Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Navigating the Challenges of Fileless Malware in Cybersecurity
Blog
Navigating the Challenges of Fileless Malware in Cybersecurity
Gabby Lee January 7, 2026
Fileless malware poses a significant challenge by leveraging existing tools within environments instead of standard files, making detection difficult for cybersecurity teams.
Microsoft Acknowledges Issues With Outlook Encryption Feature
Application Security
Microsoft Acknowledges Issues With Outlook Encryption Feature
Mitchell Langley January 7, 2026
A flaw in classic Outlook prevents users from opening encrypted emails, affecting security and efficiency. Microsoft outlines the known issue tied to this encryption feature, ...
Stalkerware Vendor's Guilty Plea A Rare Legal Victory in Consumer Spyware Prosecution
Cybersecurity
Stalkerware Vendor’s Guilty Plea: A Rare Legal Victory in Consumer Spyware Prosecution
Gabby Lee January 7, 2026
A significant legal breakthrough marks only the second successful prosecution of a consumer spyware vendor in over ten years by the US government, revealing complex ...
The Influence of Security Advice and Accountability in Cybersecurity
Blog
The Influence of Security Advice and Accountability in Cybersecurity
Andrew Doyle January 7, 2026
Security advice can often have minimal real-world consequences for those who deliver it but are not involved in its application. Understanding how accountability and responsibility ...
Chrome Extensions Masquerading as AITOPIA Pose Risk
Application Security
Chrome Extensions Masquerading as AITOPIA Pose Risk
Mitchell Langley January 7, 2026
Security analysts identified two harmful Chrome extensions, downloaded 900,000 times, masquerading as legitimate AITOPIA tools. These extensions extracted users' browser activity and personal data. Google’s ...
Microsoft Alters Exchange Online User Email Limitations After Customer Pushback
Cybersecurity
Microsoft Alters Exchange Online User Email Limitations After Customer Pushback
Mitchell Langley January 7, 2026
Microsoft has postponed its intended changes to Exchange Online, initially meant to restrict email recipients per message, following feedback from customers displeased by the limitations ...
European Space Agency Confronts Repeated Data Breaches with Legal Action
Data Security
European Space Agency Confronts Repeated Data Breaches with Legal Action
Gabby Lee January 7, 2026
A second major data breach in two weeks has put the European Space Agency in the midst of a cybersecurity crisis, prompting legal action. The ...
Generative AI Elevates Active Directory Password Attacks
Identity and Access Management
Generative AI Elevates Active Directory Password Attacks
Andrew Doyle January 7, 2026
Generative AI is revolutionizing password attacks on Active Directory, utilizing advanced algorithms to exploit weak passwords. Specops Software highlights how AI-driven techniques are increasing the ...
Phishers Pose as Booking.com to Compromise European Hotels
News
Phishers Pose as Booking.com to Compromise European Hotels
Mitchell Langley January 7, 2026
In a newly identified cybersecurity threat, attackers are imitating Booking.com to infiltrate European hotels. Employees are manipulated into installing malware under the guise of handling ...
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
News
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
Gabby Lee January 7, 2026
In an effort to better understand new hacking techniques, researchers have deployed honeypots—a deceptive cybersecurity strategy—to lure attackers from the Scattered Lapsus$ group. These controlled ...
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Cybersecurity
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Andrew Doyle January 7, 2026
A critical flaw in TOTOLINK EX200 allows remote attackers full control. Tracked as CVE-2025-65606, the vulnerability presents significant risks for users.
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Application Security
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Mitchell Langley January 7, 2026
Cybersecurity experts have discovered browser extensions that secretly exfiltrate conversations and browsing activities from ChatGPT and DeepSeek, exposing users to potential data compromises. Over 900,000 ...
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Cybersecurity
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Gabby Lee January 6, 2026
Google's latest Android security patch addresses the critical Dolby audio decoder vulnerability, CVE-2025-54957, originally discovered in October 2025. The issue was initially resolved in December ...
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
Endpoint Security
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
Andrew Doyle January 6, 2026
Threat actors have been exploiting a command injection vulnerability identified in out-of-support D-Link DSL router models. The flaw allows remote execution of malicious commands, compromising ...
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
Application Security
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
Mitchell Langley January 6, 2026
NordVPN denied allegations of a breach on its Salesforce development servers, clarifying that the accessed data was from a third-party test platform's dummy data.
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Cybersecurity
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Mitchell Langley January 6, 2026
The CISA KEV catalog now logs 1,484 vulnerabilities, after adding 24 new entries tied to ransomware exploits, signaling significant cybersecurity challenges.
Kimwolf Botnet A New Threat to Millions of Android Devices
Cybersecurity
Kimwolf Botnet: A New Threat to Millions of Android Devices
Gabby Lee January 6, 2026
The Kimwolf botnet has infected more than 2 million Android devices, using residential proxy networks to evade detection. Researchers warn its tactics mirror the Aisuru ...
Ledger Breach Due to Global-e Attack Compromises Customer Data
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Andrew Doyle January 6, 2026
Ledger informs about data breach from Global-e compromise, affecting customer information and highlighting third-party vulnerabilities.
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Application Security
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Gabby Lee January 6, 2026
Russia-aligned threat actor UAC-0184 employs Viber messaging platform, delivering malicious ZIP archives aimed at the Ukrainian military and government sectors, marking persistent intelligence activities in ...
Cybersecurity Operation Snares Former ShinyHunters Member
News
Cybersecurity Operation Snares Former ShinyHunters Member
Andrew Doyle January 6, 2026
The Scattered Lapsus$ Hunters were caught in a cybersecurity sting, resulting in a subpoena for a former ShinyHunters member accused of data theft.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Microsoft Blunts “Vanilla Tempest”: 200 Malicious Certificates Revoked
October 17, 2025
Podcasts
The “Shotgun” Botnet: How RondoDox Hijacks Routers, Cameras, and Servers Worldwide
October 13, 2025
Podcasts
“Inflation Refund” Scam: How Fraudsters Are Stealing Identities Through Texts
October 13, 2025

Cyber Security News

Microsoft's Out-of-Band Updates Resolve Microsoft Outlook Issue With Cloud-Hosted PST Files
Application Security
Microsoft’s Out-of-Band Updates Resolve Microsoft Outlook Issue With Cloud-Hosted PST Files
January 28, 2026
Windows 11 Boot Failures After Patch Tuesday Updates
Application Security
Windows 11 Boot Failures After Patch Tuesday Updates
January 28, 2026
US Cybersecurity Agency Opts Out of RSA Conference While Jen Easterly Plans Attendance
Cybersecurity
US Cybersecurity Agency Opts Out of RSA Conference While Jen Easterly Plans Attendance
January 28, 2026
UK Home Office Invests Heavily in Tech to Mitigate Channel Immigration Challenges
Cybersecurity
UK Home Office Invests Heavily in Tech to Mitigate Channel Immigration Challenges
January 28, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
January 28, 2026
Major Cyber Assault by Sandworm Against Poland's Grid Averted
Cybersecurity
Major Cyber Assault by Sandworm Against Poland’s Grid Averted
January 28, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
The Influence of Security Advice and Accountability in Cybersecurity
January 7, 2026
Security advice can often have minimal real-world consequences for those who deliver it but are not involved in its application. Understanding how accountability and responsibility ...
Chrome Extensions Masquerading as AITOPIA Pose Risk
January 7, 2026
Security analysts identified two harmful Chrome extensions, downloaded 900,000 times, masquerading as legitimate AITOPIA tools. These extensions extracted users' browser activity and personal data. Google’s ...
Microsoft Alters Exchange Online User Email Limitations After Customer Pushback
January 7, 2026
Microsoft has postponed its intended changes to Exchange Online, initially meant to restrict email recipients per message, following feedback from customers displeased by the limitations ...
European Space Agency Confronts Repeated Data Breaches with Legal Action
January 7, 2026
A second major data breach in two weeks has put the European Space Agency in the midst of a cybersecurity crisis, prompting legal action. The ...
Generative AI Elevates Active Directory Password Attacks
January 7, 2026
Generative AI is revolutionizing password attacks on Active Directory, utilizing advanced algorithms to exploit weak passwords. Specops Software highlights how AI-driven techniques are increasing the ...
Phishers Pose as Booking.com to Compromise European Hotels
January 7, 2026
In a newly identified cybersecurity threat, attackers are imitating Booking.com to infiltrate European hotels. Employees are manipulated into installing malware under the guise of handling ...
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
January 7, 2026
In an effort to better understand new hacking techniques, researchers have deployed honeypots—a deceptive cybersecurity strategy—to lure attackers from the Scattered Lapsus$ group. These controlled ...
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
January 7, 2026
A critical flaw in TOTOLINK EX200 allows remote attackers full control. Tracked as CVE-2025-65606, the vulnerability presents significant risks for users.
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
January 7, 2026
Cybersecurity experts have discovered browser extensions that secretly exfiltrate conversations and browsing activities from ChatGPT and DeepSeek, exposing users to potential data compromises. Over 900,000 ...
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
January 6, 2026
Google's latest Android security patch addresses the critical Dolby audio decoder vulnerability, CVE-2025-54957, originally discovered in October 2025. The issue was initially resolved in December ...
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
January 6, 2026
Threat actors have been exploiting a command injection vulnerability identified in out-of-support D-Link DSL router models. The flaw allows remote execution of malicious commands, compromising ...
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
January 6, 2026
NordVPN denied allegations of a breach on its Salesforce development servers, clarifying that the accessed data was from a third-party test platform's dummy data.
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
January 6, 2026
The CISA KEV catalog now logs 1,484 vulnerabilities, after adding 24 new entries tied to ransomware exploits, signaling significant cybersecurity challenges.
Kimwolf Botnet: A New Threat to Millions of Android Devices
January 6, 2026
The Kimwolf botnet has infected more than 2 million Android devices, using residential proxy networks to evade detection. Researchers warn its tactics mirror the Aisuru ...
Ledger Breach Due to Global-e Attack Compromises Customer Data
January 6, 2026
Ledger informs about data breach from Global-e compromise, affecting customer information and highlighting third-party vulnerabilities.
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
January 6, 2026
Russia-aligned threat actor UAC-0184 employs Viber messaging platform, delivering malicious ZIP archives aimed at the Ukrainian military and government sectors, marking persistent intelligence activities in ...
Cybersecurity Operation Snares Former ShinyHunters Member
January 6, 2026
The Scattered Lapsus$ Hunters were caught in a cybersecurity sting, resulting in a subpoena for a former ShinyHunters member accused of data theft.
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
January 6, 2026
Hackers have targeted a file transfer system used by Sedgwick’s government-focused subsidiary. This breach raises concerns about the security of sensitive data managed by government ...
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
January 6, 2026
A substantial data breach at Brightspeed has been claimed by the hacking group Crimson Collective. They assert responsibility for stealing personal information from over one ...
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
January 6, 2026
The Trump administration has lifted sanctions on three individuals linked to the Intellexa spyware consortium. This consortium is associated with the Predator surveillance tool, leading ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited