Main Menu
Cyber Security
Webworm APT Uses Discord and OneDrive as C2 in Government Espionage
PinTheft PoC Goes Public, Narrowing Arch Linux Exploit Window
Anthropic Silently Fixed Claude Code Null-Byte Sandbox Escape
Huawei Zero-Day Caused Luxembourg’s 3-Hour National Telecom Blackout
CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
Single-Letter Go Typosquat Backdoors Financial and Crypto Developers
CVE-2026-46376: FreePBX Hard-Coded Credentials Open VoIP Portals
Pardus Linux CVSS 9.3 Flaw Exposes Turkish Government Systems to Root
CVE-2026-46333: Linux Kernel Flaw Grants Root via ssh-keysign
CISA Adds Two Exploited Microsoft Defender Zero-Days to KEV
Ukraine IDs 18-Year-Old Who Stole 28,000 Accounts, $721K
SonicWall Gen6 MFA Bypass CVE-2024-12802 Left Open by Incomplete Patch
TeamPCP Claims Breach of 4,000 GitHub Private Repositories
CVE-2026-45585: Windows Zero-Day Bypasses BitLocker
CVE-2026-45829: Max-Severity Flaw Lets Attackers Hijack ChromaDB
Microsoft Disrupts Fox Tempest Malware-Signing Service
B1ack’s Stash Releases 4.6M Stolen Credit Cards Free
Trapdoor Android Ad Fraud Scheme Generated 659M Fake Bids
Nx Console VS Code Extension Poisoned to Steal 1Password, AWS Keys
Storm-2949 Abuses Azure Password Reset to Seize Cloud Accounts
Drupal Issues Highly Critical Patch, Exploits Expected Within Hours
SEPPMail Gateway Hit with 7 CVEs, Including CVSS 10.0 RCE Flaw
Grafana Breach Traced to TanStack npm Supply Chain Attack
CISA Orders Patch for Sixth Cisco SD-WAN Zero-Day of 2026
Exchange Server XSS CVE-2026-42897 Exploited via Crafted Email
Ghostwriter APT Deploys Cobalt Strike in Geofenced Ukraine Campaign
OpenAI Confirms Breach via Mini Shai-Hulud npm Supply Chain Attack
KongTuke IAB Uses Microsoft Teams to Deploy ModeloRAT in 5 Minutes
node-ipc npm Package Hid Credential Stealer Across Three Versions
PraisonAI CVE-2026-44338 Exploited 3h44m After Public Disclosure

Sorry, we couldn't find any posts. Please try a different search.

Cybersecurity
NYC Health + Hospitals Breach Exposes 1.8M Patients’ Fingerprints
Gabby Lee May 21, 2026
Cybersecurity
NYC Health + Hospitals Breach Exposes 1.8M Patients’ Fingerprints
Gabby Lee May 21, 2026
Microsoft Disrupts Fox Tempest Malware-Signing Service
Cybersecurity
Microsoft Disrupts Fox Tempest Malware-Signing Service
Andrew Doyle May 20, 2026
Cybersecurity
KongTuke IAB Uses Microsoft Teams to Deploy ModeloRAT in 5 Minutes
Gabby Lee May 19, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Webworm APT Uses Discord and OneDrive as C2 in Government Espionage
Cybersecurity
PinTheft PoC Goes Public, Narrowing Arch Linux Exploit Window
Application Security
Anthropic Silently Fixed Claude Code Null-Byte Sandbox Escape
Cybersecurity
Huawei Zero-Day Caused Luxembourg’s 3-Hour National Telecom Blackout

This Week’s Security Spotlight

Cybersecurity
NYC Health + Hospitals Breach Exposes 1.8M Patients’ Fingerprints
Gabby Lee May 21, 2026
Application Security
Anthropic Silently Fixed Claude Code Null-Byte Sandbox Escape
Gabby Lee May 21, 2026
Application Security
CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
Andrew Doyle May 21, 2026
CVE Vulnerability Alerts
SonicWall Gen6 MFA Bypass CVE-2024-12802 Left Open by Incomplete Patch
Mitchell Langley May 21, 2026
More In News
Trending
Tycoon2FA Adds Device-Code Attack to Bypass Microsoft 365 MFA
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Sorry, we couldn't find any posts. Please try a different search.

Cyber Security News

Proton Launches Dark Web Data Breach Observatory to Expose Hidden Cyber Threats
Cybersecurity
Proton Launches Dark Web Data Breach Observatory to Expose Hidden Cyber Threats
October 30, 2025
PhantomRaven Campaign Exploits AI Package Suggestions to Get into Developer Systems
Cybersecurity
PhantomRaven Campaign Exploits AI Package Suggestions to Get into Developer Systems
October 30, 2025
Canada Confirms Hacktivist Breaches Targeting Water and Energy Infrastructure
Cybersecurity
Canada Confirms Hacktivist Breaches Targeting Water and Energy Infrastructure
October 30, 2025
Ribbon Communications Breach Linked to Foreign State Hackers, Exposing Telecom Supply Chains
Cybersecurity
Ribbon Communications Breach Linked to Foreign State Hackers, Exposing Telecom Supply Chains
October 30, 2025
WordPress Security Plugin Vulnerability Exposes Private Server Files to Site Subscribers
Application Security
WordPress Security Plugin Vulnerability Exposes Private Server Files to Site Subscribers
October 30, 2025
Phoenix Contact UPS Vulnerabilities Critical Flaws May Cause Denial-of-Service
Cybersecurity
Phoenix Contact UPS Vulnerabilities: Critical Flaws May Cause Denial-of-Service
October 30, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Enhance Your Email Security: 15 Best Email Security Practices for 2024
December 20, 2023
Securing emails is crucial for enterprises due to various compelling reasons, which is why they need robust email security. Given that emails serve as a ...
OilRig APT Uses Downloader Malware for Cyberespionage
December 15, 2023
Iranian state-sponsored threat actor OilRig, also known as APT34, continued its cyber espionage endeavors throughout 2022, deploying three distinctive downloader malware—ODAgent, OilCheck, and OilBooster. Slovak ...
Spear Phishing vs Phishing: How Do Spear Phishing Attacks Differ from Standard Phishing Attacks?
December 14, 2023
In today’s digital landscape, where communication is predominantly virtual, the threat of phishing attacks—especially spear phishing—has escalated. Phishing refers to the deceptive practice of sending ...
Spider-Man Developer Insomniac Games Hit by Rhysida Ransomware
December 13, 2023
Since its emergence in May 2023, Rhysida ransomware has gained notoriety as an emerging threat actor in the cybercrime landscape. The latest target of this ...
Toyota Cyberattack: Medusa Ransomware Strikes Toyota, Customer Data Compromised
December 12, 2023
Toyota Financial Services (TFS), a subsidiary of Toyota Motor Corporation, faces the aftermath of a cyberattack, courtesy of the Medusa ransomware group. The breach, detected ...
Canadian Government’s Data Security Compromised Affecting its Contractors
November 21, 2023
In a recent cybersecurity incident, the Canadian government has reported that two of its contractors, Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & ...
Microsoft Exchange Zero-Day Exploit: Experts Say Mitigation isn’t Enough
October 10, 2023
Microsoft has shared mitigations for two new Microsoft Exchange zero-day elevation of privelege vulnerability, tracked as CVE-2022-41040, and remote execution vulnerability (CVE-2022-41082). However, security researchers ...
Webworm APT Uses Discord and OneDrive as C2 in Government Espionage
PinTheft PoC Goes Public, Narrowing Arch Linux Exploit Window
Anthropic Silently Fixed Claude Code Null-Byte Sandbox Escape
Huawei Zero-Day Caused Luxembourg’s 3-Hour National Telecom Blackout
CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
Single-Letter Go Typosquat Backdoors Financial and Crypto Developers
CVE-2026-46376: FreePBX Hard-Coded Credentials Open VoIP Portals
Pardus Linux CVSS 9.3 Flaw Exposes Turkish Government Systems to Root
CVE-2026-46333: Linux Kernel Flaw Grants Root via ssh-keysign
CISA Adds Two Exploited Microsoft Defender Zero-Days to KEV
Ukraine IDs 18-Year-Old Who Stole 28,000 Accounts, $721K
SonicWall Gen6 MFA Bypass CVE-2024-12802 Left Open by Incomplete Patch
TeamPCP Claims Breach of 4,000 GitHub Private Repositories
CVE-2026-45585: Windows Zero-Day Bypasses BitLocker
CVE-2026-45829: Max-Severity Flaw Lets Attackers Hijack ChromaDB
Microsoft Disrupts Fox Tempest Malware-Signing Service
B1ack’s Stash Releases 4.6M Stolen Credit Cards Free
Trapdoor Android Ad Fraud Scheme Generated 659M Fake Bids
Nx Console VS Code Extension Poisoned to Steal 1Password, AWS Keys
Storm-2949 Abuses Azure Password Reset to Seize Cloud Accounts