Cyber Security
News
Data Breach at DISA Impacts 3.3 Million Compromising Social Security Numbers and Financial Data
DISA Global Solutions, a US drug testing firm, suffered a data breach exposing the sensitive data of 3.3 million individuals. Social Security numbers and financial ...
News
Have You Been Pwned As Well? The Data Breach Notification Service Adds 284 Million Accounts as Stolen by Infostealer Malware
Have I Been Pwned added 284 million accounts compromised by infostealer malware found on a Telegram channel. The breach includes emails, passwords, and website data.
News
Orange Group Confirms Data Breach, Hacker Leaks Internal Documents
A hacker leaked thousands of Orange Group's internal documents. The breach compromised user records and employee data. Orange Group confirmed the incident.
News
Boys & Girls Clubs of Tennessee Valley Data Breach Exposes Sensitive Information
The Boys & Girls Clubs of the Tennessee Valley experienced a data breach between November 19-23, 2024, exposing personal data including Social Security numbers and ...
News
IT Service Provider Hack in Russia Puts Financial Sector on High Alert
Russia's financial sector faces a significant threat after a major IT service provider, LANIT, was hacked. Authorities urge password and credential changes.
News
Lucent Health Data Breach: Law Firm Investigates Legal Claims
A data breach at Lucent Health exposed sensitive personal information, including Social Security numbers and medical records. The Murphy Law Firm is investigating legal claims ...
News
Genea IVF Clinic Data Leak: Medical Records, Addresses, and Phone Numbers at Risk
Genea, a major Australian IVF provider, suffered a data breach on February 14th. Sensitive patient data, including medical records and contact information, was compromised. The ...
Cybersecurity
CISA Warns of Craft CMS Code Injection Flaw
CISA warns of an actively exploited Craft CMS code injection flaw (CVE-2025-23209), urging users to upgrade to patched versions 5.5.8 and 4.13.8 or later.
News
Vivifi Data Leak: Millions of Loan Applicants’ Data Exposed
A massive vivifi data leak exposed 36 million files containing sensitive personal data of Indian loan applicants, including passports and bank details, due to a ...
News
Bybit Hack: $1.5 Billion Ethereum Theft in Biggest Crypto Heist Ever
Hackers stole $1.5 billion in Ethereum from Bybit, the world's second-largest crypto exchange. The heist is the largest digital theft ever recorded. Bybit is offering ...
News
Cyber Attack on Rainbow District School Board Had Personal Data Stolen in Data Leak
Rainbow District School Board confirms a cyber attack resulting in a data breach, exposing staff and student personal data, including social insurance numbers and bank ...
News
Chinese Hackers from Salt Typhoon Deploy Custom Malware in US Telecom Cyberespionage Campaign
Chinese state-sponsored hackers, the Salt Typhoon group, used custom malware, JumbledPath, to infiltrate US telecom networks, stealing data and monitoring communications.
News
CISA and FBI Report Ghost Ransomware Breached 70 Countries
CISA and the FBI warn of a global Ghost ransomware attack impacting organizations across 70 countries, exploiting known vulnerabilities in various software and systems. Immediate ...
News
Black Basta Ransomware Data Leak Exposes Internal Communications and Targets
The Black Basta ransomware gang's internal chat logs leaked, exposing victims, tactics, and key members. The data leak reveals internal conflicts and potential Russian bank ...
News
Darcula PhaaS 3.0 Auto-Generates Phishing Kits for Any Brand
Darcula PhaaS, a phishing-as-a-service platform, now offers a DIY phishing kit generator. This allows users to easily create phishing attacks targeting any brand, significantly increasing ...
News
The Rise of AI Agents: A New Era of AI Cyberthreats
AI agents are transforming cybersecurity, enabling autonomous attacks that overwhelm defenses. This new AI cyberthreat demands proactive strategies and advanced defenses to mitigate the risks.
News
Cayuga Medical Center Suffers Cyberattack, Operations Temporarily Disrupted
Cayuga Medical Center experienced a cyberattack on February 19th, temporarily halting ER admissions and diverting ambulances. The hospital is now fully operational.
News
Australian Fertility Services Giant Genea Hit by Major Security Breach
Australian fertility services giant Genea suffered a significant security breach, exposing potentially sensitive patient data. The company is investigating the extent of the unauthorized ...
News
NailaoLocker Ransomware Targets EU Healthcare Sector in a Cyberattack
NailaoLocker ransomware, a newly discovered threat, targeted EU healthcare organizations between June and October 2024, exploiting a Check Point vulnerability. The attack leveraged ShadowPad and ...
News
Venture Capital Giant Insight Partners Hit by Cyber Attack
Insight Partners, a venture capital giant, suffered a cyber attack in January via social engineering. The firm manages over $90 billion in assets and is ...
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
The Mirai Botnet: The Infamous DDoS Weapon
The Mirai botnet, a notorious piece of malware, launched devastating DDoS attacks in 2016. This blog post delves into its origins, spread, impact, and the ...
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
Microsoft discovered StilachiRAT, a new RAT malware using sophisticated techniques to steal cryptocurrency and perform reconnaissance. Its advanced evasion capabilities make proactive defense crucial.
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
A supply chain attack on the popular tj-actions/changed-files GitHub Action exposed CI/CD secrets. Attackers compromised a PAT, impacting 23,000 repositories. GitHub has since removed the ...
Critical Apache Tomcat Flaw Actively Exploited in Attacks
Critical Apache Tomcat RCE vulnerability (CVE-2025-24813) is actively exploited, allowing attackers to take control of servers via simple PUT requests. Immediate patching is crucial.
Fake “Security Alert” on GitHub Used to Hijack OAuth App Accounts
A massive GitHub phishing campaign uses fake "Security Alert" issues and a malicious OAuth app to hijack accounts, granting attackers full control. Immediate action is ...
Lingnan University Suffers Cybersecurity Breach: Sensitive Data Exposed
Lingnan University in Hong Kong suffered a data breach exposing thousands of records, including sensitive personal data. The university is taking steps to enhance security.
Hackers Flip the Script: How a Fake Coinbase Email Could Empty Your Wallet
A new and incredibly deceptive phishing campaign is targeting Coinbase users—but this isn’t your typical scam. Instead of stealing your recovery phrase, attackers are handing ...
Florida Hospital Data Breach Impacts Over 120,000 Patients
A Florida hospital, CDH, suffered a data breach impacting over 120,000 patients. Sensitive data, including Social Security numbers and health information, was compromised. The BianLian ...
Brute-Force on Autopilot: Black Basta’s ‘BRUTED’ VPN Tool for Ransomware Expansion
Black Basta, one of the most notorious ransomware gangs, has taken brute-force attacks to the next level with BRUTED—an automated framework designed to breach VPNs, ...
GitHub Action Hijacked: The Supply Chain Attack That Exposed 23,000 Repositories
In this episode, we unpack a major supply chain attack that compromised the widely used GitHub Action ‘tj-actions/changed-files’, affecting over 23,000 repositories. Attackers injected malicious ...
BlackBasta Ransomware Uses Automated Tool ‘BRUTED’ to Brute-Force VPNs
The BlackBasta ransomware group uses an automated tool, BRUTED, to brute-force VPNs and firewalls, highlighting the need for robust multi-factor authentication.
JD.com Data Breach: Babuk Ransomware Cartel Claims Massive Data Theft
JD.com, a major Chinese retailer, faces a massive data breach after the Babuk ransomware cartel claims to have stolen customer passwords and other sensitive information. ...
UDMI Radiology Firm Suffers Major Data Breach: Fog Ransomware Claims Responsibility
Fog ransomware group claims responsibility for a major data breach at UDMI, a radiology firm, impacting over 138,000 individuals. The incident underscores the critical need ...
FBI Issues Warning Against Medusa Ransomware for Gmail, Outlook, and VPN Users
The FBI warns of escalating Medusa ransomware attacks targeting Gmail, Outlook, and VPN users, urging immediate security enhancements to mitigate the threat.
LockBit Ransomware Developer Extradited to the United States
A key LockBit ransomware developer, Rostislav Panev, has been extradited to the US to face charges for his role in the group's global attacks.
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
This blog delves into the critical gap between meeting compliance standards and achieving true cybersecurity resilience. Learn why simply checking boxes isn't enough and how ...
Bridging the Gap: Developers vs. Security in the Cloud
In this episode of The Deep Dive, we explore the ongoing tension between development and security teams in cloud environments. While developers prioritize speed and ...
Insider Attack and Extortion at Stram Center, SSK Plastic Surgery and Grove at Valhalla Rehabilitation
Three healthcare providers suffered data breaches from insider attacks, extortion, and third-party vulnerabilities, highlighting the need for robust cybersecurity measures.