Cyber Security
News
FinalDraft Malware: New Stealthy Cyber Attack Abuses Outlook for Command and Control
FinalDraft malware uses Outlook email drafts for covert command-and-control communication, enabling data exfiltration, process injection, and lateral movement with minimal traces. The malware, part of ...
News
2.7 Billion IoT Device Records Exposed in Massive Data Breach
A massive data breach exposed 2.7 billion IoT device records, highlighting critical security vulnerabilities and the need for robust authentication and data encryption.
News
Akira Ransomware Attack Targets Defunct Australian Media Company
Akira Ransomware claims a cyber attack on defunct Australian media company Regency Media, stealing 16GB+ of data, highlighting the risk of unmanaged legacy data post-business ...
News
Australian National University Faces Cyber Attack, FSociety Ransomware Threatens Data Leak
The Australian National University (ANU) is facing a serious cyber attack after being targeted by the FSociety ransomware group. The Canberra-based institution is currently investigating ...
News
Chinese Espionage Tools Fuel RA World Ransomware Attack Targeting Asian Firm
A China-based threat actor, Emperor Dragonfly, deployed RA World ransomware, demanding $2 million. The attack leveraged tools previously used in Chinese cyber espionage operations, blurring ...
News
Zacks Investment Data Breach Exposes 12 Million Users
A hacker leaked data from 12 million Zacks Investment accounts, including names, addresses, emails, and passwords. This is potentially the third major breach at Zacks ...
News
whoAMI Attacks: Exploiting Amazon EC2 Instances for Code Execution
whoAMI attacks allow hackers to gain code execution on Amazon EC2 instances by exploiting flaws in AMI selection. Attackers publish malicious AMIs with names mimicking ...
News
Chinese Hackers Breach More US Telecoms via Unpatched Cisco Routers despite Sanctions
Chinese hackers, exploiting Cisco router vulnerabilities, breached multiple US telecoms and accessed sensitive government communications, highlighting the ongoing threat of state-sponsored cyberattacks.
News
Port of Ostend Suffers Cyberattack, Ensor System Targeted
The Port of Ostend, a significant Belgian port, filed a complaint with the federal police following a cyberattack on Monday night.
News
PNG Tax Office Cyber Attack Exposes Sensitive Data, Raising Concerns
A cyberattack on Papua New Guinea’s Internal Revenue Commission (IRC) in January 2025 compromised its systems, potentially exposing sensitive data. The PNG tax office cyber ...
News
Australia Sanctions Russian Entity and Individuals Over Medibank Cyberattack
Australia imposed sanctions on a Russian entity, ZServers, and five individuals for their alleged involvement in the 2022 Medibank cyberattack, impacting 9.7 million customers.
News
North Korean Hackers Leverage PowerShell Exploit in Sophisticated Cyber Attack
North Korean hackers use a PowerShell exploit in a new cyberattack, tricking victims into installing malware. A related scheme involved a woman facilitating North Korean ...
News
LockBit Sanctioned as US, UK, and Australia Join Hands Against the Russian Cybercrime Network
The US, UK, and Australia have sanctioned Zservers, a Russian-based service provider aiding the LockBit ransomware group, and two key administrators, Alexander Mishin and Aleksandr ...
News
OmniGPT Breach Exposes Data of 30,000 Users
OmniGPT data breach exposes over 30,000 users' data, including emails, API keys, and potentially crypto keys, now being sold on the dark web.
News
Cyber Attack Targets 2.8 Million IPs on VPN Devices
A massive cyber attack using 2.8 million IPs targets VPN devices and other network appliances via brute-force attacks, primarily impacting Brazil.
News
Critical Windows Zero-Day Vulnerabilities Actively Exploited: CISA Issues Warning to ‘Test and deploy quickly’
Critical Windows zero-days (CVE-2025-21418, CVE-2025-21391) are actively exploited. CISA urges immediate patching to prevent data loss and system compromise. Federal agencies have until March 4th.
News
Sault Tribe, Kewadin Casinos Hit by Cyber Attack
A ransomware cyber attack crippled the Sault Tribe and Kewadin Casinos, halting gaming operations and disrupting numerous tribal services. The Sault Tribe cyber attack is ...
News
Hackers Target Valentine’s Day Domains in Cyber Attacks
Hackers are exploiting Valentine's Day with malicious domains and phishing scams. Stay vigilant and verify links to avoid becoming a victim of these cyber attacks. ...
News
Cisco Rejects Claims of Kraken Data Breach, Says Data From 2022 Incident
Cisco denies a new Kraken data breach, linking leaked data to a 2022 incident where attackers gained access via vishing and compromised employee credentials. The ...
News
Asheville Eye Associates, PLLC Data Breached: Levi & Korsinsky, LLP Launches Investigation
Asheville Eye Associates, a PLLC, experienced a significant data breach. Patient information was compromised, prompting legal action from Levi & Korsinsky. The breach highlights the ...
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
BackConnect, Microsoft Teams, & Social Engineering—How Ransomware is Adapting
The ransomware landscape is shifting, and Black Basta and Cactus are at the center of it. In this episode, we break down the connections between ...
BianLian Ransomware: Shadow Data Extortion Group
The BianLian ransomware group represents a significant and growing threat to organizations worldwide. Operating with precision and stealth, they have targeted critical infrastructure and private ...
OnlyFans Cyberattacks: Fake CAPTCHAs and Malware Distribution Threaten Users
OnlyFans users are targeted by sophisticated phishing attacks deploying fake Cloudflare CAPTCHAs and malware-laden links, distributing keyloggers and ransomware. Urgent security measures are needed.
Vo1d Botnet Surpasses 1.59 Million Infected Android TVs Across 226 Countries
The Vo1d botnet has infected over 1.59 million Android TVs across 226 countries, enhancing its stealth and operational capabilities significantly.
ClickFix Attack Deploys Havoc C2 via Microsoft SharePoint
A new ClickFix attack is exploiting Microsoft SharePoint to deploy the Havoc framework, tricking users into running malicious PowerShell commands.
CISA Tags Windows and Cisco Vulnerabilities as Actively Exploited
CISA warns that critical vulnerabilities in Cisco and Windows systems are actively exploited, urging federal agencies to secure networks by March 23, 2025.
Trinity Ransomware: The Enigma of the .trinitylock
Overview: Known Aliases of Trinity Ransomware: Trinity Ransomware. Possible links to 2023Lock and Venus ransomware, implying potential shared infrastructure or development. Country of Origin: Not ...
Freddie Mac Data Breach: Social Security Numbers Compromised
Freddie Mac confirms a significant data breach exposing customer names and Social Security numbers. The extent of the breach and its cause remain under investigation. ...
Belgian Intelligence Service Breach: Chinese Hackers Under Investigation
Belgian authorities investigate a potential Chinese state-sponsored cyberattack on its State Security Service (VSSE), compromising sensitive data and emails between 2021 and 2023. The breach ...
Via Credit Union Data Breach Impacts Thousands: Indiana Credit Unions Face Cybersecurity Challenges
Via Credit Union suffered a significant data breach affecting over 60,000 members, exposing sensitive personal and financial data. Interra Credit Union also experienced a smaller ...
Angel One Data Leak: AWS Breach Exposes User Data
Angel One, a leading stockbroking firm, suffered a data leak. Unauthorized access to AWS resources exposed client data. An investigation is underway.
State of Code Security in 2025: A Wiz Report Reveals Critical Vulnerabilities
Wiz's 2025 State of Code Security Report exposes alarming vulnerabilities in code repositories: 61% of organizations have secrets exposed in public repositories, leaving sensitive data ...
Serbian Police Exploit Cellebrite Zero-Day to Unlock Android Phones
Serbian authorities exploited Cellebrite's zero-day Android vulnerabilities (CVE-2024-53104, CVE-2024-53197, CVE-2024-50302) to unlock a phone, raising serious security concerns for enterprises.
Ransomware Groups Use BYOVD Attacks Exploiting Paragon Partition Manager Bug
Critical Paragon Partition Manager vulnerabilities are being exploited in BYOVD attacks, allowing ransomware gangs SYSTEM-level access and execution of malicious code. Urgent patching is advised. ...
Major Data Breach Exposes 33,000+ Users of Flat Earth Zodiac App
A significant data breach impacting the "Flat Earth Sun, Moon and Zodiac" mobile application has exposed the personal information of over 33,000 users. This incident ...
Akira Ransomware: The Extortion Ghost in a Shell
Akira has targeted a range of organizations, including universities (Stanford), major IT service providers (Tietoevry), and numerous businesses across various sectors. Critical infrastructure, including healthcare ...
9 Million Downloads, Now Banned: VSCode Extensions Under Fire
In a shocking move, Microsoft has banned the popular Material Theme – Free and Material Theme Icons – Free extensions from the Visual Studio Marketplace, ...
EncryptHub Ransomware and Infostealer Campaign Targets 618 Organizations Globally
EncryptHub Breach Affects 618 Organizations Hit Using Infostealers and Ransomware