Cyber Security
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
Virginia Contractor Convicted for Destroying Federal Databases
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Two Americans Jailed for Running North Korean IT Worker Laptop Farms
GothFerrari Gets 6.5 Years for $250M Crypto Home-Invasion Theft Ring
DAEMON Tools Build Breach Spread Three-Stage Backdoor for 27 Days
PamDOORa Linux PAM Backdoor Sold for $1,600, Grants Covert SSH Access
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Trend Micro: QLNX Implant Targets Developers for Supply Chain Attacks
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
FTC Bans Data Broker Kochava from Selling Americans Location Data
Apache CVE-2026-23918 Enables DoS and RCE in HTTP/2 — Patch to 2.4.67
China-Linked UAT-8302 Targets Governments in South America and Europe
Karakurt Negotiator Gets 8.5 Years in First U.S. Conviction
Microsoft: AiTM Phishing Hit 35,000 Users in 26 Countries
Palo Alto CVE-2026-0300 Under Active Attack — Patch Due May 13
cPanel CVE-2026-41940 Exploited Within 24 Hours, Ransomware Deployed
Kaspersky: DAEMON Tools Backdoored in Supply Chain Attack
ShinyHunters Claims 280 Million Canvas Records Lifted from Instructure
MOVEit Is Back in the Crosshairs: CVSS 9.8 Flaw in Automation
HR Emails Are the New Phishing Bait — And MFA Won’t Save You
SimpleHelp and ScreenConnect: The IT Tools That Became a Backdoor
Microsoft and OpenAI Investigate Data Breach
News
Microsoft and OpenAI Investigate Data Breach
Microsoft and OpenAI are investigating a data breach linked to DeepSeek, a Chinese AI startup, raising concerns about data security and intellectual property in the ...
DeepSeek AI Hit by Cyberattack: American AI Firms Trying to Poke Holes into DeepSeek
News
DeepSeek AI Hit by Cyberattack: American AI Firms Trying to Poke Holes into DeepSeek
DeepSeek AI, a Chinese startup, faces a cyberattack after its AI assistant app skyrockets to the top of the US App Store, raising questions about ...
Subaru Security Flaw Allows Remote Vehicle Tracking and Hijacking
News
Subaru Security Flaw Allows Remote Vehicle Tracking and Hijacking
A Subaru vulnerability in the Starlink system allowed remote access, enabling tracking, unlocking, and starting vehicles. Ethical hacker Sam Curry discovered the flaw, highlighting significant ...
Smiths Group Hit by Cyber Attack: Shares Drop for the FTSE 100 Firm
News
Smiths Group Hit by Cyber Attack: Shares Drop for the FTSE 100 Firm
Smiths Group, a FTSE 100 firm, suffered a cyber attack resulting in unauthorized system access. The company isolated affected systems and is working with cybersecurity ...
UnitedHealthcare Data Breach Update: 190 Million Impacted in Change Healthcare Cyber Attack
News
UnitedHealthcare Data Breach Update: 190 Million Impacted in Change Healthcare Cyber Attack
The UnitedHealthcare data breach, resulting from a Change Healthcare cyberattack, has impacted a staggering 190 million individuals, making it the largest healthcare data breach in ...
TalkTalk Customer Data Breached, Hackers Claim Theft of Millions of Customer Records
News
TalkTalk Customer Data Breached, Hackers Claim Theft of Millions of Customer Records
TalkTalk investigates a major customer data breach after a hacker claims to have stolen personal information from millions of subscribers, a claim TalkTalk disputes.
British Museum Hit in IT Attack: Ex-Worker Behind Cyberattack
News
British Museum Hit in IT Attack: Ex-Worker Behind Cyberattack
The British Museum faced a severe IT attack, forcing partial closure. A disgruntled ex-IT contractor caused the British Museum cyberattack, leading to system shutdowns and ...
This Week In Cybersecurity: 20th January to 24th January
News
This Week In Cybersecurity: 20th January to 24th January
This week in cybersecurity, we highlight major breaches, including the PowerSchool incident affecting Canadian schools and a cyberattack on Oregon's Carruth Compliance Consulting. Additionally, the ...
Conduent Confirms Cyberattack Disrupting Services Across Government Agencies
News
Conduent Confirms Cyberattack Disrupting Services Across Government Agencies
Conduent confirms cyberattack impacting government agencies and causing service disruptions across multiple US states. The company confirmed that it “experienced ...
Big Cheese Studio Game Code Compromised in Cyber Attack
News
Big Cheese Studio Game Code Compromised in Cyber Attack
Polish game developer Big Cheese Studio suffered a cyberattack, with hackers demanding a cryptocurrency ransom and threatening data release. The Big Cheese Studio cyber attack ...
Texas Insider Breach: Theft of Benefit Funds Impacts 61,000
News
Texas Insider Breach: Theft of Benefit Funds Impacts 61,000
Texas insider breach at HHSC exposed the personal information of 61,000 individuals and resulted in the theft of benefit funds, leading to seven employee firings ...
Cyber Attack on Consultant Exposes Sensitive Data of Oregon School Employees
News
Cyber Attack on Consultant Exposes Sensitive Data of Oregon School Employees
A cyber attack on Carruth Compliance Consulting, managing retirement plans for Oregon school districts, exposed sensitive employee data including Social Security numbers and financial information. ...
Lessons from Ace Hardware Cyber Attack: A Case Study in Data Security for Enterprise Businesses
News
Lessons from Ace Hardware Cyber Attack: A Case Study in Data Security for Enterprise Businesses
The Ace Hardware cyber attack exposed sensitive data from over 7,000 individuals, resulting in significant financial and reputational damage, highlighting the critical need for robust ...
North Pole Company Data Breach Exposes Sensitive Data of Half a Million Users
News
North Pole Company Data Breach Exposes Sensitive Data of Half a Million Users
The North Pole Company suffered a data breach, exposing sensitive data of 520,599 customers. The breach, revealed on BreachForums, highlights risks of identity theft and ...
PowerSchool Breach Might Have Exposed Decades of Canadian Students and Powerschool Teachers Data
News
PowerSchool Breach Might Have Exposed Decades of Canadian Students and Teachers Data
The PowerSchool CMS cyberattack exposed decades of student and Powerschool Teachers Data . Parents and schools urged to monitor personal information closely.
Dallas ISD PowerSchool Data Breach Exposes Student Information
News
Dallas ISD PowerSchool Data Breach Exposes Student Information
Dallas ISD PowerSchool data breach exposes sensitive student information, including social security numbers. Learn about the cybersecurity incident and the risks.
CMS Powerschool Data Breach Confirmed to Have Compromised Charlotte-Mecklenburg Schools Data
News
CMS Powerschool Data Breach Confirmed to Have Compromised Charlotte-Mecklenburg Schools Data
Charlotte-Mecklenburg Schools (CMS) confirms a data breach affecting its CMS Powerschool system.
List of 15 Networking Certifications by Security Vendors to Supercharge Your Career in 2025
Blog
Top 15 Networking Certifications to Supercharge Your Career in 2025
Safeguarding networks is no longer a luxury; it’s a necessity. Expertise in cybersecurity is in incredibly high demand. So making ...
Windows BitLocker Vulnerability (CVE-2025-21210) Exploited in Randomization Attack
News
Windows BitLocker Vulnerability (CVE-2025-21210) Exploited in Randomization Attack
A critical Windows BitLocker vulnerability (CVE-2025-21210) allows attackers with physical access to bypass AES-XTS encryption, exposing sensitive data through a novel randomization attack.
Nash County Public Schools Data Breach Compromised Student Information
News
Nash County Public Schools Data Breach Compromised Student Information
A data breach at Nash County Public Schools exposed student information via PowerSchool's PowerSource.

TOP CYBERSECURITY HEADLINES

This Week’s Security Spotlight

Kaspersky DAEMON Tools Backdoored in Supply Chain Attack
Cybersecurity
Kaspersky: DAEMON Tools Backdoored in Supply Chain Attack
Signed, Sealed, Stolen Hackers Used DigiCert to Certify Malware
Application Security
Signed, Sealed, Stolen: Hackers Used DigiCert to Certify Malware
When Amazon Sends the Phishing Email
Cybersecurity
When Amazon Sends the Phishing Email
Application Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Trump’s Security Adviser Targeted in Messaging App Breach Linked to Signal Clone
A hacked Signal clone used by Trump’s former security adviser Mike Waltz has raised serious concerns over the safety of sensitive government communications.
New York Post X Account Hacked and Hijacked in Targeted Crypto Scam
Hackers hijacked the New York Post’s verified X account to target crypto users via direct messages, redirecting victims to a Telegram-based scam under false pretenses. ...
EU Fines TikTok €530 Million For Data Protection Failures
TikTok has been fined €530 million by EU regulators over data protection failures and may face a data transfer suspension to China unless it complies ...
TikTok Fined €530M: GDPR Breach Over Data Transfers to China
The Irish Data Protection Commission (DPC) has fined TikTok a staggering €530 million ($601 million) for violating the GDPR by transferring European user data to ...
StealC Malware Upgraded With Advanced Data Theft and Stealth Capabilities
StealC malware receives major upgrade with advanced stealth, encryption, and data theft tools, including real-time Telegram alerts and full desktop screenshot capabilities.
Endor Labs Raises $93M to Cut AppSec Noise and Secure the Software Supply Chain
In this episode, we explore the security challenges of the AI-driven software era and how Endor Labs is reshaping application security for the modern development ...
UK Retailer Co-op Discloses Data Theft After DragonForce Ransomware Compromise
UK retailer Co-op has confirmed a data breach impacting millions, following a ransomware attack by DragonForce. Personal details were stolen, but no financial data.
U.S. Indicts Black Kingdom Ransomware Developer Behind 1,500 Microsoft Exchange Attacks
The U.S. has indicted a Yemeni national for operating Black Kingdom ransomware, targeting Microsoft Exchange servers in 1,500 global attacks demanding $10,000 in Bitcoin.
CVE-2025-3928: How One Vulnerability Breached Commvault’s Azure Stack
In this episode, we take a deep dive into CVE-2025-3928—a critical vulnerability in the Commvault Web Server that enables remote attackers to deploy and execute ...
Sodinokibi/REvil Ransomware: The Evasive Threat
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April 2019. Initially observed primarily in ...
beWanted Exposes Personal Data of 1.1 Million Job Seekers Across Europe and Latin America
Employment platform beWanted leaked over 1.1 million CVs containing names, ID numbers, contact details, and employment history.
Nova Scotia Power, a Canadian Utility, Breached: A Global Warning for Critical Infrastructure
On April 25, 2025, Nova Scotia Power, the province’s primary electricity provider, confirmed what many suspected: a cyber incident involving unauthorized access had compromised customer ...
SentinelOne Discloses Ongoing Attacks by Nation-State Hackers and Ransomware Gangs
In a rare move, SentinelOne has publicly confirmed that it is under persistent attack from nation-state threat actors and ransomware gangs. This episode breaks down ...
Nova Scotia Power Confirms Customer Data Compromised in Cyberattack
Nova Scotia Power confirms personal customer data was stolen in a cyberattack on April 25, though electricity services remain unaffected as the investigation continues.
OpenEoX and the Future of End-of-Life Standardization in IT
In this episode, we unpack the evolving landscape of Product Lifecycle Management (PLM) and why it’s become a strategic cornerstone in modern IT environments. From ...
Malicious PyPI Packages Exploit Gmail and WebSockets to Hijack Systems
Seven malicious PyPI packages exploited Gmail and WebSockets for remote command execution and data theft, with some packages downloaded over 18,000 times.
iHeartMedia Breach Exposes Personal Data Including SSNs and Passport Numbers
iHeartMedia confirmed a December data breach exposing names, Social Security, and passport numbers from local station systems. The company is offering identity theft protection.
Ascension Discloses Data Breach Affecting 5.6 Million Individuals
Ascension, a major U.S. healthcare provider, confirmed a ransomware breach affecting 5.6 million individuals, compromising medical, financial, and personal data.
Harrods Confirms Cyberattack Amid Growing Wave Targeting UK Retail Sector
Harrods joins M&S and Co-op as the latest UK retailer targeted in a cyberattack, prompting immediate security measures amid a surge in retail-focused intrusions.
LayerX Secures $45M Total to Battle Data Leaks, One Browser at a Time
LayerX just raised another $11 million — and it’s not to build another antivirus. With $45 million in total funding, the company is betting that ...