Main Menu
Cyber Security
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
Conduent Confirms Client Data Breach from January 2025 Cyberattack
News
Conduent Confirms Client Data Breach from January 2025 Cyberattack
Andrew Doyle April 15, 2025
Conduent confirms that client data was stolen during a January 2025 cyberattack, involving personal information of end-users. The company is notifying affected clients accordingly.
Planned Parenthood Data Breach Exposes Sensitive Information of 1.6 Million Patients Across 30 States
News
Planned Parenthood Data Breach Exposes Sensitive Information of 1.6 Million Patients Across 30 States
Mitchell Langley April 15, 2025
A data breach at a Planned Parenthood lab vendor exposed personal, financial, and health information of 1.6 million people across 30 states in October 2024.
Qilin Ransomware Gang Claims Attack on SK Group, Steals 1TB of Corporate Dataa
News
Qilin Ransomware Gang Claims Attack on SK Group, Steals 1TB of Corporate Data
Andrew Doyle April 14, 2025
Qilin ransomware gang claims responsibility for cyberattack on SK Group, stealing 1TB of data from the South Korean conglomerate with deep investments in U.S. industries. ...
Hacker Forum 'Cracked' Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Cybersecurity
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Mitchell Langley April 14, 2025
Hacker forum Cracked is back online after an FBI takedown, reactivating its services under a new domain with a fresh admin and millions of users.
Mercury Corp. Data Breach Exposes Personal Information of Thousands in Aerospace Manufacturing Sector
News
Mercury Corp. Data Breach Exposes Personal Information of Thousands in Aerospace Manufacturing Sector
Andrew Doyle April 14, 2025
A cyberattack targeting Mercury Corp. exposed sensitive personal information of over 3,000 individuals, including Social Security and driver’s license numbers, in a one-day breach.
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Cybersecurity
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Andrew Doyle April 14, 2025
A hacker claims to have breached Wolters Kluwer, leaking sensitive contact data linked to Fortune 500 firms and global enterprises. The company is investigating.
IKEA Ransomware Attack Cost Fourlis Group Millions in Revenue
News
IKEA Ransomware Attack Cost Fourlis Group Millions in Revenue
Mitchell Langley April 14, 2025
Cybersecurity incident disrupted IKEA operations across multiple countries just before Black Friday The IKEA ransomware attack that struck just two ...
Neptune RAT Malware Spreading Through YouTube and GitHub, Targeting Windows PCs
News
Neptune RAT Malware Spreading Through YouTube and GitHub, Targeting Windows PCs
Andrew Doyle April 10, 2025
Neptune RAT malware is spreading through YouTube and GitHub, infecting Windows PCs. This dangerous Trojan allows hackers complete system control, demanding immediate action from businesses ...
Critical FortiSwitch Flaw Allows Remote Admin Password Changes
News
FortiSwitch Flaw Allows Remote Admin Password Changes
Andrew Doyle April 10, 2025
FortiSwitch vulnerability (CVE-2024-48887) lets attackers remotely change admin passwords. Fortinet released patches; immediate updates are crucial.
Oracle Denies Major Cloud Breach, Confirms Hack of "Obsolete Servers"
News
Oracle Denies Major Cloud Breach, Confirms Hack of “Obsolete Servers”
Andrew Doyle April 10, 2025
Oracle denies a major cloud breach, confirming instead a hack of obsolete servers. No Oracle Cloud customer data was compromised, the company claims.
