Main Menu
Cyber Security
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
System Intrusions Surge Across EMEA, Verizon DBIR Warns
News
System Intrusions Surge Across EMEA, Verizon DBIR Warns
Andrew Doyle April 24, 2025
System intrusion breaches in EMEA doubled to 53% in one year, according to Verizon’s 2025 DBIR, as internal threats and third-party involvement surged globally.
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
News
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
Andrew Doyle April 24, 2025
A record-breaking 1.33 million-device botnet has driven a 110% surge in DDoS attacks in Q1 2025, targeting fintech, e-commerce, and telecom sectors.
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
News
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
Andrew Doyle April 24, 2025
A data breach at Yale New Haven Health exposed personal details of 5.5 million patients, with names, SSNs, and medical IDs among the data stolen. ...
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
News
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
Mitchell Langley April 24, 2025
Blue Shield of California disclosed a data breach impacting 4.7 million members after misconfigured Google Analytics exposed protected health information to Google Ads platforms.
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
News
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
Mitchell Langley April 24, 2025
Cybercrime losses in the U.S. hit $16.6 billion in 2024, with older adults and businesses suffering the most, according to new FBI complaint data.
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
News
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
Mitchell Langley April 23, 2025
Marks & Spencer confirms a cyberattack disrupting services, leading to delayed orders and affecting contactless payments, while assuring customers of ongoing efforts to resolve the ...
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Cybersecurity
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Andrew Doyle April 23, 2025
Varonis researchers reveal Cookie-Bite, a proof-of-concept Chrome extension attack that steals Azure Entra ID session cookies to bypass MFA and access Microsoft 365 services.
SK Telecom Malware Incident Targets USIM Customer Data
News
SK Telecom Malware Incident Targets USIM Customer Data
Andrew Doyle April 23, 2025
SK Telecom has disclosed a malware attack that exposed sensitive USIM data, prompting swift containment, investigation, and enhanced security measures for its 34 million subscribers. ...
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
News
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
Mitchell Langley April 23, 2025
Baltimore City Public Schools confirms 25,000 people were impacted by a February ransomware attack that exposed sensitive employee and student information, including identification documents.
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
News
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
Andrew Doyle April 23, 2025
A zero-day flaw in Active! Mail is under active exploitation in Japan, affecting major providers and exposing data across enterprise, education, and government sectors.
Ad Fraud Operation 'Scallywag' Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Cybersecurity
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Mitchell Langley April 22, 2025
The Scallywag ad fraud network used WordPress plugins to generate 1.4 billion daily ad requests, monetizing piracy and redirect sites before being dismantled.
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Cybersecurity
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Gabby Lee April 22, 2025
The FBI warns of a scam where criminals impersonate IC3 officials, targeting prior fraud victims with false promises of fund recovery to steal financial information. ...
Abilene, Texas Shuts Down City Systems Following Cyberattack
News
Abilene, Texas Shuts Down City Systems Following Cyberattack
Mitchell Langley April 22, 2025
Abilene, Texas has taken key systems offline after a cyberattack. City services are disrupted but emergency response remains intact. Investigation and recovery efforts continue.
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
News
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
Mitchell Langley April 22, 2025
Google confirms a phishing campaign targeting Gmail users that abused DKIM and Google Sites to send spoofed legal requests and steal user credentials undetected.
Imaflex Inc. Data Breach Exposes Personal and Employment Data
News
Imaflex Inc. Data Breach Exposes Personal and Employment Data
Andrew Doyle April 22, 2025
Imaflex Inc. Data Breach Exposes Personal and Employment Data: Legal Investigation Underway Imaflex Inc. has disclosed a data breach that exposed sensitive personal and employment-related ...
This Week In Cybersecurity: 03rd March to 07th March
Cybersecurity Newsletter
This Week In Cybersecurity: March 3rd to 7th, 2025
Gabby Lee April 21, 2025
This Week in Cybersecurity: Data Breaches, Ransomware, Threat Actors, Ransomware Protection and more!
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
MGM Resorts to Pay $45 Million in Data Breach Settlement Covering 2019 and 2023 Incidents
News
MGM Resorts to Pay $45 Million in Data Breach Settlement Covering 2019 and 2023 Incidents
Mitchell Langley April 21, 2025
MGM Resorts will pay $45 million to settle a lawsuit over data breaches in 2019 and 2023, offering up to $75 per affected individual.
Attackers Abuse Google OAuth in Sophisticated DKIM Replay Phishing Scheme
News
Attackers Abuse Google OAuth in Sophisticated DKIM Replay Phishing Scheme
Andrew Doyle April 21, 2025
Attackers exploited Google’s OAuth and DKIM signing process to send phishing emails that appeared authentic, bypassing traditional security checks and targeting unsuspecting recipients.
New Android Malware 'SuperCard X' Enables NFC Relay Attacks for Payment Card Theft
News
New Android Malware ‘SuperCard X’ Enables NFC Relay Attacks for Payment Card Theft
Mitchell Langley April 21, 2025
A new Android malware called SuperCard X enables NFC relay attacks by stealing card data via fake banking support calls and emulating it on attacker ...
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
Gabby Lee June 10, 2025
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025

