Main Menu
Cyber Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Mysk: WhatsApp Stores Chats Unencrypted, Meta Apps Can Read Them
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
FBI Warns Kali365 PhaaS Platform Bypasses Microsoft 365 MFA
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
DPRK npm Packages Use Hugging Face to Exfiltrate Developer Credentials
Deleted Google API Keys Stay Active for Up to 23 Minutes
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Texas AG Sues Meta Over WhatsApp Encryption Claims
Banana RAT Hijacks Brazil Pix QR Codes via NF-e Lures
UNG0002 Hides Cobalt Strike in macOS Folder Structures
INJ3CTOR3 Deploys JOMANGY Webshell in FreePBX Campaign
Operation Dragon Whistle Uses VS Code Tunnels as C2
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
NGINX 1.31.0 Zero-Day nginx-poolslip Bypasses ASLR
WantToCry Ransomware Hits SMB Ports, Evades EDR Tools
DOJ Secures Guilty Pleas From Tech-Support Fraud Executives
BadIIS Malware-as-a-Service Hijacks IIS Servers for SEO Fraud
GhostTree Exploit Hangs Windows Defender With NTFS Junctions
SilverFox APT Spreads ValleyRAT via Fake Microsoft Teams Sites
TamperedChef Hides Malware Inside Signed Apps
Chrome 148 Patches Critical WebRTC Use-After-Free
P2PInfect Botnet Infiltrates Kubernetes Clusters via Redis
Fake BianLian Ransom Notes Mailed to US CEOs in Postal Mail Scam
News
Fake BianLian Ransom Notes Mailed to US CEOs in Postal Mail Scam
Mitchell Langley March 6, 2025
Scammers are impersonating the BianLian group, mailing fake ransom notes to US CEOs, threatening data leaks unless Bitcoin payments are made.
BadBox Malware Disrupted on 500K Infected Android Devices
News
BadBox Malware Disrupted on 500K Infected Android Devices
Andrew Doyle March 6, 2025
The BadBox malware disruption has impacted over 500,000 devices, revealing the urgency of addressing cybersecurity threats in low-cost Android devices.
Silk Typhoon Hackers Now Target IT Supply Chains to Breach Networks
News
Silk Typhoon Hackers Now Target IT Supply Chains to Breach Networks
Mitchell Langley March 6, 2025
The Silk Typhoon hackers have shifted tactics, now focusing on IT supply chains to infiltrate networks and exploit sensitive data across multiple industries.
YouTube Warns of AI-Generated Phishing Attacks Targeting Creators
News
YouTube Warns of AI-Generated Phishing Attacks Targeting Creators
Mitchell Langley March 6, 2025
AI-generated video of YouTube's CEO is being used in phishing attacks to steal creators' credentials. YouTube warns users to avoid suspicious private videos and links.
US Charges Chinese Hackers Targeting Critical Infrastructure Breaches
News
US Charges Chinese Hackers Targeting Critical Infrastructure Breaches
Andrew Doyle March 6, 2025
US charges Chinese state security officers and hackers from APT27 and i-Soon for global cyberattacks targeting critical infrastructure and government agencies since 2011.
Hunters International Claims Ransomware Attack on Tata Technologies: 1.4TB Data Breached
News
Hunters International Claims Ransomware Attack on Tata Technologies: 1.4TB Data Breached
Andrew Doyle March 6, 2025
Hunters International ransomware claims responsibility for a major attack on Tata Technologies, stealing 1.4 TB of data and threatening to release it.
Black Basta and Cactus Ransomware: Shared Tactics and BackConnect Malware Connection
News
Black Basta and Cactus Ransomware: Shared Tactics and BackConnect Malware Connection
Mitchell Langley March 6, 2025
Black Basta and Cactus ransomware groups share similar tactics and use BackConnect malware, highlighting the need for robust cybersecurity measures in enterprise businesses.
Cisco Warns of BroadWorks Flaw Exposing Credentials
News
Cisco Warns of BroadWorks Flaw Exposing Credentials
Andrew Doyle March 6, 2025
Cisco warns of a BroadWorks flaw that could allow unauthenticated attackers to access sensitive credentials. Users are advised to implement security measures.
Broadcom Fixes Three VMware Zero-Days Exploited in Attacks
News
Broadcom Fixes Three VMware Zero-Days Exploited in Attacks
Mitchell Langley March 6, 2025
Broadcom fixes three critical VMware zero-days exploited in attacks, enabling attackers to escape virtual machine sandboxes. Immediate patching is advised.
Major Data Breach at Lost & Found Tracking Site Exposes Over 800,000 Records
News
Major Data Breach at Lost & Found Tracking Site Exposes Over 800,000 Records
Andrew Doyle March 6, 2025
A massive data breach at Lost & Found, a German travel tracking firm, exposed over 800,000 records, including passport scans and driver's licenses, raising serious ...
Polish Space Agency Suffers Cyberattack, Takes Systems Offline
News
Polish Space Agency Suffers Cyberattack, Takes Systems Offline
Andrew Doyle March 6, 2025
The Polish Space Agency (POLSA) disconnected its systems after a weekend cyberattack. The agency is working with national CSIRT teams to restore services and investigate ...
New Polyglot Malware Targets Aviation and Satellite Communication Firms
News
New Polyglot Malware Targets Aviation and Satellite Communication Firms
Mitchell Langley March 6, 2025
A new polyglot malware, Sosano, targets aviation and satellite communication firms in the UAE, enabling remote command execution and persistent access on infected devices.
Eleven11bot: New Botnet Infects 86,000 Devices for DDoS Attacks
News
Eleven11bot: New Botnet Infects 86,000 Devices for DDoS Attacks
Mitchell Langley March 6, 2025
The Eleven11bot botnet has infected over 86,000 IoT devices, primarily focusing on security cameras and NVRs to launch DDoS attacks globally.
Outsourcing Cybersecurity Could Save Your Company Millions – Here's How-
Blog
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
Andrew Doyle March 6, 2025
The digital landscape is a battlefield, with cyberattacks growing in both frequency and sophistication. Businesses of all sizes, from small ...
BianLian Ransomware: Shadow Data Extortion Group
Resources
BianLian Ransomware: Shadow Data Extortion Group
Andrew Doyle March 5, 2025
The BianLian ransomware group represents a significant and growing threat to organizations worldwide. Operating with precision and stealth, they have targeted critical infrastructure and private ...
OnlyFans Cyberattacks: Fake CAPTCHAs and Malware Distribution Threaten Users
News
OnlyFans Cyberattacks: Fake CAPTCHAs and Malware Distribution Threaten Users
Andrew Doyle March 4, 2025
OnlyFans users are targeted by sophisticated phishing attacks deploying fake Cloudflare CAPTCHAs and malware-laden links, distributing keyloggers and ransomware. Urgent security measures are needed.
Vo1d Botnet Surpasses 1.59 Million Infected Android TVs Across 226 Countries
News
Vo1d Botnet Surpasses 1.59 Million Infected Android TVs Across 226 Countries
Mitchell Langley March 4, 2025
The Vo1d botnet has infected over 1.59 million Android TVs across 226 countries, enhancing its stealth and operational capabilities significantly.
ClickFix Attack Deploys Havoc C2 via Microsoft SharePoint
News
ClickFix Attack Deploys Havoc C2 via Microsoft SharePoint
Mitchell Langley March 4, 2025
A new ClickFix attack is exploiting Microsoft SharePoint to deploy the Havoc framework, tricking users into running malicious PowerShell commands.
CISA Tags Windows and Cisco Vulnerabilities as Actively Exploited
News
CISA Tags Windows and Cisco Vulnerabilities as Actively Exploited
Andrew Doyle March 4, 2025
CISA warns that critical vulnerabilities in Cisco and Windows systems are actively exploited, urging federal agencies to secure networks by March 23, 2025.
Trinity Ransomware: The Enigma of the .trinitylock
Resources
Trinity Ransomware: The Enigma of the .trinitylock
Andrew Doyle March 4, 2025
Overview: Known Aliases of Trinity Ransomware: Trinity Ransomware. Possible links to 2023Lock and Venus ransomware, implying potential shared infrastructure or ...
Application Security
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
Mitchell Langley May 25, 2026
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Gabby Lee May 25, 2026
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Gabby Lee May 25, 2026
Cybersecurity
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Mitchell Langley May 25, 2026

TOP CYBERSECURITY HEADLINES

Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Application Security
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Cybersecurity
Netherlands Seizes 800 Stark Industries Servers, Arrests Two

This Week’s Security Spotlight

Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Mitchell Langley May 25, 2026
Application Security
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Gabby Lee May 25, 2026
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Gabby Lee May 22, 2026
Cybersecurity
NYC Health + Hospitals Breach Exposes 1.8M Patients’ Fingerprints
Gabby Lee May 21, 2026
More In News
Trending
INTERPOL Operation Ramz: 201 Arrests in 13-Nation MENA Sweep
Tycoon2FA Adds Device-Code Attack to Bypass Microsoft 365 MFA
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Targeted iOS Attacks: The Zero-Days Apple Had to Patch Fast
May 14, 2025
Podcasts
Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations
May 13, 2025
Podcasts
Marbled Dust’s Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
May 13, 2025

Cyber Security News

Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Cybersecurity
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
January 7, 2026
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Application Security
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
January 7, 2026
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Cybersecurity
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
January 6, 2026
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
Endpoint Security
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
January 6, 2026
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
Application Security
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
January 6, 2026
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Cybersecurity
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
January 6, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Rhysida Ransomware Gang Claims Cyberattack on Brazilian Chevrolet Retailer
May 28, 2025
Rhysida ransomware gang claims to have breached Carrera, a leading Brazilian Chevrolet dealership, demanding $1 million and threatening to leak passports and contracts.
Fentanyl, Firearms, and $200M in Crypto: Dark Web Crime Meets Global Law Enforcement
May 27, 2025
This episode dives deep into Operation RapTor, one of the largest international crackdowns on dark web crime to date. We analyze how coordinated law enforcement ...
Coinbase Faces Investor Lawsuit After Data Breach Exposes 69,000+ Customers
May 27, 2025
Coinbase faces a class action lawsuit after a breach exposed data of over 69,000 users. Insider involvement and financial impact raise enterprise security concerns.
Marlboro-Chesterfield Pathology Ransomware Breach: 235,000 Patients Affected
May 27, 2025
In this episode, we take a deep dive into the recent Marlboro-Chesterfield Pathology (MCP) ransomware attack—one of the most significant healthcare breaches of 2025. On ...
How Infostealers Like Stealc Use TikTok Accounts to Exfiltrate Stolen Data
May 27, 2025
In this episode, we dive deep into the underground cybercrime ecosystem powering the surge of modern infostealers—Stealc, Vidar, and LummaC2. These malware strains aren’t just ...
Global Data Breach Exposes 184 Million Credentials from Major Tech and Government Platforms
May 27, 2025
A global data breach exposed 184 million credentials from tech, government, and banking platforms, highlighting serious risks of credential stuffing, phishing, and ransomware attacks.
Healthcare Data Breaches Hit Providers in Four U.S. States, Impacting Over 60,000 Individuals
May 27, 2025
Healthcare data breaches in NJ, PA, IA, and LA compromise sensitive information of over 60,000 individuals, including Social Security numbers and health records.
U.S. and Allies Release Security Guidance to Protect AI Models from Tampering and Exploitation
May 27, 2025
The U.S. and allies urge stronger protections for AI systems, warning that data tampering and system vulnerabilities pose rising risks to critical infrastructure.
Adidas Confirms Third-Party Data Breach Exposing Global Customer Information
May 27, 2025
Adidas confirms a third-party data breach involving customer service data. No payment information was leaked, but global exposure is possible due to Adidas' vast reach. ...
The Great Screenshot Scandal: Microsoft Recall and Signal’s DRM Shield
May 26, 2025
In this episode, we dive deep into the growing tension between AI innovation and data privacy through the lens of a major controversy: Microsoft’s Windows ...
Bumblebee Malware Returns: IT Pros Targeted Through SEO Poisoning and Typosquatting
May 26, 2025
In this episode, we break down the resurgence of the Bumblebee malware loader and its latest distribution method: blackhat SEO campaigns and trojanized software installers. ...
Cetus Protocol Hit by $223 Million Cryptocurrency Heist, $5M Bounty Offered
May 26, 2025
Hackers stole $223 million from Cetus Protocol via a blockchain exploit. The platform offers a whitehat deal and $5 million bounty to recover stolen funds. ...
FBI Warns of Luna Moth Tactics: Inside the Silent Ransom Group’s Law Firm Attacks
May 26, 2025
In this episode, we dive into the evolving tactics of the Silent Ransom Group (SRG)—also known as Luna Moth—a cybercriminal outfit that has shifted from ...
Qilin Ransomware Gang Targets Luxury Jet Firm Elit Avia, Leaks Staff Documents
May 26, 2025
Ransomware group Qilin posts alleged staff data from Elit Avia, including passport photos, raising security concerns for employees at the luxury private jet operator.
Operation Endgame Dismantles 300 Servers in Global Ransomware Infrastructure Crackdown
May 26, 2025
Operation Endgame dismantled 300 servers and 650 domains supporting ransomware campaigns, while U.S. authorities indicted 16 cybercriminals tied to DanaBot malware and botnet operations.
Stormous Ransomware Gang Posts French Government Credentials on Dark Web
May 26, 2025
Stormous ransomware gang published email and password data allegedly tied to French government bodies, raising concerns over outdated security practices and ongoing exposure risks.
Ransomware Attack on Kettering Health Forces Mass Procedure Cancellations and Exposes Patient Safety Risks
May 26, 2025
A ransomware attack on Kettering Health forced mass cancellations across 120+ medical sites, exposing patient safety risks and prompting scam attempts targeting sensitive patient data. ...
Trust Exploited: Unpacking the macOS Malware Attacking Ledger Wallets
May 23, 2025
A growing cyber threat is targeting macOS users who rely on Ledger cold wallets to secure their cryptocurrency. In this episode, we dissect the anti-Ledger ...
This Week In Cybersecurity: 19th to 23rd May, 2025
May 23, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
$21M Seized and DanaBot, Qakbot, and Bumblebee Disrupted in Operation Endgame Takedown
May 23, 2025
In this episode, we break down the latest and most impactful phase of Operation Endgame, the international law enforcement campaign targeting the backbone of the ...
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Mysk: WhatsApp Stores Chats Unencrypted, Meta Apps Can Read Them
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
FBI Warns Kali365 PhaaS Platform Bypasses Microsoft 365 MFA
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
DPRK npm Packages Use Hugging Face to Exfiltrate Developer Credentials
Deleted Google API Keys Stay Active for Up to 23 Minutes
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Texas AG Sues Meta Over WhatsApp Encryption Claims
Banana RAT Hijacks Brazil Pix QR Codes via NF-e Lures
UNG0002 Hides Cobalt Strike in macOS Folder Structures
INJ3CTOR3 Deploys JOMANGY Webshell in FreePBX Campaign
Operation Dragon Whistle Uses VS Code Tunnels as C2