Main Menu
Cyber Security
The Role of a Cyber Security Specialist in Building Cyber Resilience and Modern Defense Strategies
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
Why External Attack Surface Management Belongs at the Core of Your Cybersecurity Strategy
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
DragonForce Expands Ransomware Model with White-Label Branding
News
DragonForce Expands Ransomware Model with White-Label Branding
Andrew Doyle April 28, 2025
DragonForce expands its ransomware cartel with a white-label model, allowing affiliates to use its infrastructure under their own brand, taking a 20% cut of ransoms. ...
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
News
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
Mitchell Langley April 28, 2025
SK Telecom Reports Customer Data Breach Linked to Cyberattack SK Telecom, South Korea’s largest mobile carrier, announced that it suffered ...
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
News
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
Mitchell Langley April 25, 2025
Spyware hidden in a fake AlpineQuest app is stealing sensitive data from Russian soldiers, revealing operational plans via location tracking and real-time Telegram monitoring.
Frederick Health Data Breach Impacts 934,326 Patients
News
Frederick Health Data Breach Impacts 934,326 Patients
Mitchell Langley April 25, 2025
In January, a ransomware attack on Frederick Health Medical Group exposed sensitive data of 934,326 patients, triggering law enforcement involvement and mandatory federal breach reporting. ...
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
News
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
Andrew Doyle April 25, 2025
MTN confirms a data breach exposing limited customer data, assures core systems are safe. Law enforcement and regulators have been notified as investigations continue.
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
News
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
Andrew Doyle April 25, 2025
The Interlock ransomware group has claimed responsibility for a cyberattack on DaVita, leaking 1.5TB of sensitive data allegedly stolen from the Fortune 500 healthcare provider.
System Intrusions Surge Across EMEA, Verizon DBIR Warns
News
System Intrusions Surge Across EMEA, Verizon DBIR Warns
Andrew Doyle April 24, 2025
System intrusion breaches in EMEA doubled to 53% in one year, according to Verizon’s 2025 DBIR, as internal threats and third-party involvement surged globally.
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
News
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
Mitchell Langley April 24, 2025
Blue Shield of California disclosed a data breach impacting 4.7 million members after misconfigured Google Analytics exposed protected health information to Google Ads platforms.
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
News
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
Andrew Doyle April 24, 2025
A record-breaking 1.33 million-device botnet has driven a 110% surge in DDoS attacks in Q1 2025, targeting fintech, e-commerce, and telecom sectors.
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
News
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
Andrew Doyle April 24, 2025
A data breach at Yale New Haven Health exposed personal details of 5.5 million patients, with names, SSNs, and medical IDs among the data stolen. ...
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
News
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
Mitchell Langley April 24, 2025
Cybercrime losses in the U.S. hit $16.6 billion in 2024, with older adults and businesses suffering the most, according to new FBI complaint data.
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
News
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
Mitchell Langley April 23, 2025
Marks & Spencer confirms a cyberattack disrupting services, leading to delayed orders and affecting contactless payments, while assuring customers of ongoing efforts to resolve the ...
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Cybersecurity
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Andrew Doyle April 23, 2025
Varonis researchers reveal Cookie-Bite, a proof-of-concept Chrome extension attack that steals Azure Entra ID session cookies to bypass MFA and access Microsoft 365 services.
SK Telecom Malware Incident Targets USIM Customer Data
News
SK Telecom Malware Incident Targets USIM Customer Data
Andrew Doyle April 23, 2025
SK Telecom has disclosed a malware attack that exposed sensitive USIM data, prompting swift containment, investigation, and enhanced security measures for its 34 million subscribers. ...
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
News
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
Mitchell Langley April 23, 2025
Baltimore City Public Schools confirms 25,000 people were impacted by a February ransomware attack that exposed sensitive employee and student information, including identification documents.
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
News
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
Andrew Doyle April 23, 2025
A zero-day flaw in Active! Mail is under active exploitation in Japan, affecting major providers and exposing data across enterprise, education, and government sectors.
Ad Fraud Operation 'Scallywag' Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Cybersecurity
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Mitchell Langley April 22, 2025
The Scallywag ad fraud network used WordPress plugins to generate 1.4 billion daily ad requests, monetizing piracy and redirect sites before being dismantled.
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Cybersecurity
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Gabby Lee April 22, 2025
The FBI warns of a scam where criminals impersonate IC3 officials, targeting prior fraud victims with false promises of fund recovery to steal financial information. ...
Abilene, Texas Shuts Down City Systems Following Cyberattack
News
Abilene, Texas Shuts Down City Systems Following Cyberattack
Mitchell Langley April 22, 2025
Abilene, Texas has taken key systems offline after a cyberattack. City services are disrupted but emergency response remains intact. Investigation and recovery efforts continue.
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
News
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
Mitchell Langley April 22, 2025
Google confirms a phishing campaign targeting Gmail users that abused DKIM and Google Sites to send spoofed legal requests and steal user credentials undetected.
Stormous Ransomware: Unmasking the Pro-Russian Cyber Threat
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee July 3, 2025
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
Gabby Lee June 10, 2025
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley May 8, 2025

TOP CYBERSECURITY HEADLINES

Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
News
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
News
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
Episource Data Breach Hits Over 5 Million Patients, Sensitive Medical and Insurance Data Potentially Exposed
News
Episource Data Breach Hits Over 5 Million Patients, Sensitive Medical and Insurance Data Potentially Exposed
Abacus Market Disappears in Suspected Exit Scam After Handling $300 Million in Darknet Transactions
News
Abacus Market Disappears in Suspected Exit Scam After Handling $300 Million in Darknet Transactions

SECURITYWEEK INDUSTRY EXPERTS

Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
News
Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
Mitchell Langley July 17, 2025
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US
News
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US
Andrew Doyle July 17, 2025
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
News
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
Mitchell Langley July 17, 2025
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
News
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
Andrew Doyle July 17, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Fortnite and the FTC: How Epic Games Misled Players into Unwanted Purchases
June 27, 2025
Podcasts
Microsoft 365 Direct Send Exploited: How Phishing Emails Masquerade as Internal Messages
June 27, 2025
Podcasts
Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Risk
June 27, 2025

Cyber Security News

AFP Cyberattack: Security Breach at French News Agency Exposes Critical Infrastructure Vulnerabilities
Cybersecurity
AFP Cyberattack: Security Breach at French News Agency Exposes Critical Infrastructure Vulnerabilities
September 30, 2024
What is DNS SpoofingDNS Cache Poisoning and How Can It Compromise Your Network
Blog
What is DNS Spoofing/DNS Cache Poisoning and How Can It Compromise Your Network?
September 30, 2024
This Week In Cybersecurity: 23rd September to 27th September
Cybersecurity
This Week In Cybersecurity: 23rd September to 27th September
September 27, 2024
23andMe Board Resigns Amidst CEO's Takeover Bid: A Battle for Control
Cybersecurity
23andMe Board Resigns Amidst CEO’s Takeover Bid: A Battle for Control
September 20, 2024
Change Healthcare Data Breach Class Action Lawsuits Update
Cybersecurity
Change Healthcare Data Breach Class Action Lawsuits Update
September 20, 2024
What is Secure by Design? A Guide for Enterprise Businesses
Application Security
What is Secure by Design? A Guide for Enterprise Businesses
September 20, 2024
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Multi-Stage Phishing Attacks Now Use Google Infrastructure—Here’s How
June 2, 2025
Recent phishing campaigns have entered a new phase—one where trust is weaponized. In this episode, we break down how cybercriminals are exploiting legitimate services like ...
Password Hashes Leaked via Linux Crash Handlers: The Truth Behind CVE-2025-5054 & 4598
June 2, 2025
In this episode, we unpack two newly disclosed Linux vulnerabilities—CVE-2025-5054 and CVE-2025-4598—discovered by the Qualys Threat Research Unit (TRU). These race condition flaws impact Ubuntu’s ...
Inside the AVCheck Takedown: How Law Enforcement Disrupted a Key Cybercrime Tool
June 2, 2025
In this episode, we unpack the international takedown of AVCheck, one of the largest counter antivirus (CAV) services used by cybercriminals to test and fine-tune ...
Kaiser Permanente Recovers from Widespread Network Outage That Disrupted Patient Services Nationwide
June 1, 2025
Kaiser Permanente suffered a major network outage that disrupted electronic health records and patient services across the U.S. System functionality was restored the following day. ...
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
June 1, 2025
Latrodectus malware infected over 44,000 IP addresses before Operation Endgame's global takedown, with Shadowserver warning of critical ongoing threats across infected systems.
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
June 1, 2025
Germany has named Vitaly Kovalev, aka "Stern," as the leader of the Conti ransomware and TrickBot gangs in a major breakthrough tied to Operation Endgame. ...
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
June 1, 2025
Exploit details for a critical Cisco IOS XE Wireless LAN Controller vulnerability (CVE-2025-20188) are now public, raising urgent concerns about remote code execution risks.
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
June 1, 2025
Two critical vBulletin vulnerabilities, actively exploited in the wild, allow attackers to execute code remotely by abusing template logic and PHP’s Reflection API.
184 Million Login Credentials Exposed in Major Unprotected Database Leak
June 1, 2025
Over 184 million login credentials were exposed online in plain text, revealing widespread negligence in data protection and the growing threat of credential-based cyberattacks.
Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers
May 30, 2025
In this episode, we dive into the graphical corruption saga triggered by Firefox version 139, released on May 27, 2025. Aimed at uncovering what went ...
ConnectWise Breach: Nation-State Exploits CVE-2025-3935 in ScreenConnect
May 30, 2025
ConnectWise has confirmed a cyberattack targeting ScreenConnect, its remote access solution used by thousands of Managed Service Providers (MSPs). The breach is reportedly tied to ...
Unbound Raises $4M to Secure Generative AI in the Enterprise
May 30, 2025
In this episode, we break down the recent $4 million seed funding round for Unbound, a startup tackling one of the biggest unsolved problems in ...
This Week In Cybersecurity: 26th to 30th May, 2025
May 30, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
Victoria’s Secret Takes Website Offline Following Security Incident
May 30, 2025
Victoria’s Secret temporarily disabled its website and limited in-store services to address a cybersecurity incident. Third-party experts have been engaged; stores remain open.
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
May 30, 2025
An exposed Unimed server leaked over 14 million private patient-doctor messages, including medical data, documents, and IDs—posing major cybersecurity and privacy risks.
Russian Nuclear Facility Blueprints Exposed in Massive Security Breach
May 30, 2025
Russian nuclear facility blueprints were exposed in a public procurement database, revealing sensitive layouts of missile silos and bunkers tied to Moscow’s nuclear modernization.
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
May 30, 2025
Chinese APT41 hackers used Google Calendar to run malware operations and exfiltrate data, exploiting Calendar events for covert command-and-control and stealth communications.
Windows Updates, Reimagined: Inside Microsoft’s Unified Orchestration Push
May 29, 2025
Microsoft is taking direct aim at one of the biggest pain points in the Windows ecosystem: update fragmentation. In this episode, we dive deep into ...
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
May 29, 2025
Medusa ransomware claims a 150GB data breach at RE/MAX and demands $200K ransom. Exposed files include agent details, commissions, and internal property documents.
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
May 29, 2025
BSI warns of an unpatched flaw in Windows Server 2025 Active Directory that allows domain takeover via dMSA. Microsoft rates it moderate; Germany rates it ...
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
Operation Eastwood: Inside the Takedown of NoName057(16)
Phished and Exposed: What the Co-op Hack Reveals About Retail Cybersecurity
FileFix Attacks Are Here: How Interlock’s Ransomware is Skipping Your Defenses
Ontinue Uncovers SVG-Based Phishing: Why Your Browser Could Be the Weak Link
Episource Data Breach Hits Over 5 Million Patients, Sensitive Medical and Insurance Data Potentially Exposed
Exein Raises €70M: Defending the IoT-AI Frontier with Embedded Security
Salt Typhoon Strikes Again: National Guard, Telecoms, and a Crisis in U.S. Cyber Defense
Abacus Market Disappears in Suspected Exit Scam After Handling $300 Million in Darknet Transactions
DragonForce Claims Cyberattack on US Retail Giant Belk, Leaks 156GB of Sensitive Customer and Employee Data
Diskstation Ransomware Gang Dismantled After Years of Targeting NAS Devices Across Europe
Consentik Breach Exposes Hundreds of Shopify Stores to Admin Takeovers and Data Theft
CISA Faces Budget and Staffing Reductions Under Current Administration
Chinese Cyberespionage Group ‘Salt Typhoon’ Infiltrates U.S. National Guard Network
Quantum Computing Emerges as Major Future Cybersecurity Threat
Outdated Hiring Practices Hamper Cybersecurity Talent Acquisition
Employee Fear of Reprisal Leads to Unreported Cyber Attacks
DragonForce Ransomware Hits Belk: 150GB Data Leak and Operational Chaos