TOP CYBERSECURITY HEADLINES

Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
News
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
News
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
News
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
News
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach

SECURITYWEEK INDUSTRY EXPERTS

170K-Record Database Exposes Unencrypted PII from Real Estate Sector
News
170K-Record Database Exposes Unencrypted PII from Real Estate Sector
Andrew Doyle June 24, 2025
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
News
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
Mitchell Langley June 24, 2025
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
News
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
Mitchell Langley June 24, 2025
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
News
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
Mitchell Langley June 24, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Paragon’s Promise vs. Reality: How Graphite Is Being Used Against Journalists and Activists
June 15, 2025
Podcasts
zeroRISC Secures $10M to Commercialize OpenTitan and Reinvent Supply Chain Security
June 14, 2025
Podcasts
Fog, RedFox, and the Rise of Silent Intruders: Cyberattacks Surge Against Financial Institutions
June 14, 2025

Cyber Security News

HeptaX Cyberattack: A Deep Dive into the Multi-Stage RDP Exploitation Targeting Enterprises
Application Security
HeptaX Cyberattack: A Deep Dive into the Multi-Stage RDP Exploitation Targeting Enterprises
November 21, 2024
Manufacturers Under Cyberattack An Unprecedented Enterprise Cyberthreat
Blog
Manufacturers Under Cyberattack: An Unprecedented Enterprise Cyberthreat
November 19, 2024
This Week In Cybersecurity: 11th November to 15th November
Cybersecurity
This Week In Cybersecurity: 11th November to 15th November
November 16, 2024
₹2,000 Crore WazirX Cyberattack Culprit Arrested
Cybersecurity
₹2,000 Crore WazirX Cyberattack Culprit Arrested
November 14, 2024
Singtel Data Breach: Volt Typhoon's Test Run Before Targeting US Telecoms
Cybersecurity
Singtel Data Breach: Volt Typhoon’s Test Run Before Targeting US Telecoms
November 6, 2024
Blog
How the Dark Web Has Fueled the 32% Rise in Healthcare Cyberattacks
November 4, 2024
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Tesco, Aldi Supplier Peter Green Chilled Hit by Ransomware, Disrupting UK Retail Supply Chains
May 21, 2025
UK logistics firm Peter Green Chilled suffered a ransomware attack, disrupting deliveries for Tesco, Aldi, and Sainsbury’s amid a rising wave of supply chain cyberattacks. ...
SK Telecom Malware Breach Lasted 3 Years, Exposed 27 Million Phone Numbers
May 21, 2025
SK Telecom’s malware breach exposed 27 million phone numbers over three years via a supply chain attack targeting its security affiliate SK Shieldus.
PowerSchool Hacker Pleads Guilty to Student Data Extortion Scheme
May 21, 2025
A 19-year-old hacker has pleaded guilty to breaching PowerSchool and extorting millions by threatening to leak sensitive data on over 71 million students and teachers. ...
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
May 21, 2025
Cellcom confirms a cyberattack caused week-long service outages across Wisconsin and Michigan, impacting calls and SMS; personal data reportedly not compromised.
VanHelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
May 21, 2025
VanHelsing ransomware's builder and affiliate panel source code leaked after a former developer tried to sell it, prompting the gang to release it themselves.
Arla Foods Upahl Site Hit by Cyberattack—What It Means for Food Supply Chains
May 20, 2025
In May 2025, a cyberattack disrupted operations at Arla Foods’ major dairy facility in Upahl, Germany—halting skyr production, impacting local IT systems, and forcing product ...
Bypassing Antivirus: What Defendnot Reveals About the Weak Spots in Windows Security
May 20, 2025
In this episode, we dissect one of the most advanced Windows security evasion tools released in recent memory: Defendnot. Designed to exploit undocumented Windows Security ...
BreachRx Raises $15M to Automate the Chaos of Incident Response
May 20, 2025
In this episode, we dive into BreachRx’s $15 million Series A raise — and what it means for the future of enterprise cybersecurity incident response. ...
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
May 20, 2025
Scattered Spider used third-party TCS employee credentials to breach M&S systems, exposing customer data and costing over £1 billion in market value and lost profits. ...
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
May 20, 2025
Fake KeePass installers promoted via Bing ads delivered Cobalt Strike and stole credentials, ultimately leading to ESXi ransomware attacks linked to Black Basta affiliates.
TeleMessage Breach Exposes U.S. Government Messaging Data, 410GB Archive Published by DDoSecrets
May 20, 2025
Hackers exploited a flaw in TeleMessage’s TM SGNL app, exposing U.S. official communications. DDoSecrets published 410GB of chat logs and metadata from the breach.
Arla Foods Cyberattack Disrupts German Production Site, Causes Delivery Delays
May 20, 2025
Arla Foods confirmed a cyberattack at its Upahl production site in Germany, disrupting operations and causing delivery delays. No data theft has been confirmed.
O2 Flaw Leaked Customer Geolocation Data to Any Caller
May 20, 2025
O2 exposed customers’ real-time locations via VoLTE call metadata. A researcher found SIP headers leaking geolocation and device data. The issue is now resolved.
110,000+ Records Compromised: The NRS Cybersecurity Failure
May 19, 2025
In this episode, we unpack the 2024 cybersecurity incident that rocked the debt collection and healthcare sectors: the massive data breach at Nationwide Recovery Services ...
Coinbase Insider Breach Exposes Customer Data and Government IDs; $20M Ransom Rejected
May 19, 2025
Coinbase Insider Breach revealed that rogue support agents aided a cyberattack stealing customer data and government IDs. The attackers demanded $20 million, but Coinbase refused ...
Hackers Target VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own Berlin 2025
May 19, 2025
Researchers at Pwn2Own Berlin 2025 earned $695,000 for exploiting zero-day flaws in VMware ESXi, Microsoft SharePoint, Firefox, and AI platforms.
Adidas and Dior Confirm Customer Data Breaches Following Targeted Cyberattacks
May 19, 2025
Adidas and Dior confirmed data breaches affecting customer information in Korea and China. Both brands reported no financial data exposure and began notifying affected individuals. ...
CISA Flags Chrome Vulnerability CVE-2025-4664: Patch Before June 5th
May 19, 2025
In this episode, we break down the recently discovered and actively exploited Chrome vulnerability CVE-2025-4664—a high-severity flaw stemming from insufficient policy enforcement in Chrome’s Loader ...
Ransomware Gangs Adopt Skitnet Malware for Post-Exploitation Attacks in Enterprise Environments
May 19, 2025
Ransomware groups including BlackBasta and Cactus are using Skitnet malware for stealthy post-exploitation in enterprise networks, enabling persistence, data theft, and remote control.
How Can I Protect Myself from the M&S Cyberattack?
May 19, 2025
Marks & Spencer suffered a data breach. Here’s how customers can protect themselves from phishing, fraud, and future attacks using simple, actionable online safety tips. ...
170K-Record Database Exposes Unencrypted PII from Real Estate Sector
NeuralTrust’s Echo Chamber: The AI Jailbreak That Slipped Through the Cracks
AT&T, Verizon, and Beyond: How Salt Typhoon Targets Global Telcos
Anubis Ransomware: A Destructive, Cross-Platform Threat
Fake Microsoft, Netflix, & Apple Support: The Scam Lurking in Google Search
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
From Malware to Court: Qilin Ransomware’s ‘Call a Lawyer’ Tactic
Zero-Click, Zero-Warning: The FreeType Flaw Behind a Spyware Surge
The Insurance Industry Under Fire: Anatomy of the Aflac Cyber Incident
The Nucor Cyberattack: How Ransomware Threatens American Steel
Inside the $225M Crypto Seizure: How Law Enforcement Traced Illicit Funds Across Borders