Main Menu
Cyber Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Mysk: WhatsApp Stores Chats Unencrypted, Meta Apps Can Read Them
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
FBI Warns Kali365 PhaaS Platform Bypasses Microsoft 365 MFA
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
DPRK npm Packages Use Hugging Face to Exfiltrate Developer Credentials
Deleted Google API Keys Stay Active for Up to 23 Minutes
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Texas AG Sues Meta Over WhatsApp Encryption Claims
Banana RAT Hijacks Brazil Pix QR Codes via NF-e Lures
UNG0002 Hides Cobalt Strike in macOS Folder Structures
INJ3CTOR3 Deploys JOMANGY Webshell in FreePBX Campaign
Operation Dragon Whistle Uses VS Code Tunnels as C2
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
NGINX 1.31.0 Zero-Day nginx-poolslip Bypasses ASLR
WantToCry Ransomware Hits SMB Ports, Evades EDR Tools
DOJ Secures Guilty Pleas From Tech-Support Fraud Executives
BadIIS Malware-as-a-Service Hijacks IIS Servers for SEO Fraud
GhostTree Exploit Hangs Windows Defender With NTFS Junctions
SilverFox APT Spreads ValleyRAT via Fake Microsoft Teams Sites
TamperedChef Hides Malware Inside Signed Apps
Chrome 148 Patches Critical WebRTC Use-After-Free
P2PInfect Botnet Infiltrates Kubernetes Clusters via Redis
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
News
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Andrew Doyle March 18, 2026
LeakNet ransomware integrates ClickFix for access, shifting from traditional entry strategies.
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Cybersecurity
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Mitchell Langley March 18, 2026
The RondoDox botnet targets 174 vulnerabilities, increasing activity to 15,000 exploitation attempts daily.
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Cybersecurity
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Gabby Lee March 18, 2026
Major tech and retail organizations have banded together to address online scams and fraud, establishing a first-of-its-kind industry accord designed ...
Tech Giants Invest $12.5 Million in Open Source Software Security
Cybersecurity
Tech Giants Invest $12.5 Million in Open Source Software Security
Andrew Doyle March 18, 2026
Major tech firms contribute $12.5 million to enhance open source software security.
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Application Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Andrew Doyle March 17, 2026
Attack leverages stolen GitHub tokens to introduce malware into numerous Python repositories.
Stryker's Internal Microsoft Environment Was Breached Last Week
Cybersecurity
Stryker’s Internal Microsoft Environment Was Breached Last Week
Gabby Lee March 17, 2026
Stryker's internal Microsoft environment breach led to the remote wiping of tens of thousands of employee devices last week.
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
News
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
Mitchell Langley March 17, 2026
Royal Bahrain Hospital reportedly targeted by Payload ransomware, with 110 GB of sensitive data allegedly stolen.
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
Cybersecurity
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
Andrew Doyle March 17, 2026
Russian-linked threat actors deploy DRILLAPP backdoor campaign in Ukraine.
Phishing Attack Hits Intuitive's Internal IT Business Systems
News
Phishing Attack Hits Intuitive’s Internal IT Business Systems
Mitchell Langley March 17, 2026
Intuitive's internal systems hit by phishing attack; patient operations remain unaffected.
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Application Security
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Andrew Doyle March 17, 2026
Explore how new malware strains are targeting users with advanced methods and reverse engineering insights.
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
Cybersecurity
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
Andrew Doyle March 17, 2026
Companies House fixes a security flaw in WebFiling, protecting UK companies' data.
How AI Is Making Financial Fraud 4.5 Times More Profitable
Cybersecurity
How AI Is Making Financial Fraud 4.5 Times More Profitable
Andrew Doyle March 17, 2026
Financial fraud schemes using AI boost profitability by 4.5 times, Interpol reports.
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Application Security
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Mitchell Langley March 17, 2026
Microsoft is addressing an Exchange Online outage impacting mailbox and calendar access.
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Cybersecurity
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Gabby Lee March 17, 2026
Cyberattack on Signal and WhatsApp targets high-profile German officials, including former BND VP, using impersonation tactics.
Targeted Phishing Attack Breaches Security Firm Executive
News
Targeted Phishing Attack Breaches Security Firm Executive
Andrew Doyle March 17, 2026
A phishing attack involved DKIM-signed emails, trusted infrastructures, and Cloudflare protection against a security firm executive.
Silence from the Corporate Giants Four Companies Yet to Comment on Oracle EBS Hack
Application Security
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
Mitchell Langley March 17, 2026
Four major corporations, Broadcom, Bechtel, Estée Lauder, and Abbott, remain silent amid Oracle EBS hack.
FBI Seeks Gamer Help in Steam Malware Investigation
Cybersecurity
FBI Seeks Gamer Help in Steam Malware Investigation
Gabby Lee March 17, 2026
The FBI seeks gamers affected by malware-infected Steam games to join an ongoing investigation.
Shadow AI Is Quietly Spreading Across SaaS Environments
Application Security
Shadow AI Is Quietly Spreading Across SaaS Environments
Andrew Doyle March 17, 2026
Explore the growing trend of Shadow AI in SaaS environments as employees adopt AI tools without IT oversight, and learn how security teams can respond...
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
Application Security
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
Gabby Lee March 13, 2026
Microsoft improves control over third-party bots in Teams meetings.
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Cybersecurity
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Andrew Doyle March 13, 2026
Telus Digital hit by data breach, with claims of nearly 1 petabyte stolen over months.
Application Security
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
Mitchell Langley May 25, 2026
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Gabby Lee May 25, 2026
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Gabby Lee May 25, 2026
Cybersecurity
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Mitchell Langley May 25, 2026

TOP CYBERSECURITY HEADLINES

Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Application Security
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Cybersecurity
Netherlands Seizes 800 Stark Industries Servers, Arrests Two

This Week’s Security Spotlight

Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Mitchell Langley May 25, 2026
Application Security
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Gabby Lee May 25, 2026
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Gabby Lee May 22, 2026
Cybersecurity
NYC Health + Hospitals Breach Exposes 1.8M Patients’ Fingerprints
Gabby Lee May 21, 2026
More In News
Trending
INTERPOL Operation Ramz: 201 Arrests in 13-Nation MENA Sweep
Tycoon2FA Adds Device-Code Attack to Bypass Microsoft 365 MFA
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Crypto Theft on macOS: XCSSET Malware Swaps Wallet Addresses in Real Time
September 29, 2025
Podcasts
Nine High-Severity Vulnerabilities Expose Cognex Legacy Cameras to Cyber Threats
September 29, 2025
Podcasts
Microsoft Cuts Services to Israeli Military Unit After Surveillance Revelations
September 29, 2025

Cyber Security News

Cybersecurity
Skoda Online Shop Breach Exposes Customer Data and Password Hashes
May 12, 2026
Cybersecurity
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
May 12, 2026
Application Security
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
May 12, 2026
Application Security
Checkmarx Jenkins Plugin Backdoored in TeamPCP Supply Chain
May 12, 2026
Cybersecurity
University Student’s TETRA Replay Attack Halts Taiwan Bullet Train
May 12, 2026
Application Security
Five Malicious NuGet Packages Target Chinese .NET Developers
May 12, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Tech Giants Invest $12.5 Million in Open Source Software Security
March 18, 2026
Major tech firms contribute $12.5 million to enhance open source software security.
Ongoing Python Package Attack Uses Stolen GitHub Tokens
March 17, 2026
Attack leverages stolen GitHub tokens to introduce malware into numerous Python repositories.
Stryker’s Internal Microsoft Environment Was Breached Last Week
March 17, 2026
Stryker's internal Microsoft environment breach led to the remote wiping of tens of thousands of employee devices last week.
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
March 17, 2026
Royal Bahrain Hospital reportedly targeted by Payload ransomware, with 110 GB of sensitive data allegedly stolen.
Phishing Attack Hits Intuitive’s Internal IT Business Systems
March 17, 2026
Intuitive's internal systems hit by phishing attack; patient operations remain unaffected.
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
March 17, 2026
Russian-linked threat actors deploy DRILLAPP backdoor campaign in Ukraine.
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
March 17, 2026
Explore how new malware strains are targeting users with advanced methods and reverse engineering insights.
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
March 17, 2026
Companies House fixes a security flaw in WebFiling, protecting UK companies' data.
How AI Is Making Financial Fraud 4.5 Times More Profitable
March 17, 2026
Financial fraud schemes using AI boost profitability by 4.5 times, Interpol reports.
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
March 17, 2026
Microsoft is addressing an Exchange Online outage impacting mailbox and calendar access.
Signal Cyberattack in Germany Targets Politicians Through Impersonation
March 17, 2026
Cyberattack on Signal and WhatsApp targets high-profile German officials, including former BND VP, using impersonation tactics.
Targeted Phishing Attack Breaches Security Firm Executive
March 17, 2026
A phishing attack involved DKIM-signed emails, trusted infrastructures, and Cloudflare protection against a security firm executive.
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
March 17, 2026
Four major corporations, Broadcom, Bechtel, Estée Lauder, and Abbott, remain silent amid Oracle EBS hack.
FBI Seeks Gamer Help in Steam Malware Investigation
March 17, 2026
The FBI seeks gamers affected by malware-infected Steam games to join an ongoing investigation.
Shadow AI Is Quietly Spreading Across SaaS Environments
March 17, 2026
Explore the growing trend of Shadow AI in SaaS environments as employees adopt AI tools without IT oversight, and learn how security teams can respond...
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
March 13, 2026
Microsoft improves control over third-party bots in Teams meetings.
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
March 13, 2026
Telus Digital hit by data breach, with claims of nearly 1 petabyte stolen over months.
VENON Banking Malware Targets Brazilian Users With Rust-Based Code
March 13, 2026
New banking malware VENON targets Brazilian users, developed in Rust, diverging from traditional Delphi-based threats.
Apple Releases iOS and iPadOS Updates to Patch Coruna Exploits
March 13, 2026
Apple issues iOS and iPadOS updates to address vulnerabilities, safeguarding against the Coruna exploit.
Veeam Software Fixes Critical RCE Vulnerabilities in Backup & Replication Solution
March 13, 2026
Veeam Software addresses critical security flaws in their Backup & Replication tool, preventing potential remote code execution risks.
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Mysk: WhatsApp Stores Chats Unencrypted, Meta Apps Can Read Them
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
FBI Warns Kali365 PhaaS Platform Bypasses Microsoft 365 MFA
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
DPRK npm Packages Use Hugging Face to Exfiltrate Developer Credentials
Deleted Google API Keys Stay Active for Up to 23 Minutes
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Texas AG Sues Meta Over WhatsApp Encryption Claims
Banana RAT Hijacks Brazil Pix QR Codes via NF-e Lures
UNG0002 Hides Cobalt Strike in macOS Folder Structures
INJ3CTOR3 Deploys JOMANGY Webshell in FreePBX Campaign
Operation Dragon Whistle Uses VS Code Tunnels as C2