Cyber Security
News
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
Cellcom confirms a cyberattack caused week-long service outages across Wisconsin and Michigan, impacting calls and SMS; personal data reportedly not compromised.
News
VanHelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
VanHelsing ransomware's builder and affiliate panel source code leaked after a former developer tried to sell it, prompting the gang to release it themselves.
News
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
Scattered Spider used third-party TCS employee credentials to breach M&S systems, exposing customer data and costing over £1 billion in market value and lost profits. ...
News
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
Fake KeePass installers promoted via Bing ads delivered Cobalt Strike and stole credentials, ultimately leading to ESXi ransomware attacks linked to Black Basta affiliates.
News
TeleMessage Breach Exposes U.S. Government Messaging Data, 410GB Archive Published by DDoSecrets
Hackers exploited a flaw in TeleMessage’s TM SGNL app, exposing U.S. official communications. DDoSecrets published 410GB of chat logs and metadata from the breach.
News
Arla Foods Cyberattack Disrupts German Production Site, Causes Delivery Delays
Arla Foods confirmed a cyberattack at its Upahl production site in Germany, disrupting operations and causing delivery delays. No data theft has been confirmed.
News
O2 Flaw Leaked Customer Geolocation Data to Any Caller
O2 exposed customers’ real-time locations via VoLTE call metadata. A researcher found SIP headers leaking geolocation and device data. The issue is now resolved.
News
Coinbase Insider Breach Exposes Customer Data and Government IDs; $20M Ransom Rejected
Coinbase Insider Breach revealed that rogue support agents aided a cyberattack stealing customer data and government IDs. The attackers demanded $20 million, but Coinbase refused ...
News
Hackers Target VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own Berlin 2025
Researchers at Pwn2Own Berlin 2025 earned $695,000 for exploiting zero-day flaws in VMware ESXi, Microsoft SharePoint, Firefox, and AI platforms.
News
Adidas and Dior Confirm Customer Data Breaches Following Targeted Cyberattacks
Adidas and Dior confirmed data breaches affecting customer information in Korea and China. Both brands reported no financial data exposure and began notifying affected individuals. ...
News
Ransomware Gangs Adopt Skitnet Malware for Post-Exploitation Attacks in Enterprise Environments
Ransomware groups including BlackBasta and Cactus are using Skitnet malware for stealthy post-exploitation in enterprise networks, enabling persistence, data theft, and remote control.
News
Broadcom Employee Data Leaked After Supply Chain Breach at ADP Partner
Broadcom employee data leaked after a ransomware attack on ADP partner Business Systems House. Sensitive files appeared on the dark web, impacting global semiconductor workers. ...
News
SK Telecom Data Breach Exposes Nearly 27 Million SIM Records
SK Telecom suffered a data breach impacting nearly 27 million SIM records, with malware infections across 23 servers and critical personal data left unencrypted.
News
This Week In Cybersecurity: May 12th to 16th, 2025
"This week in cybersecurity highlights significant data breaches, vulnerabilities, and emerging threats impacting various sectors, emphasizing the need for robust security measures."
News
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
A cyberattack on the UK’s Legal Aid Agency exposed personal, financial, and criminal data of applicants dating back to 2010, prompting a full shutdown of ...
News
Ransomware Gangs Exploit SAP NetWeaver Vulnerability in Ongoing Global Attacks
Ransomware groups RansomEXX and BianLian have joined global threat actors exploiting a critical SAP NetWeaver vulnerability, risking full remote system compromise for unpatched servers.
News
OpenAI Testing Model Context Protocol Integration for ChatGPT
OpenAI is testing Model Context Protocol support in ChatGPT, allowing secure access to third-party tools and enterprise platforms for more powerful, contextual task handling.
News
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
Russian-linked hackers exploited XSS flaws in Roundcube, Zimbra, and others to steal government emails globally through a no-click attack dubbed the RoundPress campaign.
News
North Korean Hackers TA406 Target Ukraine to Gauge Russia’s Military Demands
North Korean hackers TA406 target Ukrainian government entities to assess Russia’s war demands, using phishing, PowerShell malware, and credential theft to inform DPRK military strategy. ...
News
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
Bank Street College of Education exposed 500,000+ personal files via a misconfigured AWS bucket, including resumes and contact details. Risk of phishing and ID fraud ...
Ransomware
INC Ransomware: Master of Double Extortion
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
Yes24 Ransomware Attack Disrupts South Korea’s Entertainment Industry, Exposes Millions to Risk
A ransomware attack on Yes24, South Korea’s leading ticket platform, brought services to a halt, disrupted major K-pop events, and triggered fears over customer data ...
