Cyber Security
News
Washington Court System Cyberattack Causes Multi-Regional Services Disruption
On November 3, 2024, the Washington State Administrative Office of the Courts (AOC) detected unauthorized activity within its networks, prompting ...
News
Guardian Ransomware Attack Linked to Change Healthcare Cyberattack
On February 21, a ransomware attack targeting the systems of Change Healthcare, a key service provider, was detected, affecting numerous ...
News
SETU Cyberattack: Waterford Campus IT Systems Down, Classes Suspended
Ireland's South East Technological University (SETU) suffered a cyberattack, temporarily halting classes and disrupting IT services on its Waterford campus. The university is working to ...
Cybersecurity
Singtel Data Breach: Volt Typhoon’s Test Run Before Targeting US Telecoms
Chinese government-backed hackers, Volt Typhoon, reportedly breached Singtel in a test run before targeting US telecoms, using a web shell and exploiting a Versa SD-WAN ...
News
Nokia Investigates Third-Party Breach After Hacker Claims to Steal Source Code
A hacker claims to have stolen Nokia source code via a third-party vendor breach, prompting an investigation by Nokia. The alleged stolen data includes sensitive ...
Resources
FIN11 – A Critical Healthcare Cyberthreat
FIN11, also known as DEV-0950, Lace Tempest, TA505, TEMP.Warlock, and UNC902, is a cybercrime group that has been conducting financially-motivated intrusions since at least 2017.
News
LA Housing Authority Confirms Data Breach Claimed by Cactus Ransomware
The LA Housing Authority (HACLA) confirmed a cyberattack by the Cactus ransomware gang, following a previous breach by LockBit. Sensitive data may have been compromised, ...
News
City of Columbus Ransomware Attack: 500,000 Individuals Affected by Rhysida Ransomware Data Breach
The City of Columbus suffered a devastating ransomware attack in July 2024, resulting in the theft of personal data from 500,000 individuals, highlighting cybersecurity vulnerabilities
Blog
How the Dark Web Has Fueled the 32% Rise in Healthcare Cyberattacks
The healthcare industry is facing an unprecedented crisis. A recent report reveals a staggering 32% increase in global healthcare cyberattacks, fueled by the booming trade ...
News
Ukraine’s Cyberattack Cripples Crimean Banks in DIU’s Massive DDoS Operation
Ukraine's Defense Intelligence (DIU) launched a 24-hour Distributed Denial of Service (DDoS) attack targeting four Russian banks operating illegally in Crimea, disrupting online banking services ...
Cybersecurity
Central Bank Cyprus Says 14.3% of Businesses Hit by Cyberattacks
Cyprus reports 14.3% of businesses experienced cyberattacks, highlighting rising EU cybersecurity risks. Proactive measures like mandatory penetration testing are being implemented to address vulnerabilities.
News
Transport for London (TFL) Restores Oyster Photocards Services and Offers Refunds
Transport for London (TfL) is now processing TfL refunds for Oyster photocard users affected by a recent cyberattack. Learn how to claim your reimbursement for ...
Cybersecurity
This Week In Cybersecurity: 28th October to 1st November
CRA Data Breach Exposes Tens of Thousands of Taxpayer Accounts, Millions Lost in Bogus Refunds A significant data breach at ...
Blog
Trinity Ransomware: Major Threat to the Healthcare Industry
The newly discovered Trinity ransomware is a significant threat to the healthcare industry, with at least one U.S. hospital already affected. HHS issued a warning ...
News
Nine Class-Action Lawsuits Filed After New Jersey Water Company Data Breached
Nine class-action lawsuits have been filed against a New Jersey utility company following a data breach of unknown scope. The company, American Water, serves over ...
News
ZircoDATA Cybersecurity Breach Exposes Sensitive Australian Data
A major cybersecurity breach at ZircoDATA, an Australian data firm, exposed sensitive personal information, impacting hundreds of organizations and highlighting the need for stronger data ...
News
PSAUX Ransomware Attack Cripples 22,000 CyberPanel Instances
The PSAUX ransomware attack exploited critical vulnerabilities in CyberPanel, crippling over 22,000 instances and encrypting countless files. A decryptor is now available.
News
Interbank Confirms Data Breach Following Failed Extortion Attempt
Interbank, a Peruvian bank, confirms a massive data breach after a failed extortion attempt. Millions of customer records, including financial details, were leaked online.
News
LottieFiles npm Supply Chain Attack Drains Cryptocurrency Wallets
A npm supply chain attack targeted LottieFiles, compromising versions 2.0.5-2.0.7 of its "lottie-player" package and leading to cryptocurrency theft. Users are urged to upgrade immediately.
News
Advanced Recovery Equipment & Supplies Data Breach Impacts Customer Information
Advanced Recovery Equipment & Supplies LLC suffered a data breach in 2023, exposing customer names, Social Security numbers, medical information, and more. Data breach notification ...
Application Security
Chrome 149 Patches 28 Flaws, Including 12 Use-After-Free Bugs
Cybersecurity
Kyushu Electric Loses Drive With Data on 10.9M Customers
TOP CYBERSECURITY HEADLINES
Application Security
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
Application Security
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
This Week’s Security Spotlight
Application Security
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Application Security
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
WordPress Plugin WP Ghost Vulnerable to Critical Remote Code Execution Bug
Critical remote code execution vulnerability in WordPress plugin WP Ghost allows attackers to hijack servers. Urgent updates are required.
Network Security in a Digital World: Understanding and Mitigating Risks
The digital landscape is riddled with threats in modern networks. From malware and phishing to DDoS attacks and physical sabotage, the challenges are multifaceted. This ...
Critical Cisco Smart Licensing Utility Flaws Exploited in Attacks
Cisco's Smart Licensing Utility vulnerabilities CVE-2024-20439 and CVE-2024-20440 are now exploited, allowing unauthorized access through a backdoor admin account.
HellCat Hacking Spree Targets Jira Servers Worldwide
HellCat hackers are exploiting compromised Jira credentials in a worldwide hacking spree, targeting companies like Ascom and Jaguar Land Rover, stealing sensitive data including source ...
RansomHub Ransomware Leverages New Betruger Backdoor for Enhanced Attacks
RansomHub ransomware uses a new multi-function backdoor, Betruger, for enhanced attacks, streamlining the deployment process and minimizing detection.
Critical MegaRAC Bug Lets Attackers Hijack and Brick Servers
MI MegaRAC BMC vulnerability (CVE-2024-54085) lets attackers remotely hijack and brick servers, impacting numerous vendors and potentially causing significant damage.
No More Warnings? The Risks of Losing CIPAC’s Cyber Threat Coordination
The Department of Homeland Security (DHS) has abruptly shut down the Critical Infrastructure Partnership Advisory Council (CIPAC), the central hub for cybersecurity collaboration between the ...
517,000 Victims: How a Ransomware Gang Targeted Pennsylvania’s Largest Educators’ Union
Over 517,000 individuals are now at risk after the Pennsylvania State Education Association (PSEA) suffered a massive data breach in July 2024—claimed by the Rhysida ...
Veeam Backup & Replication Flaw Allows Remote Execution of Malicious Code
A critical vulnerability in Veeam Backup & Replication allows remote code execution, affecting various versions and posing significant security risks.
DollyWay: The 8-Year WordPress Malware Campaign Infecting 20,000 Sites
For nearly a decade, a malware campaign dubbed DollyWay has silently compromised over 20,000 WordPress websites, evolving from a ransomware and banking trojan distributor to ...
Microsoft Exchange Online Outage Impacts Outlook Web Users
A Microsoft Exchange Online outage severely impacted Outlook on the web users globally, causing login and access issues. Microsoft attributed the problem to a code ...
DollyWay Malware Campaign Compromises 20,000 WordPress Sites
The DollyWay malware campaign, active since 2016, has compromised over 20,000 WordPress sites, redirecting users to malicious sites and generating millions of fraudulent impressions monthly.
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
WhatsApp has patched a zero-click vulnerability exploited by Paragon spyware, affecting journalists and activists globally, highlighting ongoing cybersecurity challenges.
Ukrainian Military Targeted in New Signal Spear-Phishing Attacks
krainian military personnel are facing sophisticated spear-phishing attacks using compromised Signal accounts to deliver Dark Crystal RAT malware. Urgent security updates are needed.
Arcane Infostealer Infects YouTube and Discord Users Through Game Cheats
The Arcane infostealer, a new malware, is stealing data from YouTube and Discord users via game cheats, targeting VPNs, messengers, and cryptocurrency wallets. Its sophisticated ...
Pennsylvania Education Union Data Breach Impacts 500,000 Individuals
he Pennsylvania State Education Association (PSEA) suffered a data breach exposing the personal information of over 500,000 individuals, including financial and health records. Rhysida ransomware ...
Ransomware Victims on Dark Web – 12th March, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 3rd March, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Qilin/Agenda Ransomware: The Credential Stealers
Overview The Qilin ransomware group, also known as Agenda, is a Russia-based ransomware-as-a-service (RaaS) operation active since at least July 2022. Initially operating under the ...