Cyber Security
![Russian Hackers Target UKR[.]net in Credential-Stealing Campaign](https://dailysecurityreview.com/wp-content/uploads/2025/12/Russian-Hackers-Target-UKR.net-in-Credential-Stealing-Campaign.png)
Cybersecurity
Russian Hackers Target UKR[.]net in Credential-Stealing Campaign
APT28, a Russian state-sponsored threat actor, has launched a persistent credential-harvesting operation against users of UK's UKR[.]net service. The activity was tracked by Recorded Future's ...
Cybersecurity
ByBit Hack Amplifies North Korean Crypto Theft Surge
North Korean hackers have escalated their cryptocurrency thefts, accumulating over $2 billion in 2025 alone. Recent attacks target platforms like ByBit, showcasing sophisticated techniques and ...
Cybersecurity
Law Enforcement Shuts Down E-Note Exchange for Money Laundering
Law enforcement successfully seized E-Note cryptocurrency exchange servers and domains, suspected of laundering over $70 million for cybercriminals. Authorities believe E-Note was a key tool ...
Cybersecurity
LongNosedGoblin: A New Threat from China Targets Southeast Asia and Japan
ESET reports the emergence of LongNosedGoblin, an uncharted threat targeting governmental bodies in Southeast Asia and Japan since September 2023. The group's focus is cyber ...
Application Security
Sophisticated Cybercrime Campaign Targets VPN Vulnerabilities
Cybercriminals are exploiting vulnerabilities in VPN platforms such as Palo Alto Networks GlobalProtect and Cisco SSL VPN using automated campaigns. These attacks focus on credential-based ...
Application Security
Study Finds Built-in Browsers Across Gadgets Often Ship Years Out of Date
Devices like game consoles and cars often come with embedded browsers that do not receive frequent updates. This negligence can open doors to significant security ...
Data Security
Data Breach at University of Sydney Reveals Sensitive Information
Hackers infiltrated the University of Sydney's online repository, compromising the personal information of staff and students. The breach underscores prevalent cybersecurity challenges in educational institutions, ...
Application Security
Cryptocurrency Thieves Exploit AWS: Mining Operations in Just Ten Minutes
Cryptocurrency thieves are exploiting stolen Amazon Web Services (AWS) account credentials to mine coins, using victims' Elastic Container Service (ECS) and Elastic Compute Cloud (EC2) ...
Cybersecurity
Surge in Illicit Activities: Criminal Use of DIG AI on Tor Network Increases in Q4 2025
Resecurity reports reveal a Q4 2025 surge in the use of DIG AI among cybercriminals on the Tor network. This development poses significant challenges to ...
Application Security
GhostPairing Campaign Hijacks WhatsApp Accounts via Device-Linking Feature
Cybercriminals are exploiting WhatsApp's device-linking feature to hijack accounts, a campaign known as GhostPairing. This method involves abusing pairing codes to gain control over unsuspecting ...
Cybersecurity
FTC Demands Accountability in Illusory Systems Cybersecurity Breach Case
The FTC has proposed a settlement agreement requiring Illusory Systems to repay users for funds lost in a 2022 cyberattack. This regulatory action highlights increased ...
News
Clop Ransomware Gang Targets Gladinet CentreStack in Data Extortion Attack
The Clop ransomware group is targeting Gladinet CentreStack file servers, focusing on systems vulnerable due to internet exposure. This campaign jeopardizes data security, emphasizing the ...
Cybersecurity
French Prosecutors Investigate Cyberattack on GNV Ferry “Fantastic”
French prosecutors are probing a potential cyberattack on the GNV ferry Fantastic, which raises the alarm for remote hijacking threats. The ferry, which operates between ...
Cybersecurity
Cisco Identifies Exploited Zero-Day Vulnerability in Email Gateway Systems
Cisco issued a warning regarding an unpatched zero-day vulnerability, identified as CVE-2023-20198, in its AsyncOS system, impacting Secure Email Gateway (SEG) and Secure Email and ...
Network Security
Windows 11 Security Updates Interrupt Enterprise VPN Connectivity
Businesses using Windows Subsystem for Linux (WSL) on Windows 11 face VPN issues after Microsoft’s latest security updates. Learn about potential workarounds.
Cybersecurity
Echo Secures $35 Million Series A Funding to Advance Cybersecurity Tools
In a strategic move to enhance its cybersecurity platform, Echo has successfully raised $35 million in Series A funding. This milestone comes shortly after its ...
Cybersecurity
Verisoul Secures $8.8 Million to Enhance Fraud Prevention Technology
Verisoul has successfully raised $8.8 million in a bid to strengthen its fraud prevention technology. The funding will help enhance product development, boost go-to-market strategies, ...
News
Askul Ransomware Attack Leads to Compromise of 700,000 Records
The e-commerce and logistics firm Askul was targeted by RansomHouse in October, resulting in a data breach impacting 700,000 records, raising cybersecurity concerns.
Endpoint Security
Understanding Ransomware Attacks on Hypervisors: A Growing Threat
Ransomware groups target hypervisors to encrypt many virtual machines simultaneously, exploiting vulnerabilities in virtualized environments. Organizations must understand this evolving threat to protect their digital ...
News
Russian Hackers Shift Focus Toward Exploiting Misconfigurations
State-sponsored Russian threat actors are now targeting misconfigurations in critical infrastructure, moving away from zero-day vulnerabilities. This shift represents a significant change in their strategies ...
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
TOP CYBERSECURITY HEADLINES
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
This Week’s Security Spotlight
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
LongNosedGoblin: A New Threat from China Targets Southeast Asia and Japan
ESET reports the emergence of LongNosedGoblin, an uncharted threat targeting governmental bodies in Southeast Asia and Japan since September 2023. The group's focus is cyber ...
Sophisticated Cybercrime Campaign Targets VPN Vulnerabilities
Cybercriminals are exploiting vulnerabilities in VPN platforms such as Palo Alto Networks GlobalProtect and Cisco SSL VPN using automated campaigns. These attacks focus on credential-based ...
Study Finds Built-in Browsers Across Gadgets Often Ship Years Out of Date
Devices like game consoles and cars often come with embedded browsers that do not receive frequent updates. This negligence can open doors to significant security ...
Data Breach at University of Sydney Reveals Sensitive Information
Hackers infiltrated the University of Sydney's online repository, compromising the personal information of staff and students. The breach underscores prevalent cybersecurity challenges in educational institutions, ...
Cryptocurrency Thieves Exploit AWS: Mining Operations in Just Ten Minutes
Cryptocurrency thieves are exploiting stolen Amazon Web Services (AWS) account credentials to mine coins, using victims' Elastic Container Service (ECS) and Elastic Compute Cloud (EC2) ...
Surge in Illicit Activities: Criminal Use of DIG AI on Tor Network Increases in Q4 2025
Resecurity reports reveal a Q4 2025 surge in the use of DIG AI among cybercriminals on the Tor network. This development poses significant challenges to ...
GhostPairing Campaign Hijacks WhatsApp Accounts via Device-Linking Feature
Cybercriminals are exploiting WhatsApp's device-linking feature to hijack accounts, a campaign known as GhostPairing. This method involves abusing pairing codes to gain control over unsuspecting ...
FTC Demands Accountability in Illusory Systems Cybersecurity Breach Case
The FTC has proposed a settlement agreement requiring Illusory Systems to repay users for funds lost in a 2022 cyberattack. This regulatory action highlights increased ...
Clop Ransomware Gang Targets Gladinet CentreStack in Data Extortion Attack
The Clop ransomware group is targeting Gladinet CentreStack file servers, focusing on systems vulnerable due to internet exposure. This campaign jeopardizes data security, emphasizing the ...
French Prosecutors Investigate Cyberattack on GNV Ferry “Fantastic”
French prosecutors are probing a potential cyberattack on the GNV ferry Fantastic, which raises the alarm for remote hijacking threats. The ferry, which operates between ...
Cisco Identifies Exploited Zero-Day Vulnerability in Email Gateway Systems
Cisco issued a warning regarding an unpatched zero-day vulnerability, identified as CVE-2023-20198, in its AsyncOS system, impacting Secure Email Gateway (SEG) and Secure Email and ...
Windows 11 Security Updates Interrupt Enterprise VPN Connectivity
Businesses using Windows Subsystem for Linux (WSL) on Windows 11 face VPN issues after Microsoft’s latest security updates. Learn about potential workarounds.
Echo Secures $35 Million Series A Funding to Advance Cybersecurity Tools
In a strategic move to enhance its cybersecurity platform, Echo has successfully raised $35 million in Series A funding. This milestone comes shortly after its ...
Verisoul Secures $8.8 Million to Enhance Fraud Prevention Technology
Verisoul has successfully raised $8.8 million in a bid to strengthen its fraud prevention technology. The funding will help enhance product development, boost go-to-market strategies, ...
Askul Ransomware Attack Leads to Compromise of 700,000 Records
The e-commerce and logistics firm Askul was targeted by RansomHouse in October, resulting in a data breach impacting 700,000 records, raising cybersecurity concerns.
Understanding Ransomware Attacks on Hypervisors: A Growing Threat
Ransomware groups target hypervisors to encrypt many virtual machines simultaneously, exploiting vulnerabilities in virtualized environments. Organizations must understand this evolving threat to protect their digital ...
Russian Hackers Shift Focus Toward Exploiting Misconfigurations
State-sponsored Russian threat actors are now targeting misconfigurations in critical infrastructure, moving away from zero-day vulnerabilities. This shift represents a significant change in their strategies ...
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
Closed CISO (Chief Information Security Officer) communities serve as pivotal platforms for secure information exchange, guidance, and support, providing a pressure-free environment away from critical ...
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
PDVSA, Venezuela's state-owned oil giant, faced a severe cyberattack disrupting export operations over the weekend. The attack highlights vulnerabilities in the company's cybersecurity infrastructure, casting ...
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo
Researchers revealed a NuGet package, "Tracer.Fody.NLog," disguising as a popular .NET library, which concealed a cryptocurrency wallet stealer. Initially published in 2020, it remained undetected ...