Cyberattack Disrupts WestJet Internal Systems, Airline Investigating with Authorities
A cyberattack on Canada’s second-largest airline, WestJet, disrupted internal systems and app access, prompting an ongoing investigation involving law enforcement and transport authorities.
Three CVEs, One Risk: Arbitrary Code Execution in Nessus Agent for Windows
In this episode, we dive deep into one of the most critical attack techniques in modern cyber warfare: privilege escalation—and how it recently hit center ...
WestJet Cyberattack: Cracks in Aviation’s Digital Armor
A major cyberattack has rocked Canada’s second-largest airline, WestJet—crippling internal systems and prompting warnings for customers to monitor their accounts and change passwords. But this ...
Victoria’s Secret Restores Critical Systems Following Cyberattack That Delayed Q1 Earnings
Victoria’s Secret confirms full restoration of core systems after a May cyberattack disrupted corporate operations and forced a delay in the company’s Q1 earnings release. ...
Over 46,000 Grafana Instances Still Vulnerable to ‘Grafana Ghost’ Account Takeover Bug
A critical vulnerability in Grafana leaves over 46,000 internet-facing instances exposed to account hijacking and JavaScript injection through malicious plugin redirects.
Silent Surveillance: The Hidden Risks in 40,000+ Unsecured Cameras
In this episode, we dig into a disturbing yet underreported national security threat: the exploitation of internet-connected surveillance cameras—especially those manufactured in the People’s Republic ...
Paragon’s Promise vs. Reality: How Graphite Is Being Used Against Journalists and Activists
In this episode, we dive deep into the alarming revelations surrounding Graphite, a powerful spyware tool developed by Israeli firm Paragon Solutions. Promoted as a ...
zeroRISC Secures $10M to Commercialize OpenTitan and Reinvent Supply Chain Security
zeroRISC just raised $10 million to bring OpenTitan—the first open-source silicon Root of Trust—to market. In this episode, we break down what this funding means ...
Fog, RedFox, and the Rise of Silent Intruders: Cyberattacks Surge Against Financial Institutions
The financial services industry is under siege. In this episode, we unpack the latest findings from Radware’s 2025 Financial Threat Analysis and multiple intelligence reports ...
9.8 Severity and Counting: Inside Trend Micro’s Latest Security Emergency
In this episode, we break down Trend Micro’s urgent June 10th security update that patched ten high- and critical-severity vulnerabilities—some with CVSSv3.1 scores as high ...
Zero-Day in the Call Center: Mitel MiCollab Exploited in Active Attacks
In this episode, we dissect the critical vulnerabilities plaguing Mitel MiCollab, a widely used unified communications platform, and explore how attackers are exploiting these flaws ...
Graphite Spyware Used in Zero-Click iOS Attacks on European Journalists
Citizen Lab confirms Paragon’s Graphite spyware exploited an iOS zero-day to launch zero-click attacks on European journalists through iMessage without any user interaction.
Password-Spraying Campaign Hits Over 80,000 Microsoft Entra ID Accounts with TeamFiltration Tool
Threat actor UNK_SneakyStrike used TeamFiltration to launch password-spraying attacks on over 80,000 Microsoft Entra ID accounts across hundreds of global organizations.
The Info-Stealer Sting: A Deep Dive into INTERPOL’s Operation Secure
Join us for a gripping discussion on “Operation Secure,” a landmark international crackdown that reverberated through the dark corners of the cybercriminal world between January ...
Hackers Claim 64 Million T-Mobile Records Leaked Online
Hackers claim to have leaked 64 million T-Mobile records online, including sensitive personal and device data. The breach may contain new data unseen in past ...
Qilin Ransomware Claims Asefa Attack: 210GB of Data Leaked Including FC Barcelona Insurance Files
Qilin ransomware group claims to have stolen 210GB of sensitive data from Spanish insurer Asefa, including internal documents and a Camp Nou insurance plan.
Spyware Scandal Expands as Second Italian Journalist Targeted with Paragon Surveillance Tool
Citizen Lab confirms Paragon spyware targeted a second journalist at Fanpage, deepening Italy’s political surveillance controversy and raising new concerns over investigative oversight.
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
Scattered Spider service desk attacks exploit social engineering to bypass security, targeting help desks for credential access. Learn defense strategies using open-source tools and training. ...
Food Delivery App GonnaOrder Leaked Customer Names, Addresses, and Order Info for Nearly Two Years
A misconfigured Kafka Broker on GonnaOrder’s platform exposed customer names, phone numbers, and delivery details across Europe from August 2022 to May 2025.