Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
UK Government Launches Probe into Cyber Incident After Allegations of Chinese Hacking
Cybersecurity
UK Government Launches Probe into Cyber Incident After Allegations of Chinese Hacking
Mitchell Langley December 22, 2025
The UK government is investigating a cyber incident following media reports suggesting Chinese hackers accessed numerous confidential documents, raising concerns about data security and espionage ...
Clop Ransomware Breach Compromises University of Phoenix Data
News
Clop Ransomware Breach Compromises University of Phoenix Data
Mitchell Langley December 22, 2025
The personal information of nearly 3.5 million University of Phoenix students, staff, and suppliers has been compromised due to a network breach by the Clop ...
Gambit Cyber Raises $3.4 Million in Seed Funding for Growth
Cybersecurity
Gambit Cyber Raises $3.4 Million in Seed Funding for Growth
Gabby Lee December 22, 2025
Gambit Cyber, a cybersecurity startup, has successfully raised $3.4 million in seed funding. The infusion of capital is set to accelerate the advancement of the ...
Iranian Hacker Group Infy Resurfaces New Activities Unearthed
Cybersecurity
PwC Promotes Responsible Innovation in the Era of AI
Andrew Doyle December 22, 2025
With AI becoming ubiquitous, security and compliance risks are on the rise. Organizations face the challenge of innovating responsibly as regulations evolve and risk postures ...
The Kimwolf Android Botnet Poses a Significant Threat to Mobile Security
News
The Kimwolf Android Botnet Poses a Significant Threat to Mobile Security
Andrew Doyle December 22, 2025
The Kimwolf Android botnet, uncovered by XLab, has compromised more than 1.8 million devices globally. With over 1.7 billion DDoS commands issued, this malicious network ...
A Deliberate Attempt to Induce an Outage at NIST Raises Concerns
Cybersecurity
A Deliberate Attempt to Induce an Outage at NIST Raises Concerns
Mitchell Langley December 22, 2025
A NIST staff member recently attempted to disable backup generators supporting its Network Time Protocol infrastructure during a power outage around Boulder, Colorado, causing network ...
U.S. Department of Justice Indicts 54 Individuals in ATM Jackpotting Scheme
Cybersecurity
U.S. Department of Justice Indicts 54 Individuals in ATM Jackpotting Scheme
Mitchell Langley December 22, 2025
The U.S. Department of Justice has charged 54 people linked to a large-scale ATM jackpotting plot using Ploutus malware, targeting ATMs nationwide. The participants belong ...
Denmark Accuses Russia of Cyberattack on Water Utility A Clash in Hybrid Warfare
Cybersecurity
Denmark Accuses Russia of Cyberattack on Water Utility: A Clash in Hybrid Warfare
Gabby Lee December 22, 2025
Denmark points to Russia in a cyberattack targeting a Danish water utility, situating it within a broader pattern of hybrid warfare by Moscow against Western ...
RansomHouse Transitions to a Multi-layered RaaS Encryptor
News
RansomHouse Transitions to a Multi-layered RaaS Encryptor
Mitchell Langley December 22, 2025
RansomHouse has enhanced their ransomware-as-a-service (RaaS) platform by transitioning from a simple single-phase encryption technique to a sophisticated multi-layered method. This development aims to complicate ...
Arrests in Nigeria Reveal Cyberattack Links to Raccoon0365 and Microsoft 365
Cybersecurity
Arrests in Nigeria Reveal Cyberattack Links to Raccoon0365 and Microsoft 365
Andrew Doyle December 22, 2025
Three individuals in Nigeria, targeting Microsoft 365 users via Raccoon0365, have been detained. Learn about the phishing-as-a-service method they used.
Newly Disclosed Vulnerability in WatchGuard Firebox Active Exploitation Underway
Application Security
Newly Disclosed Vulnerability in WatchGuard Firebox: Active Exploitation Underway
Gabby Lee December 22, 2025
A critical remote code execution flaw in WatchGuard's Firebox firewalls has come under active exploitation. Users are urged to implement the latest security measures to ...
Microsoft Teams Outage Affects Thousands of Users Trying to Send Messages
Application Security
Microsoft Teams Outage Affects Thousands of Users Trying to Send Messages
Mitchell Langley December 22, 2025
Microsoft Teams experienced a significant outage with thousands unable to send messages. Users faced delays and disruptions in communication, impacting productivity.
Thailand Conference Launches International Initiative to Fight Online Scams
Cybersecurity
Thailand Conference Launches International Initiative to Fight Online Scams
Gabby Lee December 22, 2025
The conference in Bangkok united cybersecurity experts and ASEAN members to combat online scams, focusing on technology, regulation, and partnerships.
Latest Charges Amplify Indictments Against Alleged Tren de Aragua Members
Cybersecurity
Latest Charges Amplify Indictments Against Alleged Tren de Aragua Members
Andrew Doyle December 22, 2025
A Venezuelan gang, labeled a ruthless terrorist organization by U.S. officials, faces charges for deploying malware on ATMs. This cyber attack strategy allowed the gang ...
Vulnerabilities in SonicWall Remote-Access Appliance Threaten Security
Cybersecurity
Vulnerabilities in SonicWall Remote-Access Appliance Threaten Security
Mitchell Langley December 22, 2025
SonicWall urges users to patch a critical zero-day vulnerability in its SMA 1000 remote-access appliance. This flaw allows attackers to escalate privileges and potentially seize ...
UEFI Vulnerability Exposes Major Motherboards to Early-Boot Attacks
Endpoint Security
UEFI Vulnerability Exposes Major Motherboards to Early-Boot Attacks
Gabby Lee December 22, 2025
A critical Unified Extensible Firmware Interface (UEFI) vulnerability has been identified in major motherboard brands like ASRock, Asus, Gigabyte, and MSI. This flaw potentially opens ...
NIS2 Directive Enhances Identity and Access Control Standards
Identity and Access Management
NIS2 Directive Enhances Identity and Access Control Standards
Andrew Doyle December 22, 2025
The NIS2 Directive places heightened emphasis on identity and access controls, turning weak passwords and inadequate authentication into compliance risks. Specops Software advises on aligning ...
Phishing Attacks by Operation ForumTroll in Russia A Closer Look at October 2025 Campaign
News
Phishing Attacks by Operation ForumTroll in Russia: A Closer Look at October 2025 Campaign
Mitchell Langley December 22, 2025
In October 2025, new phishing attacks by Operation ForumTroll targeted individuals within Russia, shifting focus from organizations previously attacked in spring.
NATO's Digital Backbone Efforts Winning the Information War
Cybersecurity
NATO’s Digital Backbone Efforts: Winning the Information War
Gabby Lee December 22, 2025
NATO focuses on developing sovereign cloud-based technologies to secure its operations. The alliance is in a race to build a robust digital infrastructure that can ...
Microsoft Folder Permission Changes Lead to Queue Failures and Erroneous Error Messages
Application Security
Microsoft Folder Permission Changes Lead to Queue Failures and Erroneous Error Messages
Andrew Doyle December 22, 2025
Microsoft’s recent update to folder permissions in older Windows versions has led to unexpected queue failures caused by the misleading error messages produced. Despite organizations ...
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
MatrixPDF: The New Phishing Toolkit That Turns Safe PDFs into Cyber Weapons
October 1, 2025
Podcasts
Asahi Brewery Cyberattack Halts Domestic Operations Across Japan
September 30, 2025
Podcasts
Akira Ransomware Exploits SonicWall Flaw with Record-Breaking Speed
September 30, 2025

Cyber Security News

Serious Bugs in Chainlit Could Expose Sensitive Credentials
Cybersecurity
Serious Bugs in Chainlit Could Expose Sensitive Credentials
January 22, 2026
Google Gemini's Vulnerability to Prompt Injection Accessing Sensitive Calendar Information
Cybersecurity
Google Gemini’s Vulnerability to Prompt Injection: Accessing Sensitive Calendar Information
January 22, 2026
SolyxImmortal An Info-Stealer Abusing Trusted APIs and Discord Webhooks
Cybersecurity
SolyxImmortal An Info-Stealer Abusing Trusted APIs and Discord Webhooks
January 20, 2026
Google Gemini Security Vulnerability Exposes Google Calendar to Data Exploitation
Application Security
Google Gemini Security Vulnerability Exposes Google Calendar to Data Exploitation
January 20, 2026
Jordanian Hacker Pleads Guilty to Selling Network Access in the United States
Cybersecurity
Jordanian Hacker Pleads Guilty to Selling Network Access in the United States
January 20, 2026
U.K. Authorities Alerted to Russian-aligned Hacktivist DDoS Threats
Cybersecurity
U.K. Authorities Alerted to Russian-Aligned Hacktivist DDoS Threats
January 20, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
PwC Promotes Responsible Innovation in the Era of AI
December 22, 2025
With AI becoming ubiquitous, security and compliance risks are on the rise. Organizations face the challenge of innovating responsibly as regulations evolve and risk postures ...
The Kimwolf Android Botnet Poses a Significant Threat to Mobile Security
December 22, 2025
The Kimwolf Android botnet, uncovered by XLab, has compromised more than 1.8 million devices globally. With over 1.7 billion DDoS commands issued, this malicious network ...
A Deliberate Attempt to Induce an Outage at NIST Raises Concerns
December 22, 2025
A NIST staff member recently attempted to disable backup generators supporting its Network Time Protocol infrastructure during a power outage around Boulder, Colorado, causing network ...
U.S. Department of Justice Indicts 54 Individuals in ATM Jackpotting Scheme
December 22, 2025
The U.S. Department of Justice has charged 54 people linked to a large-scale ATM jackpotting plot using Ploutus malware, targeting ATMs nationwide. The participants belong ...
Denmark Accuses Russia of Cyberattack on Water Utility: A Clash in Hybrid Warfare
December 22, 2025
Denmark points to Russia in a cyberattack targeting a Danish water utility, situating it within a broader pattern of hybrid warfare by Moscow against Western ...
RansomHouse Transitions to a Multi-layered RaaS Encryptor
December 22, 2025
RansomHouse has enhanced their ransomware-as-a-service (RaaS) platform by transitioning from a simple single-phase encryption technique to a sophisticated multi-layered method. This development aims to complicate ...
Arrests in Nigeria Reveal Cyberattack Links to Raccoon0365 and Microsoft 365
December 22, 2025
Three individuals in Nigeria, targeting Microsoft 365 users via Raccoon0365, have been detained. Learn about the phishing-as-a-service method they used.
Newly Disclosed Vulnerability in WatchGuard Firebox: Active Exploitation Underway
December 22, 2025
A critical remote code execution flaw in WatchGuard's Firebox firewalls has come under active exploitation. Users are urged to implement the latest security measures to ...
Microsoft Teams Outage Affects Thousands of Users Trying to Send Messages
December 22, 2025
Microsoft Teams experienced a significant outage with thousands unable to send messages. Users faced delays and disruptions in communication, impacting productivity.
Thailand Conference Launches International Initiative to Fight Online Scams
December 22, 2025
The conference in Bangkok united cybersecurity experts and ASEAN members to combat online scams, focusing on technology, regulation, and partnerships.
Latest Charges Amplify Indictments Against Alleged Tren de Aragua Members
December 22, 2025
A Venezuelan gang, labeled a ruthless terrorist organization by U.S. officials, faces charges for deploying malware on ATMs. This cyber attack strategy allowed the gang ...
Vulnerabilities in SonicWall Remote-Access Appliance Threaten Security
December 22, 2025
SonicWall urges users to patch a critical zero-day vulnerability in its SMA 1000 remote-access appliance. This flaw allows attackers to escalate privileges and potentially seize ...
UEFI Vulnerability Exposes Major Motherboards to Early-Boot Attacks
December 22, 2025
A critical Unified Extensible Firmware Interface (UEFI) vulnerability has been identified in major motherboard brands like ASRock, Asus, Gigabyte, and MSI. This flaw potentially opens ...
NIS2 Directive Enhances Identity and Access Control Standards
December 22, 2025
The NIS2 Directive places heightened emphasis on identity and access controls, turning weak passwords and inadequate authentication into compliance risks. Specops Software advises on aligning ...
Phishing Attacks by Operation ForumTroll in Russia: A Closer Look at October 2025 Campaign
December 22, 2025
In October 2025, new phishing attacks by Operation ForumTroll targeted individuals within Russia, shifting focus from organizations previously attacked in spring.
NATO’s Digital Backbone Efforts: Winning the Information War
December 22, 2025
NATO focuses on developing sovereign cloud-based technologies to secure its operations. The alliance is in a race to build a robust digital infrastructure that can ...
Microsoft Folder Permission Changes Lead to Queue Failures and Erroneous Error Messages
December 22, 2025
Microsoft’s recent update to folder permissions in older Windows versions has led to unexpected queue failures caused by the misleading error messages produced. Despite organizations ...
Russian Hackers Target UKR[.]net in Credential-Stealing Campaign
December 22, 2025
APT28, a Russian state-sponsored threat actor, has launched a persistent credential-harvesting operation against users of UK's UKR[.]net service. The activity was tracked by Recorded Future's ...
ByBit Hack Amplifies North Korean Crypto Theft Surge
December 22, 2025
North Korean hackers have escalated their cryptocurrency thefts, accumulating over $2 billion in 2025 alone. Recent attacks target platforms like ByBit, showcasing sophisticated techniques and ...
Law Enforcement Shuts Down E-Note Exchange for Money Laundering
December 22, 2025
Law enforcement successfully seized E-Note cryptocurrency exchange servers and domains, suspected of laundering over $70 million for cybercriminals. Authorities believe E-Note was a key tool ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited