Cyber Security
Cybersecurity Newsletter
This Week In Cybersecurity: 04th February to 06th February
This week saw significant cybersecurity incidents, including a ransomware attack on the New York Blood Center, disrupting vital blood supplies during a shortage. Connecticut's Community ...
News
Frederick Health Hospital’s Ransomware Disaster: Patient Care Disrupted
On January 27, 2025, Frederick Health Hospital (FHH) became the target of a sophisticated ransomware attack, forcing the immediate shutdown ...
News
NCC Group’s Cyber Threat Intelligence Report Reveals Record Ransomware Attacks
NCC Group's 2024 cyber threat report reveals a record 5,263 ransomware attacks, with LockBit and RansomHub leading the surge. The industrial sector was hardest hit, ...
News
Hackers Spoof Microsoft ADFS Login Pages in Phishing Attacks
Hackers spoof Microsoft ADFS login pages, bypassing MFA to steal credentials and launch further phishing attacks targeting corporate email accounts. This highlights the threat of ...
News
Connecticut Healthcare Data Breach Exposes 1 Millions Records
The Connecticut healthcare data breach has affected over one million Connecticut residents, marking one of the largest healthcare data breaches in recent history.
News
Ransomware Payments Drop 35%: Chainalysis Reports Victims Refuse to Pay Ransom
Ransomware payments plummeted by 35% in 2024, totaling $814 million. This significant drop, reported by Chainalysis, suggests increased law enforcement effectiveness and victim resistance to ...
Cybersecurity
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
Multiple state-sponsored groups are using Google's Gemini AI assistant. They use it primarily for productivity improvements. However, they also use it for reconnaissance and attack ...
News
US Healthcare Provider Data Breach at Connecticut Impacts 1 Million Patients
A massive healthcare provider data breach at Connecticut's Community Health Center exposed the personal and health data of over 1 million patients, including Social Security ...
News
Prevent Data Breaches with Amazon Redshift Enhanced Security
Amazon Redshift enhances security defaults to prevent data breaches and ransomware by restricting public access, enabling encryption, and enforcing SSL connections, mitigating risks like the ...
News
GrubHub Data Breach Exposes Customer, Driver, and Merchant Data
The GrubHub data breach has compromised the personal information of an unspecified number of customers, merchants, and drivers. The attack ...
News
Mississippi Electric Utility Data Breach Affects 20,000 Residents
The Mississippi electric utility, Yazoo Valley Electric Power Association, suffered a data breach affecting 20,000 residents. The breach exposed personal information, prompting identity theft protection ...
News
New York Blood Center Ransomware Attack: Critical Blood Supplies at Risk
The New York Blood Center Enterprises (NYBCe) suffered a ransomware attack on January 26th, disrupting operations and impacting blood supplies amid a pre-existing blood shortage.
News
BRS Cyber Attack: Data Breach at Business Registration Exposes Sensitive Business Information
Cyberattack on Kenya's Business Registration Services (BRS) has exposed sensitive company data, sold on the dark web. Authorities investigate, ruling out ransomware.
News
DeepSeek AI Data Breach Causes National Security Risks and Data Privacy Concerns
The DeepSeek AI data breach exposed sensitive user data, raising national security concerns and prompting warnings from U.S. officials about privacy violations and corporate espionage.
Cybersecurity Newsletter
This Week In Cybersecurity: 27th January to 31st January
British Museum Forced to Close After IT Attack by Ex-worker The British Museum experienced an IT attack attributed to a ...
News
Phemex Crypto Firm Breached With $85 Million in Cryptocurrency Stolen
Phemex suffered a major security breach, resulting in the theft of over $85 million in cryptocurrency. The attack targeted hot wallets, prompting immediate suspension of ...
News
ENGlobal Cybersecurity Breach and CenterPoint Energy Data Leak Probes Investigation
Williams stated,
News
RCSD Warns Community of Data Breach: 134,000 Records Potentially Accessed
The Rochester City School District (RCSD) warns its community of a significant data breach. The breach exposed sensitive personal information, prompting immediate action and investigation. ...
News
UK’s Morrisons Breached: Cyber Attack at Technology Provider Dents Christmas Sales
A November cyber attack at Morrisons' technology provider, Blue Yonder, disrupted operations, impacting Christmas sales and resulting in lower-than-expected first-quarter growth.
