Main Menu
Cyber Security
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies
RoguePlanet Zero-Day Gives Attackers SYSTEM on Patched Windows
Ivanti Sentry CVE-2026-10520 Actively Exploited, Devices Backdoored
Langflow CVE-2026-5027: Path Traversal Becomes Unauthenticated RCE
WorldLeaks Claims Apple Supplier Tata Electronics and Two More Firms
What is Cloud Detection and Response (CDR) and How Does it Work
Google Patches 5th Chrome Zero-Day; V8 Flaw Chains for OS Access
LiteLLM CVE-2026-42271 Added to CISA KEV: AI API Keys at Risk
France’s Tchap Messaging App Breached, 643K Messages Exposed
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Exploit Published for Linux Kernel nf_tables CVE-2026-23111
Ticking Time Bomb or Opportunity How to Secure Remote Work Environments
Blog
Ticking Time Bomb or Opportunity? How to Secure Remote Work Environments
Mitchell Langley October 31, 2024
Remote work has revolutionized the workplace, but it has also introduced a new wave of security threats. Unvetted software, vulnerable home networks, and public Wi-Fi ...
Boart Longyear Data Breach Compromised Sensitive Customer Information
News
Boart Longyear Data Breach Compromised Sensitive Customer Information
Mitchell Langley October 30, 2024
Boart Longyear, a global drilling company, experienced a data breach exposing sensitive customer information, including Social Security numbers and medical records. The company is sending ...
France's Second-Largest ISP, Free, Suffers Data Breach
News
France’s Second-Largest ISP, Free, Suffers Data Breach
Gabby Lee October 30, 2024
France's second-largest internet service provider (ISP), Free, has confirmed a significant data breach affecting some of its 22.9 million subscribers.
Cash App Data Breach Settlement: Only Few Weeks to Claim $2,575 in Compensation
News
Cash App Data Breach Settlement: Only Few Weeks to Claim $2,575 in Compensation
Mitchell Langley October 30, 2024
Cash App users affected by the 2022 data breach have until November 19th to claim up to $2,575 in compensation for the incident.
Wichita County Cyberattack: 47,000 Residents Affected by Data Breach
News
Wichita County Cyberattack: 47,000 Residents Affected by Data Breach
Mitchell Langley October 30, 2024
The Wichita County cyberattack exposed the sensitive data of 47,000 residents, including SSNs and medical records. The Medusa ransomware gang claimed responsibility, demanding a ransom ...
CRA Data Breach Exposes Tens of Thousands of Taxpayer Accounts, Millions Lost in Bogus Refunds
News
CRA Data Breach Exposes Tens of Thousands of Taxpayer Accounts, Millions Lost in Bogus Refunds
Mitchell Langley October 30, 2024
Tens of thousands of Canadian taxpayers were victims of a massive CRA data breach, resulting in millions of dollars in fraudulent refunds and exposing systemic ...
Fog Ransomware Exploits SonicWall VPN Vulnerability to Breach Corporate Networks
News
Fog Ransomware Exploits SonicWall VPN Vulnerability to Breach Corporate Networks
Gabby Lee October 28, 2024
Fog ransomware exploits a critical SonicWall VPN vulnerability (CVE-2024-40766), enabling rapid network breaches and data encryption. Prompt patching is crucial.
This Week In Cybersecurity: 21st October to 25th October
Cybersecurity
This Week In Cybersecurity: 21st October to 25th October
Andrew Doyle October 25, 2024
Cyberattack Targets Critical Sectors in Cyprus A significant cyberattack has compromised critical infrastructure in Cyprus, highlighting vulnerabilities to sophisticated threats. ...
Johnson & Johnson Data Breach Exposes Personal Information of 3,200 Individuals
News
Johnson & Johnson Data Breach Exposes Personal Information of 3,200 Individuals
Mitchell Langley October 25, 2024
A data breach at Johnson & Johnson's insurance arm compromised personal information from 3,200 individuals. The company is offering credit monitoring and identity restoration services.
Hot Topic Data Breach: Millions of Customers Potentially Affected
News
Hot Topic Data Breach: Millions of Customers Potentially Affected
Gabby Lee October 25, 2024
A massive data breach at Hot Topic potentially exposed millions of customers' personal information, highlighting
Nidec Corporation Suffers Data Breach: Ransomware Attack Leaks Sensitive Information
News
Nidec Corporation Suffers Data Breach: Ransomware Attack Leaks Sensitive Information
Mitchell Langley October 25, 2024
Nidec Corporation confirms a ransomware attack leaked 50,694 files, including sensitive business documents, after negotiations with attackers failed.
Rocky Mountain Gastroenterology Suffers Triple Cyberattack, Exposing Data of Up to 169,000 Patients
News
Rocky Mountain Gastroenterology Suffers Triple Cyberattack, Exposing Data of Up to 169,000 Patients
Mitchell Langley October 25, 2024
Rocky Mountain Gastroenterology suffered a devastating triple cyberattack, exposing sensitive data of up to 169,000 patients, highlighting the urgent need for enhanced healthcare cybersecurity.
Intesa Sanpaolo Data Breach: What We Know So Far?
News
Intesa Sanpaolo Data Breach: What We Know So Far
Gabby Lee October 25, 2024
Intesa Sanpaolo faced a significant data breach, with an employee allegedly accessing 3,500 customer accounts, including Prime Minister Giorgia Meloni's. No data was exported, but ...
Winnebago Public Schools Shuts Down After Devastating Cyberattack
News
Winnebago Public Schools Shuts Down After Devastating Cyberattack
Mitchell Langley October 25, 2024
The Winnebago school cyberattack forced the cancellation of classes. The district experienced widespread service disruptions, leading to early dismissal and Wednesday's school closure.
Transak Hit by Data Breach: 57,000 Users Affected by Stormous Ransomware Attack
News
Transak Hit by Data Breach: 57,000 Users Affected by Stormous Ransomware Attack
Gabby Lee October 22, 2024
Transak, a fiat-to-crypto payment gateway, suffered a data breach impacting 57,000 users. Stormous ransomware group claimed responsibility, exposing personal data despite no financial loss.
Cisco Confirms Data Breach: Public-Facing DevHub Targeted by Hackers
News
Cisco Confirms Data Breach: Public-Facing DevHub Targeted by Hackers
Gabby Lee October 22, 2024
Cisco confirms a breach of its public-facing DevHub, exposing source code, credentials, and API tokens, raising concerns about future attacks despite no internal system compromise.
Internet Archive Breached Again: Stolen Access Tokens Expose Millions of Support Tickets
News
Internet Archive Breached Again: Stolen Access Tokens Expose Millions of Support Tickets
Mitchell Langley October 22, 2024
The Internet Archive suffered a second breach due to exposed GitLab tokens, granting access to 800,000+ Zendesk support tickets and potentially sensitive user data.
Cyberattack Targets Critical Sectors in Cyprus
News
Cyberattack Targets Critical Sectors in Cyprus
Gabby Lee October 22, 2024
A major cyberattack targeted critical sectors in Cyprus, causing significant concerns about national security and economic stability. The incident highlights the urgent need for enhanced ...
Cyprus Successfully Defends Against Wave of DDoS Cyberattacks
News
Cyprus Successfully Defends Against Wave of DDoS Cyberattacks
Mitchell Langley October 22, 2024
Cyprus successfully repelled a wave of cyberattacks targeting government and private sector institutions, including a DDoS attack on the gov.cy portal. Authorities responded swiftly, preventing ...
This Week In Cybersecurity: 14th October to 18th October
Cybersecurity
This Week In Cybersecurity: 14th October to 18th October
Andrew Doyle October 22, 2024
Live Nation Faces Class Action Lawsuit Following Ticketmaster Data Breach In April 2024, Ticketmaster experienced a significant data breach, exposing ...
Application Security
Chrome 149 Patches 28 Flaws, Including 12 Use-After-Free Bugs
Gabby Lee June 12, 2026
Cybersecurity
Kyushu Electric Loses Drive With Data on 10.9M Customers
Mitchell Langley June 12, 2026
Blog
Triple Extortion Ransomware: How It Works and How to Stop It
Andrew Doyle June 12, 2026
Cybersecurity
Europol Dismantles AudiA6 Crypto Laundering Service
Gabby Lee June 12, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Application Security
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
Application Security
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers

This Week’s Security Spotlight

Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Andrew Doyle June 12, 2026
Application Security
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Andrew Doyle June 10, 2026
Application Security
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Gabby Lee June 10, 2026
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
More In News
Trending
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Sorry, we couldn't find any posts. Please try a different search.

Cyber Security News

Anthropic Responds to Viral Allegations of Account Bans
Cybersecurity
Anthropic Responds to Viral Allegations of Account Bans
January 12, 2026
CISA Streamlines Security Measures With Vulnerability Catalog Adoption
Cybersecurity
CISA Streamlines Security Measures With Vulnerability Catalog Adoption
January 11, 2026
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Application Security
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
January 11, 2026
Email Security's True Challenge Evaluating Post-access Threats
Blog
Email Security’s True Challenge: Evaluating Post-access Threats
January 11, 2026
APT28 Intensifies Credential Harvesting on Nuclear and Energy Sectors
Cybersecurity
APT28 Intensifies Credential Harvesting on Nuclear and Energy Sectors
January 11, 2026
NSA Announces Tim Kosiba as New Deputy Director
Cybersecurity
NSA Announces Tim Kosiba as New Deputy Director
January 11, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
MegaRAC CVE-2024-54085 Vulnerability: Critical BMC Flaw Threatening Data Centers
March 19, 2025
A newly discovered critical vulnerability (CVE-2024-54085) in AMI’s MegaRAC Baseboard Management Controller (BMC) software puts thousands of servers at risk—including those from HPE, Asus, and ...
California Cryobank Data Breach Exposes Sensitive Customer Information
March 19, 2025
California Cryobank, a major US sperm bank, suffered a data breach exposing customer names, bank details, Social Security numbers, and more. The company is offering ...
GitHub Action Hack May Cause Another Supply Chain Attack
March 19, 2025
A cascading supply chain attack, starting with a GitHub Action hack, exposed CI/CD secrets across 23,000 repositories, highlighting vulnerabilities in third-party code reliance.
Western Alliance Bank Data Breach Impacts 21,899 Customers
March 19, 2025
Western Alliance Bank suffered a data breach impacting 21,899 customers, exposing sensitive personal and financial information due to a third-party vendor's software vulnerability exploited by ...
11 State-Sponsored Hacking Groups Exploit Windows Zero-Day Exploit
March 19, 2025
A critical Windows zero-day exploit, ZDI-CAN-25373, has been exploited by 11 state-sponsored hacking groups since 2017, enabling data theft and espionage. Microsoft initially declined to ...
Microsoft Windows March Update Wipes Out Copilot
March 19, 2025
Microsoft’s latest Windows 10 and 11 updates (KB5053598 and KB5053606) have accidentally uninstalled Copilot, the AI assistant, from some users’ systems—leaving many relieved rather than ...
$6.1 Million Crypto Stolen in WEMIX Hack
March 19, 2025
WEMIX, a blockchain gaming platform, suffered a $6.1 million crypto theft. Hackers stole authentication keys, planning the attack for two months before executing 13 successful ...
The Mirai Botnet: The Infamous DDoS Weapon
March 19, 2025
The Mirai botnet, a notorious piece of malware, launched devastating DDoS attacks in 2016. This blog post delves into its origins, spread, impact, and the ...
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
March 18, 2025
Microsoft discovered StilachiRAT, a new RAT malware using sophisticated techniques to steal cryptocurrency and perform reconnaissance. Its advanced evasion capabilities make proactive defense crucial.
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
March 18, 2025
A supply chain attack on the popular tj-actions/changed-files GitHub Action exposed CI/CD secrets. Attackers compromised a PAT, impacting 23,000 repositories. GitHub has since removed the ...
Critical Apache Tomcat Flaw Actively Exploited in Attacks
March 18, 2025
Critical Apache Tomcat RCE vulnerability (CVE-2025-24813) is actively exploited, allowing attackers to take control of servers via simple PUT requests. Immediate patching is crucial.
Fake “Security Alert” on GitHub Used to Hijack OAuth App Accounts
March 18, 2025
A massive GitHub phishing campaign uses fake "Security Alert" issues and a malicious OAuth app to hijack accounts, granting attackers full control. Immediate action is ...
Lingnan University Suffers Cybersecurity Breach: Sensitive Data Exposed
March 18, 2025
Lingnan University in Hong Kong suffered a data breach exposing thousands of records, including sensitive personal data. The university is taking steps to enhance security.
Hackers Flip the Script: How a Fake Coinbase Email Could Empty Your Wallet
March 18, 2025
A new and incredibly deceptive phishing campaign is targeting Coinbase users—but this isn’t your typical scam. Instead of stealing your recovery phrase, attackers are handing ...
Florida Hospital Data Breach Impacts Over 120,000 Patients
March 17, 2025
A Florida hospital, CDH, suffered a data breach impacting over 120,000 patients. Sensitive data, including Social Security numbers and health information, was compromised. The BianLian ...
Brute-Force on Autopilot: Black Basta’s ‘BRUTED’ VPN Tool for Ransomware Expansion
March 17, 2025
Black Basta, one of the most notorious ransomware gangs, has taken brute-force attacks to the next level with BRUTED—an automated framework designed to breach VPNs, ...
GitHub Action Hijacked: The Supply Chain Attack That Exposed 23,000 Repositories
March 17, 2025
In this episode, we unpack a major supply chain attack that compromised the widely used GitHub Action ‘tj-actions/changed-files’, affecting over 23,000 repositories. Attackers injected malicious ...
Brave Browser Review 🎯 How Safe is This Web Browser? (2025)
March 17, 2025
BlackBasta Ransomware Uses Automated Tool ‘BRUTED’ to Brute-Force VPNs
March 17, 2025
The BlackBasta ransomware group uses an automated tool, BRUTED, to brute-force VPNs and firewalls, highlighting the need for robust multi-factor authentication.
JD.com Data Breach: Babuk Ransomware Cartel Claims Massive Data Theft
March 17, 2025
JD.com, a major Chinese retailer, faces a massive data breach after the Babuk ransomware cartel claims to have stolen customer passwords and other sensitive information. ...
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies