Main Menu
Cyber Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Mysk: WhatsApp Stores Chats Unencrypted, Meta Apps Can Read Them
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
FBI Warns Kali365 PhaaS Platform Bypasses Microsoft 365 MFA
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
DPRK npm Packages Use Hugging Face to Exfiltrate Developer Credentials
Deleted Google API Keys Stay Active for Up to 23 Minutes
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Texas AG Sues Meta Over WhatsApp Encryption Claims
Banana RAT Hijacks Brazil Pix QR Codes via NF-e Lures
UNG0002 Hides Cobalt Strike in macOS Folder Structures
INJ3CTOR3 Deploys JOMANGY Webshell in FreePBX Campaign
Operation Dragon Whistle Uses VS Code Tunnels as C2
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
NGINX 1.31.0 Zero-Day nginx-poolslip Bypasses ASLR
WantToCry Ransomware Hits SMB Ports, Evades EDR Tools
DOJ Secures Guilty Pleas From Tech-Support Fraud Executives
BadIIS Malware-as-a-Service Hijacks IIS Servers for SEO Fraud
GhostTree Exploit Hangs Windows Defender With NTFS Junctions
SilverFox APT Spreads ValleyRAT via Fake Microsoft Teams Sites
TamperedChef Hides Malware Inside Signed Apps
Chrome 148 Patches Critical WebRTC Use-After-Free
P2PInfect Botnet Infiltrates Kubernetes Clusters via Redis
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
Cybersecurity
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
Mitchell Langley April 1, 2026
OpenAI initiates a bug bounty program to uncover and mitigate abuse and safety vulnerabilities.
New Phishing Techniques Threaten TikTok Business Account Security
News
New Phishing Techniques Threaten TikTok Business Account Security
Andrew Doyle April 1, 2026
Cybercriminals use phishing tactics to hijack TikTok business accounts.
US and UK Seek Advanced Tech to Counter Underwater Drone Threats
Cybersecurity
US and UK Seek Advanced Tech to Counter Underwater Drone Threats
Gabby Lee April 1, 2026
US and UK aim to strengthen maritime defense against underwater drones.
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
Cybersecurity
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
Andrew Doyle April 1, 2026
AFC Ajax confirms a significant data breach that exposed vulnerabilities in its internal systems, enabling unauthorized access.
TP-Link Routers Receive Patches for High-Severity Security Flaws
Cybersecurity
TP-Link Routers Receive Patches for High-Severity Security Flaws
Mitchell Langley April 1, 2026
TP-Link patches high-severity router flaws that could enable authentication bypass, arbitrary command execution, and configuration file decryption.
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
Cybersecurity
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
Gabby Lee April 1, 2026
Cloudflare-themed attack uses ClickFix tactics to deliver Python-based Infiniti stealer on macOS systems.
Infinity Stealer Malware Takes Aim at macOS Systems
Cybersecurity
Infinity Stealer Malware Takes Aim at macOS Systems
Andrew Doyle March 31, 2026
New malware, Infinity Stealer, targeting macOS via Python payload compiled with Nuitka.
Iranian Hackers Breach FBI Director's Personal Email Account
Cybersecurity
Iranian Hackers Breach FBI Director’s Personal Email Account
Mitchell Langley March 31, 2026
Iranian-backed hackers penetrated FBI director's email, leaked sensitive information online.
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
News
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
Gabby Lee March 31, 2026
Russian-based TA446 group wields DarkSword to compromise iOS devices, escalating cybersecurity threats.
European Commission Responds to Cloud Infrastructure Cyberattack
Cybersecurity
European Commission Responds to Cloud Infrastructure Cyberattack
Andrew Doyle March 31, 2026
The European Commission contained a cyberattack affecting its cloud infrastructure, ensuring no internal network disruption to Europa.eu websites.
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
Application Security
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
Mitchell Langley March 31, 2026
Security flaw in Smart Slider 3 WordPress plugin risks unauthorized file access across more than 800,000 websites.
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
Cybersecurity
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
Gabby Lee March 31, 2026
Apple is urging iOS and iPadOS users to update their devices immediately due to active web-based security threats.
CareCloud Responds to a Potential Data Security Breach
Cybersecurity
CareCloud Responds to a Potential Data Security Breach
Andrew Doyle March 31, 2026
CareCloud investigates potential data breach in its electronic health record system, raising cybersecurity concerns.
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
Cybersecurity
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
Mitchell Langley March 31, 2026
Cybercrime group associated with Trivy attack uploads malicious Telnyx packages to PyPI aiming to deploy credential-stealing malware.
Hackers Exploit a Critical Citrix Vulnerability to Steal Sensitive Data
CVE Vulnerability Alerts
Hackers Exploit a Critical Citrix Vulnerability to Steal Sensitive Data
Mitchell Langley March 31, 2026
Critical Citrix vulnerability CVE-2026-3055 is targeted by attackers to steal data.
A Hidden Flaw in OpenAI ChatGPT Turns Conversations Into Data Leaks
Cybersecurity
A Hidden Flaw in OpenAI ChatGPT Turns Conversations Into Data Leaks
Gabby Lee March 31, 2026
New vulnerability in OpenAI ChatGPT allows secret data leaks.
Researchers Uncover a New Malware Loader Targeting Credentials Through ClickFix
Cybersecurity
Researchers Uncover a New Malware Loader Targeting Credentials Through ClickFix
Andrew Doyle March 31, 2026
DeepLoad, a new malware loader, exploits the ClickFix tactic with AI-assisted obfuscation.
Huskeys Steps Out of Stealth With $8 Million in Funding and a New Edge Security Platform
Cybersecurity
Huskeys Steps Out of Stealth With $8 Million in Funding and a New Edge Security Platform
Mitchell Langley March 31, 2026
Huskeys announces its $8M funding and an AI-driven edge security management platform built to secure the full edge security stack.
Apple Blocks Dangerous Terminal Commands in macOS Tahoe 26.4
Application Security
Apple Blocks Dangerous Terminal Commands in macOS Tahoe 26.4
Gabby Lee March 31, 2026
Apple adds a security feature in macOS Tahoe 26.4 to block harmful Terminal commands, alerting users to potential risks before execution.
Zero-Click Flaw in Telegram Raises Security Alarms Despite Company Denial
Cybersecurity
Zero-Click Flaw in Telegram Raises Security Alarms Despite Company Denial
Andrew Doyle March 31, 2026
Discover the high-severity Telegram flaw enabling zero-click remote code execution.
Application Security
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
Mitchell Langley May 25, 2026
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Gabby Lee May 25, 2026
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Gabby Lee May 25, 2026
Cybersecurity
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Mitchell Langley May 25, 2026

TOP CYBERSECURITY HEADLINES

Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Application Security
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Cybersecurity
Netherlands Seizes 800 Stark Industries Servers, Arrests Two

This Week’s Security Spotlight

Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Mitchell Langley May 25, 2026
Application Security
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Gabby Lee May 25, 2026
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Gabby Lee May 22, 2026
Cybersecurity
NYC Health + Hospitals Breach Exposes 1.8M Patients’ Fingerprints
Gabby Lee May 21, 2026
More In News
Trending
INTERPOL Operation Ramz: 201 Arrests in 13-Nation MENA Sweep
Tycoon2FA Adds Device-Code Attack to Bypass Microsoft 365 MFA
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
MatrixPDF: The New Phishing Toolkit That Turns Safe PDFs into Cyber Weapons
October 1, 2025
Podcasts
Asahi Brewery Cyberattack Halts Domestic Operations Across Japan
September 30, 2025
Podcasts
Akira Ransomware Exploits SonicWall Flaw with Record-Breaking Speed
September 30, 2025

Cyber Security News

Cybersecurity
Sri Lanka Arrests 628 in Colombo Crypto Fraud Compound Bust
May 13, 2026
Application Security
SAP S/4HANA SQL Injection CVE-2026-34260 Rated CVSS 9.6
May 13, 2026
Cybersecurity
Nitrogen Ransomware Hits Foxconn Wisconsin, Claims 8TB Theft
May 13, 2026
Cybersecurity
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
May 13, 2026
Cybersecurity
ShinyHunters Sets HMH Extortion Deadline, Student Data at Risk
May 13, 2026
CVE Vulnerability Alerts
Public PoC Drops for CVSS 9.8 Android Zero-Click CVE-2026-0073
May 13, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
April 1, 2026
AFC Ajax confirms a significant data breach that exposed vulnerabilities in its internal systems, enabling unauthorized access.
TP-Link Routers Receive Patches for High-Severity Security Flaws
April 1, 2026
TP-Link patches high-severity router flaws that could enable authentication bypass, arbitrary command execution, and configuration file decryption.
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
April 1, 2026
Cloudflare-themed attack uses ClickFix tactics to deliver Python-based Infiniti stealer on macOS systems.
Infinity Stealer Malware Takes Aim at macOS Systems
March 31, 2026
New malware, Infinity Stealer, targeting macOS via Python payload compiled with Nuitka.
Iranian Hackers Breach FBI Director’s Personal Email Account
March 31, 2026
Iranian-backed hackers penetrated FBI director's email, leaked sensitive information online.
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
March 31, 2026
Russian-based TA446 group wields DarkSword to compromise iOS devices, escalating cybersecurity threats.
European Commission Responds to Cloud Infrastructure Cyberattack
March 31, 2026
The European Commission contained a cyberattack affecting its cloud infrastructure, ensuring no internal network disruption to Europa.eu websites.
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
March 31, 2026
Security flaw in Smart Slider 3 WordPress plugin risks unauthorized file access across more than 800,000 websites.
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
March 31, 2026
Apple is urging iOS and iPadOS users to update their devices immediately due to active web-based security threats.
CareCloud Responds to a Potential Data Security Breach
March 31, 2026
CareCloud investigates potential data breach in its electronic health record system, raising cybersecurity concerns.
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
March 31, 2026
Cybercrime group associated with Trivy attack uploads malicious Telnyx packages to PyPI aiming to deploy credential-stealing malware.
Hackers Exploit a Critical Citrix Vulnerability to Steal Sensitive Data
March 31, 2026
Critical Citrix vulnerability CVE-2026-3055 is targeted by attackers to steal data.
A Hidden Flaw in OpenAI ChatGPT Turns Conversations Into Data Leaks
March 31, 2026
New vulnerability in OpenAI ChatGPT allows secret data leaks.
Researchers Uncover a New Malware Loader Targeting Credentials Through ClickFix
March 31, 2026
DeepLoad, a new malware loader, exploits the ClickFix tactic with AI-assisted obfuscation.
Huskeys Steps Out of Stealth With $8 Million in Funding and a New Edge Security Platform
March 31, 2026
Huskeys announces its $8M funding and an AI-driven edge security management platform built to secure the full edge security stack.
Apple Blocks Dangerous Terminal Commands in macOS Tahoe 26.4
March 31, 2026
Apple adds a security feature in macOS Tahoe 26.4 to block harmful Terminal commands, alerting users to potential risks before execution.
Zero-Click Flaw in Telegram Raises Security Alarms Despite Company Denial
March 31, 2026
Discover the high-severity Telegram flaw enabling zero-click remote code execution.
Firefox 149 Launches with a Built-In VPN for Better Privacy
March 25, 2026
Mozilla introduces Firefox 149 with an integrated VPN offering 50GB monthly traffic to bolster online privacy.
FCC Adds Consumer Routers to Covered List Amid Security Concerns
March 25, 2026
The FCC bans the sale of foreign-made consumer routers in the United States, citing security concerns.
DOE Rolls Out Project Armor to Fortify Critical Energy Infrastructure
March 25, 2026
Department of Energy unveils a strategic plan to boost the resilience of US critical energy infrastructure over the next five years.
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Mysk: WhatsApp Stores Chats Unencrypted, Meta Apps Can Read Them
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
FBI Warns Kali365 PhaaS Platform Bypasses Microsoft 365 MFA
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
DPRK npm Packages Use Hugging Face to Exfiltrate Developer Credentials
Deleted Google API Keys Stay Active for Up to 23 Minutes
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Texas AG Sues Meta Over WhatsApp Encryption Claims
Banana RAT Hijacks Brazil Pix QR Codes via NF-e Lures
UNG0002 Hides Cobalt Strike in macOS Folder Structures
INJ3CTOR3 Deploys JOMANGY Webshell in FreePBX Campaign
Operation Dragon Whistle Uses VS Code Tunnels as C2