Main Menu
Cyber Security
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems
Dentsu Confirms Data Breach Exposing Employee Payroll and Personal Information
Palo Alto Networks Unveils AI Security Suite: Cortex Cloud 2.0 & Prisma AIRS 2.0 Launched
Italian Spyware Vendor Linked to Chrome Zero-Day Attacks
QNAP Warns Windows Backup Software Impacted by ASP.NET Flaw
NCX Exchange Data Leak Exposes User Wallets, Passwords, and Authentication Keys
Dublin Airport Attack Claimed by Russian Ransomware Group Everest
HSBC USA Data Breach Exposes Sensitive Customer Financial Information
Pwn2Own Ireland 2025: $1M Reward for 73 Zero-Day Exploits Uncovered
OpenAI Atlas Omnibox Vulnerability: Prompt Injection Flaw Exposes Unauthorized Access Risks
Keycard Emerges from Stealth: $38M Funding Fuels IAM Innovation for AI Agents
Massive Gmail Data Breach Exposes 183 Million User Credentials
RedTiger Toolkit Weaponized to Steal Discord Tokens and Crypto Wallets
SS7 Alarm: TCAP Tag Exploit Lets Attackers Intercept SMS and Track Users
NPC Probes GCash Data Breach As E-Wallet Denies Leakage
WhatsApp Hack Uncovers 2 Low-Risk Vulnerabilities, No Arbitrary Code Execution
TP-Link Patches Critical Omada Gateway Vulnerabilities Preventing Remote Attacks
CoPhish Exploit via Microsoft Copilot: OAuth Token Theft Exposes Trusted Domains
GutenKit, Hunk Companion, WP Ghost Exploits Drive New WordPress RCE Surge
Exploitable Bug in Rust async-tar Library — TARmageddon Gives Attackers RCE
Critical WSUS Flaw (CVE-2025-61884) Drives Elevated RCE Attacks on Windows Server
Hackers Exploit “SessionReaper” Flaw in Adobe Magento to Hijack E-Commerce Stores
Blue Cross Blue Shield of Montana Breach Exposes Data of 462,000 Members
Post-Patch ‘ToolShell’ Exploit: CVE-2025-53770 Abused in Microsoft SharePoint
CISA Warns of Lanscope Endpoint Manager Vulnerability Exploited in Attacks
Moroccan Cybercriminals Employ Advanced Deception to Steal Gift Cards
Iran-Linked APT Deploys Phoenix Backdoor Against 100+ Government Organisations
Spoofed AI Sidebars Pose New Cyber Risks for Atlas and Comet Browser Users
LG Uplus Confirms Major Server Breach Following Industrywide Cyberattacks
Toys “R” Us Canada Data Breach: Customer Records Exposed to Cyber Threats
IoT Security in Crisis BadBox Botnet, AI Exploits, and CNI Risks
Cybersecurity
IoT Security in Crisis: BadBox Botnet, AI Exploits, and CNI Risks
Andrew Doyle August 15, 2025
In 2025, IoT security threats are accelerating, from massive botnets like BadBox 2.0 to targeted attacks on critical infrastructure. Legacy systems, insecure devices, and AI ...
Credential Theft Up 160 in 2025 1.8 Billion Logins Stolen in First Half of Year
Cybersecurity
Credential Theft Up 160% in 2025: 1.8 Billion Logins Stolen in First Half of Year
Gabby Lee August 14, 2025
Credential theft has surged 160% in 2025, with 1.8 billion logins stolen from 5.8 million infected hosts. AI-driven malware, phishing, and unpatched vulnerabilities are fueling ...
DARPA's AI Cyber Challenge Advancements in Autonomous Bug Patching
Blog
DARPA’s AI Cyber Challenge: Advancements in Autonomous Bug Patching
Mitchell Langley August 13, 2025
DARPA’s AI Cyber Challenge showcased autonomous tools that detected 77% of vulnerabilities and patched 61% within minutes, signaling a breakthrough in AI-driven cybersecurity for protecting ...
Connex Data Breach Affects 172,000 Customers
News
Connex Data Breach Affects 172,000 Customers
Andrew Doyle August 13, 2025
Connex Credit Union says a June network intrusion exposed personal and financial data for 172,000 customers; notification began August 7, 2025, with CyberScout monitoring offered.
Hackers Leak Allianz Life Data Stolen in Salesforce Attacks
News
Hackers Leak Allianz Life Data Stolen in Salesforce Attacks
Mitchell Langley August 13, 2025
ShinyHunters leaked 2.8 million Allianz Life records from Salesforce after the insurer disclosed a July 16 CRM breach affecting the majority of 1.4 million customers. ...
Financial Impact From Severe OT Events Could Top $300B
News
Financial Impact From Severe OT Events Could Top $300B
Mitchell Langley August 13, 2025
A Dragos and Marsh McLennan report warns severe OT disruptions could cost nearly $330 billion annually in a 1-in-250-year event, driven by business interruption.
Cybersecurity Trends 2025 AI, Digital Identity, and the Shift to Intelligent SecOps
Blog
Cybersecurity Trends 2025: AI, Digital Identity, and the Shift to Intelligent SecOps
Andrew Doyle August 13, 2025
In 2025, AI is both a weapon and a shield in cybersecurity, driving trends from intelligent SecOps to digital identity protection, zero-trust adoption, and predictive ...
Russia Said to Be Behind US Federal Court Systems Hack
News
Russia Said to Be Behind US Federal Court Systems Hack
Andrew Doyle August 13, 2025
Investigators say Russia is partly behind the US federal court hack, exposing sealed and sensitive records, as courts move files offline and tighten access controls. ...
New Zealand Government, Health, and Banking Credentials Found on Dark Web
Cybersecurity
Over 200,000 New Zealand Government, Health, and Banking Credentials Found on Dark Web
Mitchell Langley August 13, 2025
A dark web leak has exposed over 200,000 credentials linked to New Zealand’s government, healthcare, and banking sectors, highlighting systemic cybersecurity weaknesses and raising urgent ...
UK Proposes New Cybersecurity Law with Stricter Reporting and Governance Rules
Cybersecurity
UK Proposes New Cybersecurity Law with Stricter Reporting and Governance Rules
Andrew Doyle August 13, 2025
The UK’s proposed Cyber Security and Resilience Bill expands oversight to critical suppliers, MSPs, and digital services, introducing stricter governance, 24/72-hour incident reporting, and enhanced ...
North St. Paul Police Department Hit by Phishing Attack City Launches Forensic Investigation (1)
Cybersecurity
North St. Paul Municipal Data Breach Targets Police Department
Gabby Lee August 13, 2025
A phishing email targeting a police department account triggered a cyber breach in North St. Paul. While contained quickly, the incident prompted a forensic investigation, ...
Qualys Unveils Agentic AI for Autonomous Cyber Risk Management
Cybersecurity
Qualys Unveils Agentic AI for Autonomous Cyber Risk Management
Andrew Doyle August 13, 2025
Qualys has unveiled Agentic AI, an autonomous security framework within its Enterprise TruRisk platform. Designed to automate risk analysis, threat prioritization, and remediation, it promises ...
Windows 11 August 2025 Security Update Introduces AI Features
Cybersecurity
Windows 11 August 2025 Security Update Introduces AI Features
Mitchell Langley August 13, 2025
The Windows 11 August 2025 update blends security patches with bold AI features, from Recall’s controversial memory function to upcoming “agentic companions,” signaling Microsoft’s long-term ...
Deepfake Vishing Incidents Surge by 170 in Q2 2025
News
Deepfake Vishing Incidents Surge by 170% in Q2 2025
Mitchell Langley August 13, 2025
Deepfake-enabled vishing attacks are skyrocketing, with criminals using AI-cloned voices to impersonate executives, officials, and loved ones. These scams bypass defenses, exploit trust, and are ...
August Infosec Releases Elastic EASE & Black Kite ASI Streamline Threat Response
News
August Infosec Spotlight: Elastic EASE & Black Kite ASI Advance AI Threat Detection
Gabby Lee August 13, 2025
Two new AI-driven tools—Elastic’s AI SOC Engine and Black Kite’s Adversary Susceptibility Index—are setting a new standard in cybersecurity by automating detection, enhancing context, and ...
Cybersecurity Complexity Due to Tool Sprawl and Multi-Vendor Ecosystems
Blog
Cybersecurity Complexity Due to Tool Sprawl and Multi-Vendor Ecosystems
Andrew Doyle August 13, 2025
Cybersecurity teams are drowning in complexity, not threats. Multi-vendor tool sprawl inflates costs, weakens visibility, and burns out staff—proving that smarter integration, not more tools, ...
Bitdefender Launches Cybersecurity Advisory Services to Address Security Gaps
Cybersecurity
Bitdefender Launches Cybersecurity Advisory Services to Address Security Gaps
Andrew Doyle August 12, 2025
Bitdefender has launched its Cybersecurity Advisory Services to help enterprises close skills gaps, strengthen compliance, and boost resilience. The program offers tailored strategy, risk management, ...
Palo Alto Networks Acquires CyberArk in 25 Billion Deal
Cybersecurity
Palo Alto Networks Acquires CyberArk in $25 Billion Deal
Gabby Lee August 12, 2025
Palo Alto Networks is acquiring CyberArk for $25B, marking one of cybersecurity’s largest deals. The move signals a strategic pivot to identity security, addressing human ...
UK Now Third Most Targeted Nation for Malware Attacks in 2025
Cybersecurity
UK Now Third Most Targeted Nation for Malware Attacks in 2025
Gabby Lee August 12, 2025
The UK is now the third most targeted country for malware, recording over 100 million attacks in three months. Rising ransomware, phishing, and identity fraud ...
US Becomes Ransomware Capital with 146 Increase in Attacks
Cybersecurity
US Becomes Ransomware Capital with 146% Increase in Attacks
Mitchell Langley August 12, 2025
The U.S. now accounts for 50% of global ransomware incidents, with attacks surging 146% year-over-year. Critical sectors like manufacturing, healthcare, and energy face escalating threats ...
Atroposia Malware Now Comes With Built-In Local Vulnerability Scanner
Cybersecurity
Atroposia Malware Now Comes With Built-In Local Vulnerability Scanner
Mitchell Langley October 29, 2025
Toys “R” Us Canada Data Breach Customer Records Exposed to Cyber Threats
Data Security
Toys “R” Us Canada Data Breach: Customer Records Exposed to Cyber Threats
Gabby Lee October 27, 2025
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems
Cybersecurity
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems
Andrew Doyle October 29, 2025
Maryland Paratransit Ransomware Disrupts Mobility New Ride Requests Halted
News
Maryland Paratransit Ransomware Disrupts Mobility: New Ride Requests Halted
Andrew Doyle October 27, 2025

TOP CYBERSECURITY HEADLINES

Microsoft Faces Lawsuit Over Misleading Customers Into Copilot-Enhanced Microsoft 365 Subscriptions
Application Security
Microsoft Faces Lawsuit Over Misleading Customers Into Copilot-Enhanced Microsoft 365 Subscriptions
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems
Cybersecurity
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems
Dentsu Confirms Data Breach Exposing Employee Payroll and Personal Information
Cybersecurity
Dentsu Confirms Data Breach Exposing Employee Payroll and Personal Information
Palo Alto Networks Unveils AI Security Suite Cortex Cloud 2.0 & Prisma AIRS 2.0 Launched
Cybersecurity
Palo Alto Networks Unveils AI Security Suite: Cortex Cloud 2.0 & Prisma AIRS 2.0 Launched

This Week’s Security Spotlight

OpenAI Atlas Omnibox Vulnerability Prompt Injection Flaw Exposes Unauthorized Access Risks
Application Security
OpenAI Atlas Omnibox Vulnerability: Prompt Injection Flaw Exposes Unauthorized Access Risks
Gabby Lee October 27, 2025
CoPhish Exploit via Microsoft Copilot OAuth Token Theft Exposes Trusted Domains
Application Security
CoPhish Exploit via Microsoft Copilot: OAuth Token Theft Exposes Trusted Domains
Mitchell Langley October 27, 2025
Spoofed AI Sidebars Pose New Cyber Risks for Atlas and Comet Browser Users
Application Security
Spoofed AI Sidebars Pose New Cyber Risks for Atlas and Comet Browser Users
Gabby Lee October 27, 2025
CISA Confirms Hackers Exploited Oracle E-Business Suite SSRF Vulnerability
Application Security
CISA Confirms Hackers Exploited Oracle E-Business Suite SSRF Vulnerability
Andrew Doyle October 22, 2025
More In News
Trending
Co-Op Reports $107 Million Loss After Scattered Spider Cyberattack
Embassy Breach Alert: Iranian Hackers Exploit 100+ Email Accounts via Phishing
UpCrypter Phishing Campaign Exploits Fake Emails to Deliver RAT Payloads
Deepfake Vishing Incidents Surge by 170% in Q2 2025

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Ghana, Senegal, Ivory Coast at the Center of Interpol’s Multi-Nation Cybercrime Takedown
September 29, 2025
Podcasts
Harrods Data Breach Exposes Customer Details in Third-Party Hack
September 29, 2025
Podcasts
Steam Game BlockBlasters Turns Malicious, Drains $150K in Crypto
September 23, 2025

Cyber Security News

Avnet Confirms EMEA Data Breach, Says Stolen Information Is Mostly Unreadable Without Internal Tools
Cybersecurity
Avnet Confirms EMEA Data Breach, Says Stolen Information Is Mostly Unreadable Without Internal Tools
October 8, 2025
Doctors Imaging Group Data Breach Exposes 171,000 Patients’ Medical and Financial Records
Cybersecurity
Doctors Imaging Group Data Breach Exposes 171,000 Patients’ Medical and Financial Records
October 8, 2025
DraftKings Says Credential Reuse Behind Targeted Account Intrusions, Not Internal Breach
Cybersecurity
DraftKings Says Credential Reuse Behind Targeted Account Intrusions, Not Internal Breach
October 8, 2025
BK Technologies Cyberattack Contained as Employee Data Accessed by Threat Actors
Cybersecurity
BK Technologies Cyberattack Contained as Employee Data Accessed by Threat Actors
October 8, 2025
Red Hat Data Breach Escalates as ShinyHunters Joins Extortion
Cybersecurity
Red Hat Data Breach Escalates as ShinyHunters Joins Extortion
October 7, 2025
RediShell Zero-Day in Redis Permits Remote Code Execution on Exposed Instances
Cybersecurity
RediShell Zero-Day in Redis Permits Remote Code Execution on Exposed Instances
October 7, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Senator Wyden Demands Independent Cybersecurity Review of Federal Courts
September 2, 2025
A wave of breaches exposing sealed court records and confidential informant data has drawn sharp criticism of the judiciary’s outdated IT. Senator Ron Wyden is ...
FEMA Fires 24 Staff After DHS Cybersecurity Audit Uncovers Major Failures
September 2, 2025
A DHS audit prompted FEMA to fire 24 staff, including top IT leaders, over cybersecurity failures such as weak authentication and outdated protocols, highlighting federal ...
Maryland’s Paratransit Ransomware Strike: Cyberattack Disrupts Disabled Transit Services
September 2, 2025
A ransomware attack on Maryland’s Mobility paratransit system has disrupted critical transportation for disabled residents, blocking new reservations and rebookings. While core transit services remain ...
Critical SharePoint Zero-Day Exploited: Immediate Steps Against CVE-2025-53770 Vulnerability
September 2, 2025
A critical zero-day in Microsoft SharePoint, tracked as CVE-2025-53770, is being widely exploited in espionage and ransomware campaigns. Dubbed “ToolShell,” the flaw enables unauthenticated remote ...
Chained Zero-Days: WhatsApp and Apple Exploits Used in Sophisticated Spyware Attacks
September 2, 2025
A pair of newly discovered zero-day vulnerabilities—CVE-2025-43300 in Apple’s ImageIO framework and CVE-2025-55177 in WhatsApp—have been confirmed as part of a sophisticated spyware campaign targeting ...
Miljödata Cyberattack: 80% of Swedish Municipalities Hit in Extortion Strike
August 28, 2025
Sweden is reeling from one of the largest public sector cyber incidents in its history. A ransomware attack on Miljödata, an IT services provider supporting ...
PromptLock Ransomware: How AI is Lowering the Bar for Cybercrime
August 28, 2025
The cybersecurity world has entered a new era: AI-powered ransomware. Researchers recently uncovered PromptLock, a proof-of-concept malware that uses OpenAI’s gpt-oss:20b model and Lua scripting ...
Hybrid AD at Risk: Storm-0501 Exploits Entra ID for Cloud-Native Ransomware
August 28, 2025
The 2025 Purple Knight Report paints a stark picture of enterprise identity security: the average security assessment score for hybrid Active Directory (AD) and Entra ...
AI-Powered Polymorphic Phishing: The New Era of Social Engineering
August 28, 2025
Cybercrime is entering a new phase—one marked by AI-powered phishing attacks, the weaponization of legitimate remote access tools, and the rise of professionalized underground markets. ...
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
August 28, 2025
Microsoft warns Storm-0501 now focuses on cloud-native extortion: exfiltrating data, destroying backups, and encrypting cloud storage rather than encrypting on-premises endpoints.
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
August 28, 2025
CPAP’s systems were breached in December 2024, exposing names, SSNs, and protected health information for over 90,000 individuals including military beneficiaries.
Healthcare Services Group Data Breach Impacts 624,000 Individuals After 2024 Network Intrusion
August 28, 2025
Healthcare Services Group reports a late-2024 intrusion that exposed personal data for 624,000 people; company offers identity protection and continues forensic investigations.
PromptLock Ransomware Uses AI to Encrypt and Steal Data
August 28, 2025
Researchers uncovered PromptLock, the first AI-powered ransomware generating malicious Lua scripts via LLM prompts. Though only a proof-of-concept, it highlights risks of weaponized AI in ...
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
August 28, 2025
Microsoft warns Storm-0501 now focuses on cloud-native extortion: exfiltrating data, destroying backups, and encrypting cloud storage rather than encrypting on-premises endpoints.
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
August 28, 2025
A cyberattack on Miljödata disrupted services across 200+ Swedish municipalities and may have exposed sensitive personal data; a ransom demand of 1.5 BTC was reported.
Salesforce Breach: How OAuth Token Theft Exposed Hundreds of Organizations
August 28, 2025
The recent Salesforce data breach underscores a growing reality in cybersecurity: even when core SaaS platforms are secure, their third-party integrations often aren’t. Between August ...
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
August 28, 2025
Researchers show image-scaling prompt injection can hide executable instructions that surface only after downscaling, enabling LLM-driven data exfiltration across multiple AI platforms.
Auchan Notifies Customers After Loyalty Account Data Exposure in Cyberattack
August 28, 2025
Auchan disclosed a cyberattack exposing contact and loyalty data for several hundred thousand customers; bank details and passwords were not impacted, CNIL was notified.
Critical Docker Desktop SSRF Vulnerability Compromises Hosts Using Containers
August 28, 2025
A critical SSRF in Docker Desktop (CVE-2025-9074) let containers reach the Docker Engine API and bind host storage; Docker issued Docker Desktop 4.44.3 to fix ...
CISA Warns of Actively Exploited Git Arbitrary Code Execution Vulnerability
August 28, 2025
CISA warns of actively exploited Git vulnerability CVE-2025-48384 that enables arbitrary code execution via crafted submodules; federal patch deadline set for September 15.
Microsoft Faces Lawsuit Over Misleading Customers Into Copilot-Enhanced Microsoft 365 Subscriptions
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems
Dentsu Confirms Data Breach Exposing Employee Payroll and Personal Information
Palo Alto Networks Unveils AI Security Suite: Cortex Cloud 2.0 & Prisma AIRS 2.0 Launched
Operation ForumTroll: Chrome Zero-Day Tied to Italian Spyware Developer Memento Labs
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
Chainguard’s $3.5 Billion Valuation Signals Massive Investor Confidence in Secure-by-Default Software
Italian Spyware Vendor Linked to Chrome Zero-Day Attacks
QNAP Warns Windows Backup Software Impacted by ASP.NET Flaw
NCX Exchange Data Leak Exposes User Wallets, Passwords, and Authentication Keys
Dublin Airport Attack Claimed by Russian Ransomware Group Everest
HSBC USA Data Breach Exposes Sensitive Customer Financial Information
Pwn2Own Ireland 2025: $1M Reward for 73 Zero-Day Exploits Uncovered
OpenAI Atlas Omnibox Vulnerability: Prompt Injection Flaw Exposes Unauthorized Access Risks
Keycard Emerges from Stealth: $38M Funding Fuels IAM Innovation for AI Agents
SailPoint Identity Risk Review: Intelligent Identity Threat Detection
Massive Gmail Data Breach Exposes 183 Million User Credentials
RedTiger Toolkit Weaponized to Steal Discord Tokens and Crypto Wallets