks in Aviation’s Digital Armor
A major cyberattack has rocked Canada’s second-largest airline, WestJet—crippling internal systems and prompting warnings for customers to monitor their accounts and change passwords. But this ...
Victoria’s Secret Restores Critical Systems Following Cyberattack That Delayed Q1 Earnings
Victoria’s Secret confirms full restoration of core systems after a May cyberattack disrupted corporate operations and forced a delay in the company’s Q1 earnings release. ...
Over 46,000 Grafana Instances Still Vulnerable to ‘Grafana Ghost’ Account Takeover Bug
A critical vulnerability in Grafana leaves over 46,000 internet-facing instances exposed to account hijacking and JavaScript injection through malicious plugin redirects.
Silent Surveillance: The Hidden Risks in 40,000+ Unsecured Cameras
In this episode, we dig into a disturbing yet underreported national security threat: the exploitation of internet-connected surveillance cameras—especially those manufactured in the People’s Republic ...
Paragon’s Promise vs. Reality: How Graphite Is Being Used Against Journalists and Activists
In this episode, we dive deep into the alarming revelations surrounding Graphite, a powerful spyware tool developed by Israeli firm Paragon Solutions. Promoted as a ...
zeroRISC Secures $10M to Commercialize OpenTitan and Reinvent Supply Chain Security
zeroRISC just raised $10 million to bring OpenTitan—the first open-source silicon Root of Trust—to market. In this episode, we break down what this funding means ...
Fog, RedFox, and the Rise of Silent Intruders: Cyberattacks Surge Against Financial Institutions
The financial services industry is under siege. In this episode, we unpack the latest findings from Radware’s 2025 Financial Threat Analysis and multiple intelligence reports ...
9.8 Severity and Counting: Inside Trend Micro’s Latest Security Emergency
In this episode, we break down Trend Micro’s urgent June 10th security update that patched ten high- and critical-severity vulnerabilities—some with CVSSv3.1 scores as high ...
Zero-Day in the Call Center: Mitel MiCollab Exploited in Active Attacks
In this episode, we dissect the critical vulnerabilities plaguing Mitel MiCollab, a widely used unified communications platform, and explore how attackers are exploiting these flaws ...
Graphite Spyware Used in Zero-Click iOS Attacks on European Journalists
Citizen Lab confirms Paragon’s Graphite spyware exploited an iOS zero-day to launch zero-click attacks on European journalists through iMessage without any user interaction.
Password-Spraying Campaign Hits Over 80,000 Microsoft Entra ID Accounts with TeamFiltration Tool
Threat actor UNK_SneakyStrike used TeamFiltration to launch password-spraying attacks on over 80,000 Microsoft Entra ID accounts across hundreds of global organizations.