Cyber Security
Cybersecurity
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
Multiple state-sponsored groups are using Google's Gemini AI assistant. They use it primarily for productivity improvements. However, they also use it for reconnaissance and attack ...
News
US Healthcare Provider Data Breach at Connecticut Impacts 1 Million Patients
A massive healthcare provider data breach at Connecticut's Community Health Center exposed the personal and health data of over 1 million patients, including Social Security ...
News
Prevent Data Breaches with Amazon Redshift Enhanced Security
Amazon Redshift enhances security defaults to prevent data breaches and ransomware by restricting public access, enabling encryption, and enforcing SSL connections, mitigating risks like the ...
News
GrubHub Data Breach Exposes Customer, Driver, and Merchant Data
The GrubHub data breach has compromised the personal information of an unspecified number of customers, merchants, and drivers. The attack ...
News
Mississippi Electric Utility Data Breach Affects 20,000 Residents
The Mississippi electric utility, Yazoo Valley Electric Power Association, suffered a data breach affecting 20,000 residents. The breach exposed personal information, prompting identity theft protection ...
News
New York Blood Center Ransomware Attack: Critical Blood Supplies at Risk
The New York Blood Center Enterprises (NYBCe) suffered a ransomware attack on January 26th, disrupting operations and impacting blood supplies amid a pre-existing blood shortage.
News
BRS Cyber Attack: Data Breach at Business Registration Exposes Sensitive Business Information
Cyberattack on Kenya's Business Registration Services (BRS) has exposed sensitive company data, sold on the dark web. Authorities investigate, ruling out ransomware.
News
DeepSeek AI Data Breach Causes National Security Risks and Data Privacy Concerns
The DeepSeek AI data breach exposed sensitive user data, raising national security concerns and prompting warnings from U.S. officials about privacy violations and corporate espionage.
News
Phemex Crypto Firm Breached With $85 Million in Cryptocurrency Stolen
Phemex suffered a major security breach, resulting in the theft of over $85 million in cryptocurrency. The attack targeted hot wallets, prompting immediate suspension of ...
News
ENGlobal Cybersecurity Breach and CenterPoint Energy Data Leak Probes Investigation
Williams stated,
News
RCSD Warns Community of Data Breach: 134,000 Records Potentially Accessed
The Rochester City School District (RCSD) warns its community of a significant data breach. The breach exposed sensitive personal information, prompting immediate action and investigation. ...
News
UK’s Morrisons Breached: Cyber Attack at Technology Provider Dents Christmas Sales
A November cyber attack at Morrisons' technology provider, Blue Yonder, disrupted operations, impacting Christmas sales and resulting in lower-than-expected first-quarter growth.
News
All American Poly Data Breached, 2024 Cyberattack Exposes Sensitive Consumer Data
All American Poly Corporation (American Poly) confirmed a data breach stemming from a 2024 cyberattack, exposing customer names and Social Security numbers. A data breach ...
News
Microsoft Teams Exploited in Sophisticated Ransomware Attacks
Cybercriminals are exploiting Microsoft Teams for ransomware attacks, using spam emails, Teams messages, and calls to infiltrate companies, steal data, and deploy malware. Sophos identified ...
Cybersecurity
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
New Apple CPU side-channel attacks, dubbed SLAP and FLOP, exploit flaws in speculative execution to steal data from web browsers. Researchers demonstrated the attacks' ability ...
News
Clone2Leak Attacks Exploit Git Flaws to Steal Credentials
Clone2Leak attacks exploit Git vulnerabilities, allowing attackers to steal credentials from GitHub Desktop, Git LFS, and other tools via carriage return smuggling, newline injection, and ...
News
Microsoft and OpenAI Investigate Data Breach
Microsoft and OpenAI are investigating a data breach linked to DeepSeek, a Chinese AI startup, raising concerns about data security and intellectual property in the ...
News
DeepSeek AI Hit by Cyberattack: American AI Firms Trying to Poke Holes into DeepSeek
DeepSeek AI, a Chinese startup, faces a cyberattack after its AI assistant app skyrockets to the top of the US App Store, raising questions about ...
News
Subaru Security Flaw Allows Remote Vehicle Tracking and Hijacking
A Subaru vulnerability in the Starlink system allowed remote access, enabling tracking, unlocking, and starting vehicles. Ethical hacker Sam Curry discovered the flaw, highlighting significant ...
News
Smiths Group Hit by Cyber Attack: Shares Drop for the FTSE 100 Firm
Smiths Group, a FTSE 100 firm, suffered a cyber attack resulting in unauthorized system access. The company isolated affected systems and is working with cybersecurity ...
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
Scott County Breach: Email Account Compromises Patient Data
The Scott County breach involved unauthorized access to email accounts, compromising protected health information for thousands of individuals across Iowa.
Silk Typhoon Strikes: From Direct Breaches to Stealthy Supply Chain Attacks
In this episode, we take an in-depth look at Silk Typhoon, the Chinese state-sponsored cyber espionage group that’s radically shifting its tactics. Moving away from ...
12,000 API Keys and Passwords Found in AI Training Datasets
Nearly 12,000 API keys and passwords were discovered in the Common Crawl dataset used for training AI models, highlighting significant security risks for enterprises. Many ...
Open-Source Tool Rayhunter Helps Users Detect Stingray Attacks
The EFF has introduced Rayhunter, an open-source tool for detecting Stingray attacks, helping users safeguard their sensitive data from unauthorized access.
Fake BianLian Ransom Notes Mailed to US CEOs in Postal Mail Scam
Scammers are impersonating the BianLian group, mailing fake ransom notes to US CEOs, threatening data leaks unless Bitcoin payments are made.
BadBox Malware Disrupted on 500K Infected Android Devices
The BadBox malware disruption has impacted over 500,000 devices, revealing the urgency of addressing cybersecurity threats in low-cost Android devices.
Silk Typhoon Hackers Now Target IT Supply Chains to Breach Networks
The Silk Typhoon hackers have shifted tactics, now focusing on IT supply chains to infiltrate networks and exploit sensitive data across multiple industries.
YouTube Warns of AI-Generated Phishing Attacks Targeting Creators
AI-generated video of YouTube's CEO is being used in phishing attacks to steal creators' credentials. YouTube warns users to avoid suspicious private videos and links.
US Charges Chinese Hackers Targeting Critical Infrastructure Breaches
US charges Chinese state security officers and hackers from APT27 and i-Soon for global cyberattacks targeting critical infrastructure and government agencies since 2011.
Hunters International Claims Ransomware Attack on Tata Technologies: 1.4TB Data Breached
Hunters International ransomware claims responsibility for a major attack on Tata Technologies, stealing 1.4 TB of data and threatening to release it.
Black Basta and Cactus Ransomware: Shared Tactics and BackConnect Malware Connection
Black Basta and Cactus ransomware groups share similar tactics and use BackConnect malware, highlighting the need for robust cybersecurity measures in enterprise businesses.
Cisco Warns of BroadWorks Flaw Exposing Credentials
Cisco warns of a BroadWorks flaw that could allow unauthenticated attackers to access sensitive credentials. Users are advised to implement security measures.
Broadcom Fixes Three VMware Zero-Days Exploited in Attacks
Broadcom fixes three critical VMware zero-days exploited in attacks, enabling attackers to escape virtual machine sandboxes. Immediate patching is advised.
Major Data Breach at Lost & Found Tracking Site Exposes Over 800,000 Records
A massive data breach at Lost & Found, a German travel tracking firm, exposed over 800,000 records, including passport scans and driver's licenses, raising serious ...
Polish Space Agency Suffers Cyberattack, Takes Systems Offline
The Polish Space Agency (POLSA) disconnected its systems after a weekend cyberattack. The agency is working with national CSIRT teams to restore services and investigate ...
New Polyglot Malware Targets Aviation and Satellite Communication Firms
A new polyglot malware, Sosano, targets aviation and satellite communication firms in the UAE, enabling remote command execution and persistent access on infected devices.
Eleven11bot: New Botnet Infects 86,000 Devices for DDoS Attacks
The Eleven11bot botnet has infected over 86,000 IoT devices, primarily focusing on security cameras and NVRs to launch DDoS attacks globally.
Tracking Stingrays: How Rayhunter Shields Your Mobile Privacy
In this episode, we dive into Rayhunter—an open source tool from the EFF designed to detect Stingray devices (cell-site simulators) that compromise your mobile privacy. ...
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
The digital landscape is a battlefield, with cyberattacks growing in both frequency and sophistication. Businesses of all sizes, from small enterprises to large corporations, are ...