Main Menu
Cyber Security
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
Virginia Contractor Convicted for Destroying Federal Databases
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Two Americans Jailed for Running North Korean IT Worker Laptop Farms
GothFerrari Gets 6.5 Years for $250M Crypto Home-Invasion Theft Ring
DAEMON Tools Build Breach Spread Three-Stage Backdoor for 27 Days
PamDOORa Linux PAM Backdoor Sold for $1,600, Grants Covert SSH Access
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Trend Micro: QLNX Implant Targets Developers for Supply Chain Attacks
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
FTC Bans Data Broker Kochava from Selling Americans Location Data
Apache CVE-2026-23918 Enables DoS and RCE in HTTP/2 — Patch to 2.4.67
China-Linked UAT-8302 Targets Governments in South America and Europe
Karakurt Negotiator Gets 8.5 Years in First U.S. Conviction
Microsoft: AiTM Phishing Hit 35,000 Users in 26 Countries
Palo Alto CVE-2026-0300 Under Active Attack — Patch Due May 13
cPanel CVE-2026-41940 Exploited Within 24 Hours, Ransomware Deployed
Kaspersky: DAEMON Tools Backdoored in Supply Chain Attack
ShinyHunters Claims 280 Million Canvas Records Lifted from Instructure
MOVEit Is Back in the Crosshairs: CVSS 9.8 Flaw in Automation
HR Emails Are the New Phishing Bait — And MFA Won’t Save You
SimpleHelp and ScreenConnect: The IT Tools That Became a Backdoor
Halton Long-Term Care Home Breach Exposes Resident Data
News
Halton Long-Term Care Home Breach Exposes Resident Data
Gabby Lee December 24, 2024
A cybersecurity incident at Allendale Long-Term Care Home in Milton, overseen by Halton Region, exposed the health information of residents from 2005 to July 2024. ...
Krispy Kreme Breach: Play Ransomware Gang Claims Data Theft, Threatens Data Leak
News
Krispy Kreme Breach: Play Ransomware Gang Claims Data Theft, Threatens Data Leak
Mitchell Langley December 23, 2024
The Play ransomware gang claims responsibility for a November Krispy Kreme data breach, alleging theft of sensitive customer and financial data. Krispy Kreme confirmed operational ...
2nd Equifax Data Breach Settlement: Additional Pro Rata Payments Now Available
News
2nd Equifax Data Breach Settlement: Additional Pro Rata Payments Now Available
Mitchell Langley December 23, 2024
Equifax data breach settlement is distributing additional pro rata payments to eligible individuals. Claimants who received a verified email with instructions on how to redeem ...
Duke Energy Data Breach Exposes Customer Information: What You Need to Know
News
Duke Energy Data Breach Exposes Customer Information: What You Need to Know
Mitchell Langley December 23, 2024
Duke Energy confirms a data breach exposing customer account numbers, birthdates, addresses, and partial Social Security numbers. Free credit monitoring is offered.
Meezan Bank Data Breach: Bank Compensates Victims, Highlights Third-Party Security Risks
News
Meezan Bank Data Breach: Bank Compensates Victims, Highlights Third-Party Security Risks
Gabby Lee December 23, 2024
Meezan Bank, a PCI-certified bank with EMV and 3D Secure compliant cards, clarifies its position on recent unauthorized transactions, attributing them to unsecured e-commerce activities. ...
Dark Angels Ransomware: Sophistication & High Stakes Attacks
Resources
Dark Angels Ransomware: Sophistication & High Stakes Attacks
Mitchell Langley December 23, 2024
Overview The Dark Angels ransomware group is a sophisticated and stealthy cybercrime operation known for its targeted attacks on large ...
Salt Typhoon: A Chinese APT at War with the US
Resources
Salt Typhoon: A Chinese APT at War with the US
Mitchell Langley December 23, 2024
Salt Typhoon is considered an advanced persistent threat (APT) actor, reportedly operated by the Chinese government.
RansomHub Ransomware - A RaaS Syndicate
Resources
RansomHub Ransomware – A RaaS Syndicate
Mitchell Langley December 23, 2024
RansomHub operates as a Ransomware-as-a-Service (RaaS), providing infrastructure and code to affiliates.
This Week In Cybersecurity: 16th December to 20th December
Cybersecurity
This Week In Cybersecurity: 16th December to 20th December
Mitchell Langley December 20, 2024
Meta Fined $263.5m Over Data Breach in Europe Meta has been fined €263.5 million by Ireland’s Data Protection Commission for ...
3AM Ransomware A Deep Dive into the Latest Cyber Threat Targeting Enterprises
Blog
3AM Ransomware: A Deep Dive into the Latest Cyber Threat Targeting Enterprises
Mitchell Langley December 20, 2024
3AM Ransomware, a new and dangerous threat, is targeting enterprises globally. This blog post provides a comprehensive overview of its methods, impact, and crucial preventative ...
NBS Website Hack: Nigerian Government Faces Intensified Cyberattacks
News
NBS Website Hack: Nigerian Government Faces Intensified Cyberattacks
Mitchell Langley December 19, 2024
Hackers Intensify Attacks on Nigerian Government Websites, Seizing NBS Platform The Nigerian government is facing a wave of intensified cyberattacks, with the recent compromise of ...
Cisco Data Leak: 2.9 Gigabytes of Source Code and Internal Documents Exposed
News
Cisco Data Leak: 2.9 Gigabytes of Source Code and Internal Documents Exposed
Mitchell Langley December 19, 2024
Cisco data leak exposed 2.9 gigabytes of source code, certificates, and internal documents due to a configuration error, not a system breach. Cisco responded swiftly, ...
Rhode Island's RIBridges System Hit by Cyberattack After Repeated Cybersecurity Warnings
News
Rhode Island’s RIBridges System Hit by Cyberattack After Repeated Cybersecurity Warnings
Gabby Lee December 19, 2024
A cyberattack on Rhode Island's RIBridges public benefits system exposed the private data of potentially hundreds of thousands, following repeated warnings from state auditors about ...
4 Crucial Automation Use Cases for Enterprise Security Automation
Blog
4 Crucial Automation Use Cases for Enterprise Security Automation
Gabby Lee December 19, 2024
Elevate your cybersecurity posture with Security Automation. Automate threat detection, incident response, and vulnerability management to reduce risk and free up your security team. Learn ...
Meta Fined $263.5m Over Data Breach in Europe
News
Meta Fined $263.5m Over Data Breach in Europe
Mitchell Langley December 18, 2024
Meta Faces $263.5 Million EU Fine for User Data Violations
Bitter Cyberespionage Group Leverages New MiyaRAT Malware to Target Turkish Defense Organizations
News
Bitter Cyberespionage Group Leverages New MiyaRAT Malware to Target Turkish Defense Organizations
Mitchell Langley December 18, 2024
The Bitter cyberespionage group is targeting Turkish defense organizations with the new MiyaRAT malware, a sophisticated RAT with enhanced encryption and capabilities.
Namibia Ransomware Attack: Sensitive Data of Government Officials and Citizens Leaked
News
Namibia Ransomware Attack: Sensitive Data of Government Officials and Citizens Leaked
Gabby Lee December 18, 2024
Namibia's Telecom Namibia suffered a major ransomware attack, leaking sensitive data of government officials and citizens. The hackers, Hunters International, released the data after a ...
FBI Warns of HiatusRAT Malware Attacks Targeting Web Cameras and DVRs
News
FBI Warns of HiatusRAT Malware Attacks Targeting Web Cameras and DVRs
Mitchell Langley December 17, 2024
The FBI warns of widespread HiatusRAT malware attacks targeting vulnerable web cameras and DVRs, primarily Chinese-branded devices, exploiting known vulnerabilities and weak passwords. Urgent action ...
Texas Tech University Data Breach Exposes Data of 1.4 Million Patients
News
Texas Tech University Data Breach Exposes Data of 1.4 Million Patients
Mitchell Langley December 17, 2024
A cyberattack on the Texas Tech University Health Sciences Center exposed the sensitive data of 1.4 million patients, including names, addresses, Social Security numbers, and ...
Nebraska AG Files Change Healthcare Lawsuit Following Devastating Data Breach
News
Nebraska AG Files Change Healthcare Lawsuit Following Devastating Data Breach
Gabby Lee December 17, 2024
Nebraska Attorney General Mike Hilgers filed a lawsuit against Change Healthcare, alleging failures after a data breach exposed sensitive information of hundreds of thousands of ...
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Application Security
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Andrew Doyle May 8, 2026
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Cybersecurity
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Mitchell Langley May 8, 2026
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Cybersecurity
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Andrew Doyle May 6, 2026
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Cybersecurity
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Andrew Doyle May 6, 2026

TOP CYBERSECURITY HEADLINES

Dirty Frag Zero-Day Grants Root Access on Most Linux Distributions
Cybersecurity
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Cybersecurity
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
CVE Vulnerability Alerts
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
Application Security
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV

This Week’s Security Spotlight

Kaspersky DAEMON Tools Backdoored in Supply Chain Attack
Cybersecurity
Kaspersky: DAEMON Tools Backdoored in Supply Chain Attack
Mitchell Langley May 6, 2026
Signed, Sealed, Stolen Hackers Used DigiCert to Certify Malware
Application Security
Signed, Sealed, Stolen: Hackers Used DigiCert to Certify Malware
Gabby Lee May 5, 2026
When Amazon Sends the Phishing Email
Cybersecurity
When Amazon Sends the Phishing Email
Andrew Doyle May 5, 2026
Application Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Mitchell Langley April 21, 2026
More In News
Trending
HR Emails Are the New Phishing Bait — And MFA Won’t Save You
Tax Season Never Really Ends for Hackers
When Amazon Sends the Phishing Email
Phishing Scams Are Now Exploiting Apple’s Trusted Email Servers

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
CVE-2025-31324: A Critical SAP Zero-Day in Active Exploitation
May 7, 2025
Podcasts
Another Day, Another Commvault Zero-Day: RCE, Path Traversal, and KEV Inclusions
May 6, 2025
Podcasts
Kelly Benefits Breach: What 413,000 Exposed Records Teach Us About Cybersecurity
May 6, 2025

Cyber Security News

Microsoft Faces Criticism Over Unresolved .NET Vulnerability
Application Security
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
December 11, 2025
NET Framework Vulnerability SOAPwn Impact on Enterprise Applications
Application Security
.NET Framework Vulnerability SOAPwn: Impact on Enterprise Applications
December 11, 2025
Teen Hacker Arrested in Spain for Major Data Breach Scheme
Cybersecurity
Teen Hacker Arrested in Spain for Major Data Breach Scheme
December 11, 2025
Satellite Signal Interruption Causes Porsche Immobilization in Russia
Cybersecurity
Satellite Signal Interruption Causes Porsche Immobilization in Russia
December 11, 2025
Ivanti Urges Immediate Patch for Endpoint Manager Vulnerability
CVE Vulnerability Alerts
Ivanti Urges Immediate Patch for Endpoint Manager Vulnerability
December 11, 2025
Prime Security Secures $20 Million to Advance AI-Powered Security Tools
Cybersecurity
Prime Security Secures $20 Million to Advance AI-Powered Security Tools
December 11, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
This Week In Cybersecurity: March 3rd to 7th, 2025
April 21, 2025
This Week in Cybersecurity: Data Breaches, Ransomware, Threat Actors, Ransomware Protection and more!
Ransomware Victims on Dark Web – 10th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 04th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 05th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 06th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
April 21, 2025
Secure your Remote Desktop Protocol (RDP) with these essential tips. Learn how to mitigate risks and protect your systems from cyberattacks targeting RDP vulnerabilities.
Attackers Abuse Google OAuth in Sophisticated DKIM Replay Phishing Scheme
April 21, 2025
Attackers exploited Google’s OAuth and DKIM signing process to send phishing emails that appeared authentic, bypassing traditional security checks and targeting unsuspecting recipients.
MGM Resorts to Pay $45 Million in Data Breach Settlement Covering 2019 and 2023 Incidents
April 21, 2025
MGM Resorts will pay $45 million to settle a lawsuit over data breaches in 2019 and 2023, offering up to $75 per affected individual.
State-Backed Threat Actors Adopt ClickFix Social Engineering in Espionage Campaigns
April 21, 2025
State-backed hackers from North Korea, Iran, and Russia are now using ClickFix, a social engineering method that tricks users into manually executing malware payloads.
New Android Malware ‘SuperCard X’ Enables NFC Relay Attacks for Payment Card Theft
April 21, 2025
A new Android malware called SuperCard X enables NFC relay attacks by stealing card data via fake banking support calls and emulating it on attacker ...
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
April 21, 2025
Interlock ransomware operators now use ClickFix attacks with fake IT tools to deploy malware, exfiltrate data, and encrypt systems, targeting corporate environments through social engineering. ...
Critical Security Flaw in Asus AiCloud Routers Prompts Urgent Firmware Update
April 21, 2025
Asus urges immediate firmware updates after a critical security flaw in AiCloud routers is discovered, allowing unauthorized function execution via crafted remote requests.
This Week In Cybersecurity: 14th April to 18th April
April 18, 2025
Sure! Here's a 25-word excerpt summarizing the entire newsletter: **Widespread service outages, ransomware attacks, zero-day exploits, and data breaches impacted major platforms including Jira, Binance, ...
Ahold Delhaize Data Breach Confirmed After INC Ransomware Claims Responsibility
April 18, 2025
Ahold Delhaize confirms data theft from U.S. systems after INC Ransom's cyberattack. Investigation continues as stolen files appear on a dark web extortion site.
Legends International Confirms Data Breach Following Cyberattack in November 2024
April 18, 2025
Legends International disclosed a data breach affecting venue visitors and employees after a November 2024 cyberattack. The breach involved unauthorized access and data exfiltration.
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
April 18, 2025
Google has been hit with a £5 billion antitrust lawsuit in the UK, alleging it used its dominance to inflate search advertising prices for British ...
Jira Down, Atlassian Users Face Widespread Service Disruption
April 17, 2025
Atlassian's Jira platform is experiencing a global outage, affecting multiple products and causing significant disruptions for enterprise users.
UK Law Firm Fined £60,000 Over Ransomware Data Breach That Exposed Sensitive Case Files
April 17, 2025
DPP Law was fined £60,000 after a ransomware data breach exposed sensitive client data, due to outdated systems, delayed reporting, and lack of cybersecurity controls. ...
Over 16,000 Fortinet Devices Compromised via Symlink Backdoor Exploit
April 17, 2025
Over 16,000 Fortinet devices have been compromised via a symlink backdoor, allowing persistent read-only access to sensitive files despite applied patches.
Fake Binance Installers Spreading Malware in New Crypto -Themed Malvertising Campaign
April 17, 2025
Cybercriminals are using fake Binance and TradingView installers to deliver stealthy malware that steals browser credentials and disables system security settings.
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
Virginia Contractor Convicted for Destroying Federal Databases
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Two Americans Jailed for Running North Korean IT Worker Laptop Farms
GothFerrari Gets 6.5 Years for $250M Crypto Home-Invasion Theft Ring
DAEMON Tools Build Breach Spread Three-Stage Backdoor for 27 Days
PamDOORa Linux PAM Backdoor Sold for $1,600, Grants Covert SSH Access
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Trend Micro: QLNX Implant Targets Developers for Supply Chain Attacks
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
FTC Bans Data Broker Kochava from Selling Americans Location Data
Apache CVE-2026-23918 Enables DoS and RCE in HTTP/2 — Patch to 2.4.67