Hackers Exploit SSRF Bug in EC2-Hosted Sites to Steal AWS Credentials
News
Hackers Exploit SSRF Bug in EC2-Hosted Sites to Steal AWS Credentials
Mitchell Langley April 10, 2025
Hackers exploited SSRF bugs in EC2-hosted sites to steal AWS credentials, accessing EC2 Metadata and potentially IAM credentials via IMDSv1. This highlights the ongoing threat ...
Western Sydney University Data Breach Exposes 10,000 Student Records
News
Western Sydney University Data Breach Exposes 10,000 Student Records
Mitchell Langley April 10, 2025
Western Sydney University confirms a data breach exposing the personal information of 10,000 students. The university is investigating and has contacted authorities.
Half of UK Firms Delay Digital Projects Due to Soaring Cyber Warfare Risks
News
Half of UK Firms Delay Digital Projects Due to Soaring Cyber Warfare Risks
Mitchell Langley April 9, 2025
Half of UK firms are delaying digital projects due to rising cyber warfare fears, according to a new report highlighting the impact of nation-state attacks ...
Treasury OCC Data Breach: Hackers Accessed 150,000 Emails Since June 2023
News
Treasury OCC Data Breach: Hackers Accessed 150,000 Emails Since June 2023
Andrew Doyle April 9, 2025
The Treasury's Office of the Comptroller of the Currency suffered a major data breach, exposing over 150,000 emails and sensitive financial data since June 2023.
WhatsApp Vulnerability Allows Malicious Code Execution on Windows PCs
News
WhatsApp Vulnerability Allows Malicious Code Execution on Windows PCs
Andrew Doyle April 9, 2025
WhatsApp flaw (CVE-2025-30401) lets attackers execute malicious code on Windows PCs by sending files with altered extensions. Update to WhatsApp 2.2450.6 or later immediately.
Rödl Management Data Breach, Personal Data Exposed
News
Rödl Management Data Breach, Personal Data Exposed
Mitchell Langley April 9, 2025
Rödl Management suffered a data breach between January 30 and February 9, 2024, compromising consumer data. Investigations are underway, and affected individuals are receiving notifications.
Mirai Botnet Exploiting TVT DVRs
News
Mirai Botnet Exploiting TVT DVRs
Mitchell Langley April 9, 2025
A new Mirai botnet is causing a surge in attacks targeting TVT NVMS9000 DVRs, exploiting a vulnerability to gain admin access and potentially launch DDoS ...
Fall River Public Schools Responds to Cybersecurity Breach
Cybersecurity
Fall River Public Schools Responds to Cybersecurity Breach
Andrew Doyle April 9, 2025
Fall River Public Schools confirms a cybersecurity breach, working with experts to investigate unauthorized network access and ensure data protection.
Kellogg Data Breached, Clop Ransomware Exploits Cleo Zero-Day Vulnerabilities
News
Kellogg Data Breached, Clop Ransomware Exploits Cleo Zero-Day Vulnerabilities
Andrew Doyle April 8, 2025
WK Kellogg confirms a data breach exposing employee names and social security numbers, linked to the Clop ransomware gang's exploitation of Cleo software vulnerabilities.
Superannuation Hack Exposes $4.2 Trillion Sector's Cybersecurity Vulnerabilities
News
Superannuation Hack Exposes $4.2 Trillion Sector’s Cybersecurity Vulnerabilities
Mitchell Langley April 8, 2025
A major superannuation hack exposed critical cybersecurity flaws, impacting major Australian funds and highlighting the urgent need for stronger security measures within the $4.2 trillion ...
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
Gabby Lee June 10, 2025
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025

TOP CYBERSECURITY HEADLINES

Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
News
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
News
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
News
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
News
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach

SECURITYWEEK INDUSTRY EXPERTS

170K-Record Database Exposes Unencrypted PII from Real Estate Sector
News
170K-Record Database Exposes Unencrypted PII from Real Estate Sector
Andrew Doyle June 24, 2025
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
News
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
Mitchell Langley June 24, 2025
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
News
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
Mitchell Langley June 24, 2025
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
News
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
Mitchell Langley June 24, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Ghost Students and AI Scams: How Identity Theft is Gutting Financial Aid
June 11, 2025
Podcasts
Inside the React Native NPM Supply Chain Breach: 16 Packages, 1 Million+ Downloads, and a RAT in the Code
June 10, 2025
Podcasts
Mirai Strikes Again: Spring4Shell, Wazuh, and TBK DVRs Exploited in Live Campaigns
June 10, 2025

Cyber Security News

This Week In Cybersecurity: 7th October to 11th October
Cybersecurity
This Week In Cybersecurity: 7th October to 11th October
October 14, 2024
Salt Typhoon APT Subverts Law Enforcement Wiretapping
Cybersecurity
Salt Typhoon APT Subverts Law Enforcement Wiretapping
October 9, 2024
American Water Cyberattack: Major US Utility Shuts Down Systems After Security Breach
Cybersecurity
American Water Cyberattack: Major US Utility Shuts Down Systems After Security Breach
October 8, 2024
This Week In Cybersecurity: 30th September to 4th October
Cybersecurity
This Week In Cybersecurity: 30th September to 4th October
October 8, 2024
Top 5 Dangerous Cyberattack Techniques in 2024
Blog
Top 5 Dangerous Cyberattack Techniques in 2024
October 2, 2024
AFP Cyberattack: Security Breach at French News Agency Exposes Critical Infrastructure Vulnerabilities
Cybersecurity
AFP Cyberattack: Security Breach at French News Agency Exposes Critical Infrastructure Vulnerabilities
September 30, 2024
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
May 14, 2025
Russian-aligned ransomware group DragonForce hit UK retailer Co-op, exposing customer data and disrupting operations, in a hybrid cyberattack blending financial and geopolitical motives.
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
May 14, 2025
The EU launches its own vulnerability database (EUVD) to strengthen cybersecurity, reduce reliance on CVE, and ensure greater digital sovereignty across European infrastructure.
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
May 14, 2025
Twilio denies breach after leaked Steam 2FA codes appear online. Experts suspect a third-party SMS provider may be the source of the data exposure.
Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations
May 13, 2025
In this episode, we unpack the groundbreaking $1.4 billion privacy settlement between Google and the state of Texas—now the largest of its kind in U.S. ...
Marbled Dust’s Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
May 13, 2025
In April 2024, a sophisticated cyber espionage campaign orchestrated by the Türkiye-linked hacker group, Marbled Dust, began exploiting a previously unknown zero-day vulnerability in the ...
M&S Confirms Customer Data Breach Following Cyberattack
May 13, 2025
M&S confirms a customer data breach exposing contact details and order history after a cyberattack, but reassures no payment data or passwords were compromised.
TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP
May 13, 2025
In this episode, we dissect CVE-2025-47729, a critical vulnerability in TeleMessage, a message archiving app recently thrust into the spotlight due to its use by ...
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
May 13, 2025
Broadcom patches a critical VMware Tools vulnerability that allows attackers with limited VM access to tamper with files. Affects Windows, Linux, and open-vm-tools versions.
Thousands of Node Developers Compromised by Malware in Popular npm Packages
May 13, 2025
A sophisticated supply chain attack on npm injected malware into widely used packages, exposing thousands of developers to remote access trojans, data theft, and backdoors. ...
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
May 13, 2025
A Türkiye-linked cyberespionage group exploited a zero-day in Output Messenger, enabling access to sensitive data and communications in targeted attacks on Kurdish-aligned users.
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
May 13, 2025
A Moldovan suspect has been arrested for a 2021 DoppelPaymer ransomware attack that crippled Dutch research systems and caused €4.5 million in damages.
rand-user-agent: The NPM Package That Opened a Backdoor
May 12, 2025
In this episode, we break down the recent compromise of the rand-user-agent NPM package—an attack that quietly turned a once-trusted JavaScript library into a delivery ...
160,000 Victims Later: The Aspire USA Breach Under Valsoft’s Watch
May 12, 2025
In this episode, we break down the February 2025 data breach that hit Valsoft Corporation, operating under the name AllTrust, through its subsidiary Aspire USA. ...
Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE
May 12, 2025
A new supply chain attack has emerged—this time targeting macOS users of the Cursor AI code editor through rogue npm packages. In this episode, we ...
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
May 12, 2025
Chinese threat group Chaya_004 exploited a zero-day flaw in SAP NetWeaver servers, compromising hundreds of systems using remote code execution and web shell deployments.
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
May 12, 2025
The iClicker website was hacked between April 12–16, 2025, using a fake CAPTCHA to deploy malware via a ClickFix attack targeting students and faculty.
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
May 12, 2025
LockBit's dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a leaked MySQL database.
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
May 12, 2025
Ascension confirms a third-party data breach affecting 437,329 patients, exposing sensitive personal and medical data, including Social Security numbers and health insurance details.
PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain
May 8, 2025
A zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824, became the center of a global cybersecurity storm when it was ...
Pegasus Spyware, WhatsApp v. NSO Group, and the Global Battle for Data Privacy
May 8, 2025
In this episode, we dive deep into the legal, technical, and geopolitical implications of the U.S. court ruling in WhatsApp v. NSO Group—a landmark case ...
AT&T, Verizon, and Beyond: How Salt Typhoon Targets Global Telcos
Anubis Ransomware: A Destructive, Cross-Platform Threat
Fake Microsoft, Netflix, & Apple Support: The Scam Lurking in Google Search
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
From Malware to Court: Qilin Ransomware’s ‘Call a Lawyer’ Tactic
Zero-Click, Zero-Warning: The FreeType Flaw Behind a Spyware Surge
The Insurance Industry Under Fire: Anatomy of the Aflac Cyber Incident
The Nucor Cyberattack: How Ransomware Threatens American Steel
Inside the $225M Crypto Seizure: How Law Enforcement Traced Illicit Funds Across Borders
Inside CVE-2025-23121: Veeam RCE Flaw Opens Door to Ransomware
Fasana’s Collapse: How One Ransomware Attack Crippled a German Manufacturer