News
All American Poly Data Breached, 2024 Cyberattack Exposes Sensitive Consumer Data
All American Poly Corporation (American Poly) confirmed a data breach stemming from a 2024 cyberattack, exposing customer names and Social Security numbers. A data breach ...
Application Security
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
TOP CYBERSECURITY HEADLINES
Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Application Security
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
This Week’s Security Spotlight
Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Application Security
Trump Mobile Exposes 27,000 Customer Records via Insecure API
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
Ascension confirms a third-party data breach affecting 437,329 patients, exposing sensitive personal and medical data, including Social Security numbers and health insurance details.
PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain
A zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824, became the center of a global cybersecurity storm when it was ...
Pegasus Spyware, WhatsApp v. NSO Group, and the Global Battle for Data Privacy
In this episode, we dive deep into the legal, technical, and geopolitical implications of the U.S. court ruling in WhatsApp v. NSO Group—a landmark case ...
How CodeAnt AI is Automating Code Reviews for 50+ Dev Teams
AI tools are generating more code than ever — but who’s reviewing it? In this episode, we spotlight CodeAnt AI, the fast-growing platform built to ...
The Truth About Identity Attacks: How to Protect Your Business and Data
In today's digital landscape, identity attacks are rampant, costing businesses millions and causing irreparable damage to reputations. This comprehensive guide explores seven common identity-based attacks, ...
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
U.S. Oil and Gas Sectors Face Persistent Cyber Threats, CISA Warns The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory warning that ...
NSO Group Fined $167 Million for Pegasus Spyware Attack on WhatsApp Users
A U.S. jury has ordered NSO Group to pay over $167 million in damages for a 2019 Pegasus spyware attack that targeted 1,400 WhatsApp users. ...
PowerSchool Hacker Now Extorting Individual School Districts Using Stolen Data
The PowerSchool hacker is now targeting individual school districts, threatening to leak sensitive student and staff data stolen in the December 2024 breach.
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail sectors.
The Langflow Breach: How a Popular AI Tool Opened the Door to Hackers
A newly disclosed zero-day vulnerability, CVE-2025-3248, is being actively exploited in the wild—and it’s targeting Langflow, a popular open-source framework for building AI-powered applications. In ...
Mirai Reloaded: Why CVE-2024-7399 Still Haunts Samsung Servers
In this episode, we break down the active exploitation of CVE-2024-7399, a critical path traversal and arbitrary file upload vulnerability in Samsung MagicINFO 9 Server. ...
UK Retail Cyberattacks Prompt Urgent Warning from National Cyber Security Centre
The UK’s NCSC has issued a warning after recent cyberattacks disrupted major retailers including Marks & Spencer, Harrods, and Co-op, urging stronger cybersecurity readiness.
CVE-2025-31324: A Critical SAP Zero-Day in Active Exploitation
A critical zero-day vulnerability — CVE-2025-31324 — is shaking the enterprise tech world. In this episode, we dive deep into the alarming exploit targeting SAP NetWeaver ...
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
Masimo disclosed a cyberattack impacting manufacturing and logistics, coinciding with the $350M sale of its Sound United audio brands to Samsung subsidiary Harman.
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
Ransom House claims to have breached German brewing giant Oettinger, threatening to leak sensitive data if the company fails to meet its ransom demands.
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
CISA confirms active exploitation of critical Langflow RCE flaw CVE-2025-3248, urging urgent updates to prevent full server takeover through exposed API endpoints.
“Bring Your Own Installer” EDR Bypass Used in Ransomware Attack Targeting SentinelOne
A new “Bring Your Own Installer” bypass lets ransomware actors disable SentinelOne EDR protection by exploiting the agent upgrade process, leaving endpoints exposed to attack. ...
Another Day, Another Commvault Zero-Day: RCE, Path Traversal, and KEV Inclusions
In this episode, we break down the anatomy of some of the most critical vulnerabilities threatening enterprise systems in 2025 — and the real-world attacks ...
Kelly Benefits Breach: What 413,000 Exposed Records Teach Us About Cybersecurity
In this episode, we dive deep into the massive data breach at Kelly Benefits, a payroll and benefits administrator that exposed the sensitive personal data ...
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Explore six critical Supply Chain Cybersecurity Risks in 2025—from AI-driven cyberattacks and IoT vulnerabilities to quantum computing and geopolitical threats shaping logistics.