Main Menu
Cyber Security
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies
RoguePlanet Zero-Day Gives Attackers SYSTEM on Patched Windows
Ivanti Sentry CVE-2026-10520 Actively Exploited, Devices Backdoored
Langflow CVE-2026-5027: Path Traversal Becomes Unauthenticated RCE
WorldLeaks Claims Apple Supplier Tata Electronics and Two More Firms
What is Cloud Detection and Response (CDR) and How Does it Work
Google Patches 5th Chrome Zero-Day; V8 Flaw Chains for OS Access
LiteLLM CVE-2026-42271 Added to CISA KEV: AI API Keys at Risk
France’s Tchap Messaging App Breached, 643K Messages Exposed
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Exploit Published for Linux Kernel nf_tables CVE-2026-23111
Maxar Space Systems Data Breach: Employee Data Compromised
News
Maxar Space Systems Data Breach: Employee Data Compromised
Gabby Lee November 19, 2024
Maxar Space Systems suffered a data breach exposing employee personal data, including Social Security numbers and addresses. The hacker, using a Hong Kong-based IP, accessed ...
Ford Customer Data Breach: Threat Actors Claim Exfiltration of Internal Database
News
Ford Customer Data Breach: Threat Actors Claim Exfiltration of Internal Database
Mitchell Langley November 18, 2024
A threat actor claims a Ford Motor Company data breach, exposing 44,000 customer records including names, addresses, and purchase details. Ford has yet to comment.
Sitting Ducks Cyber Attacks: 800,000+ Domains at Risk
News
Sitting Ducks Cyber Attacks: 800,000+ Domains at Risk
Mitchell Langley November 18, 2024
A new report reveals over 800,000 domains are vulnerable to "Sitting Ducks" cyberattacks, a DNS hijacking technique used by cybercriminals to gain control of websites ...
TEAM Software Data Breach Exposes Sensitive Information of Nearly 100,000 Individuals
News
TEAM Software Data Breach Exposes Sensitive Information of Nearly 100,000 Individuals
Gabby Lee November 18, 2024
A data breach at TEAM Software exposed the sensitive personal information of approximately 99,525 individuals, including Social Security numbers, driver's license numbers, and medical information. ...
T-Mobile Data Breach Confirmed Amidst Wave of Telecom Hacks
News
T-Mobile Data Breach Confirmed Amidst Wave of Telecom Hacks
Mitchell Langley November 18, 2024
T-Mobile confirms a data breach in a recent wave of attacks targeting US telecom companies. Learn about the extent of the T-Mobile hack and the ...
Hungary Defense Procurement Agency Hacked by INC Ransomware
News
Hungary Defense Procurement Agency Hacked by INC Ransomware
Mitchell Langley November 18, 2024
Hungarian officials confirmed a cyberattack on its defense procurement agency, with the INC Ransomware group claiming responsibility and demanding a $5 million ransom. Sensitive procurement ...
Mirai Malware Spreads Via GeoVision Zero-Day Exploit
News
Mirai Malware Spreads Via GeoVision Zero-Day Exploit
Mitchell Langley November 16, 2024
A Mirai malware botnet is leveraging a zero-day vulnerability (CVE-2024-11120) in outdated GeoVision devices to deploy malware, potentially for DDoS attacks or cryptomining. Thousands of ...
This Week In Cybersecurity: 11th November to 15th November
Cybersecurity
This Week In Cybersecurity: 11th November to 15th November
Gabby Lee November 16, 2024
Stop and Shop Parent Company ‘Ahold Delhaize’ hit by Cyberattack Ahold Delhaize confirmed a significant cyberattack impacting its U.S. network, ...
300,000 Patients Impacted by Major Law Firm Data Breach at Thompson Coburn
News
300,000 Patients Impacted by Major Law Firm Data Breach at Thompson Coburn
Mitchell Langley November 14, 2024
A massive law firm data breach exposed the personal information of 300,000 patients, leading to a class-action lawsuit highlighting cybersecurity failures and the high value ...
₹2,000 Crore WazirX Cyberattack Culprit Arrested
Cybersecurity
₹2,000 Crore WazirX Cyberattack Culprit Arrested
Mitchell Langley November 14, 2024
A Bengal man, SK Masud Alam, has been arrested by Delhi Police in connection with the ₹2,000 crore WazirX cyberattack. The investigation highlights vulnerabilities in ...
Alltech Consulting Data Breach Exposes Over 216,000 Job Seekers' Personal Information
News
Alltech Consulting Data Breach Exposes Over 216,000 Job Seekers’ Personal Information
Gabby Lee November 14, 2024
Alltech Consulting, a recruitment firm, suffered a major data breach exposing personal information of over 216,000 job seekers. The breach was uncovered by cybersecurity researcher ...
Volt Typhoon Rebuilds Malware Botnet After FBI Disruption
News
Volt Typhoon Rebuilds Malware Botnet After FBI Disruption
Mitchell Langley November 14, 2024
The Chinese state-sponsored hacking group Volt Typhoon has successfully rebuilt its KV-Botnet malware botnet, targeting outdated Cisco and Netgear routers, despite an FBI disruption earlier ...
Stop and Shop Parent Company Ahold Delhaize hit by Cyberattack
News
Stop and Shop Parent Company ‘Ahold Delhaize’ hit by Cyberattack
Mitchell Langley November 14, 2024
Ahold Delhaize, parent company of Stop & Shop and Hannaford, confirms a significant cybersecurity incident impacting its US network. Learn about the ongoing disruption and ...
Set Forth Data Breach: 1.5 Million Individuals Affected by Cyberattack
News
Set Forth Data Breach: 1.5 Million Individuals Affected by Cyberattack
Gabby Lee November 14, 2024
Debt relief company Set Forth suffered a major data breach, exposing the sensitive personal information of roughly 1.5 million individuals. The cyberattack compromised crucial data.
SelectBlinds Data Breach: 200,000 Customers Impacted by E-Skimming Attack
News
SelectBlinds Data Breach: 200,000 Customers Impacted by E-Skimming Attack
Mitchell Langley November 12, 2024
The SelectBlinds data breach exposed 206,238 customers' payment card details and personal information via a sophisticated e-skimming attack lasting nearly nine months.
Halliburton Ransomware Attack Costs Energy Giant $35 Million
News
Halliburton Ransomware Attack Costs Energy Giant $35 Million
Mitchell Langley November 12, 2024
Halliburton's August ransomware attack crippled IT systems, causing $35 million in losses and highlighting the vulnerability of even the largest corporations to cyber threats. The ...
Halliburton Confirms Data Breach in Recent Cyberattack
News
Halliburton Confirms Data Breach in Recent Cyberattack
Gabby Lee November 12, 2024
Oil Giant Halliburton Confirms RansomHub Involvement in Data Breach in its Latest SEC Filing Oil and gas giant Halliburton has ...
Amazon Data Breach: Employee Information Exposed After Vendor Hack
News
Amazon Data Breach: Employee Information Exposed After Vendor Hack
Mitchell Langley November 12, 2024
A massive Amazon data breach exposes millions of employee records after a third-party vendor was compromised. Learn about the extent of the breach and the ...
Schneider Electric Dev Platform Hack Confirmed 400k Rows of User Data Stolen
News
Schneider Electric Dev Platform Hack Confirmed: 400k Rows of User Data Stolen
Andrew Doyle November 11, 2024
Schneider Electric, a global leader in energy management and automation solutions, recently confirmed it was targeted by the Hellcat ransomware ...
Palo Alto Networks PAN-OS RCE Vulnerability
News
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability Advisory
Gabby Lee November 11, 2024
On November 6, 2024, Palo Alto Networks published a security advisory in response to claims regarding a potential remote code ...
Application Security
Chrome 149 Patches 28 Flaws, Including 12 Use-After-Free Bugs
Gabby Lee June 12, 2026
Cybersecurity
Kyushu Electric Loses Drive With Data on 10.9M Customers
Mitchell Langley June 12, 2026
Blog
Triple Extortion Ransomware: How It Works and How to Stop It
Andrew Doyle June 12, 2026
Cybersecurity
Europol Dismantles AudiA6 Crypto Laundering Service
Gabby Lee June 12, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Application Security
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
Application Security
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers

This Week’s Security Spotlight

Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Andrew Doyle June 12, 2026
Application Security
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Andrew Doyle June 10, 2026
Application Security
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Gabby Lee June 10, 2026
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
More In News
Trending
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Botnets, Proxies, and Brute Force: How 2.8 Million IPs Target VPNs and Firewalls
February 12, 2025
Podcasts
Inside the Billion-Dollar Heist: Carbonak’s Audacious Cybercrime Saga
February 11, 2025
Podcasts
Modern Bank Heists: Cybercrime, Zero-Day Exploits & The Future of Financial Security
February 10, 2025

Cyber Security News

CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
Application Security
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
January 13, 2026
Meta Addresses Security Vulnerability in Instagram Password Resets
Application Security
Meta Addresses Security Vulnerability in Instagram Password Resets
January 13, 2026
AI and Security Block's CISO Discusses AI Agents' Potential
Cybersecurity
AI and Security: Block’s CISO Discusses AI Agents’ Potential
January 13, 2026
Apex Legends Players Face Unprecedented Character Hijacking Over Weekend
Application Security
Apex Legends Players Face Unprecedented Character Hijacking Over Weekend
January 13, 2026
Target's Source Code Allegedly Exposed in Cyber Breach
Cybersecurity
Target’s Source Code Allegedly Exposed in Cyber Breach
January 13, 2026
Drones Are Now Critical Infrastructure—and Their Networks are the New Attack Surface
Blog
Drones Are Now Critical Infrastructure—and Their Networks are the New Attack Surface
January 13, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Urgent Security Update: Authentication Bypass Vulnerability in VMware Tools for Windows (CVE-2025-22230)
March 26, 2025
Critical VMware Tools vulnerability (CVE-2025-22230) enables privilege escalation on Windows VMs. Immediate patching is paramount for enterprise security.
South Carolina Eye Clinic Suffers Data Breach: Ransomware Suspected
March 26, 2025
Columbia Eye Clinic in South Carolina suffered a data breach, potentially a ransomware attack, exposing patient data including names, contact information, and procedure codes.
Sydney Tools Data Breach Exposes 34 Million+ Customer Orders
March 26, 2025
A massive data breach at Sydney Tools exposed over 34 million customer orders and sensitive employee data, including names, addresses, and salaries. The unsecured database ...
Numotion Data Breach Impacts Nearly 500,000 Individuals
March 26, 2025
Numotion's latest data breach exposed the personal and health information of nearly 500,000 individuals, following a series of similar incidents, leading to multiple lawsuits.
Cloudflare R2 Service Outage: A Case Study in Human Error and System Design
March 26, 2025
Cloudflare's R2 service suffered a 77-minute outage due to a password rotation error, highlighting the risks of human error in cloud infrastructure.
Cyberattack Roundup: Lessons from the Latest Breaches & Ransomware Strikes
March 26, 2025
From data breaches at major banks to ransomware crippling healthcare and tech companies, cyber threats are hitting harder than ever. In this episode, we break ...
Mastering Incident Response: A Guide to Building a Resilient Plan
March 26, 2025
Cyber threats are inevitable, but a strong incident response plan can make all the difference. In this episode, we explore the essential steps for creating ...
Next.js Flaw Allows Unauthorized Access
March 25, 2025
Critical Next.js vulnerability (CVE-2025-29927) lets attackers bypass authorization, impacting versions before 15.2.3. Urgent updates are needed.
Ukraine Railway Hit by Cyberattack: Online Systems Disrupted
March 25, 2025
A major cyberattack targeted Ukraine's railway system, disrupting online services but not train operations. Restoration efforts are ongoing.
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
March 25, 2025
Chinese Weaver Ant hackers infiltrated a telecom network for over four years, using advanced techniques like web shell tunneling and data exfiltration.
Astral Foods Cyberattack: R20 Million Profit Plunge
March 25, 2025
Astral Foods suffered a cyberattack causing a R20 million profit loss and operational disruption. Swift recovery was implemented, but the incident highlights the need for ...
VanHelsing Ransomware Targets Multiple Platforms Including Windows and ESXi Systems
March 25, 2025
The new VanHelsing ransomware targets various systems, employing advanced encryption techniques and demanding ransoms up to $500,000 from its victims.
INTERPOL Operation Red Card Nets 300 Cybercrime Suspects in Africa
March 25, 2025
INTERPOL's Operation Red Card resulted in the arrest of 306 cybercrime suspects across seven African nations, seizing thousands of devices used in various scams.
Oracle Cloud Breach Compromises 6 Million Records, Threatening 140,000 Businesses
March 24, 2025
A massive Oracle Cloud breach exposed 6 million records, impacting 140,000 businesses. The attacker, "rose87168," is selling the data and demanding ransoms.
NYU Data Breach: Class Action Lawsuit Investigation Underway
March 24, 2025
NYU's March 2025 data breach exposed millions of applicants' personal data, prompting a class action lawsuit investigation. Attorneys seek to recover compensation for affected individuals.
Microsoft’s Trusted Signing Service Abused to Code-Sign Malware
March 24, 2025
Microsoft's Trusted Signing service is being abused to code-sign malware using short-lived certificates. This allows malicious software to bypass security and appear legitimate. Microsoft is ...
10 Key Benefits of Cyber Tabletop Exercises
March 24, 2025
Regular cybersecurity tabletop exercises are crucial for identifying weaknesses and strengthening your defenses. This blog explores the ten major advantages of incorporating these simulations into ...
Coinbase Targeted in GitHub Actions Breach
March 24, 2025
A major GitHub Actions breach targeted Coinbase, exploiting the tj-actions/changed-files action to steal secrets. Although Coinbase claims no damage, the attack highlights supply chain vulnerabilities.
CISA Says NAKIVO Backup Flaw is Actively Exploited in Attacks
March 21, 2025
CISA warns of a critical NAKIVO backup flaw, CVE-2024-48248, allowing unauthorized file access, urging organizations to patch systems promptly.
GitHub Supply Chain Attack Exposes Secrets in 218 Repositories
March 21, 2025
A GitHub Action supply chain attack exposed secrets from 218 repositories due to malicious code in tj-actions/changed-files, impacting popular projects and potentially causing further supply ...
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies