Main Menu
Cyber Security
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
Pennsylvania Education Union Data Breach Impacts 500,000 Individuals
News
Pennsylvania Education Union Data Breach Impacts 500,000 Individuals
Andrew Doyle March 20, 2025
he Pennsylvania State Education Association (PSEA) suffered a data breach exposing the personal information of over 500,000 individuals, including financial and health records. Rhysida ransomware ...
Ransomware Victims on Dark Web - 3rd March, 2025
Ransomware
Ransomware Victims on Dark Web – 3rd March, 2025
Andrew Doyle March 20, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
California Cryobank Data Breach Exposes Sensitive Customer Information
News
California Cryobank Data Breach Exposes Sensitive Customer Information
Mitchell Langley March 19, 2025
California Cryobank, a major US sperm bank, suffered a data breach exposing customer names, bank details, Social Security numbers, and more. The company is offering ...
GitHub Action Hack May Cause Another Supply Chain Attack
News
GitHub Action Hack May Cause Another Supply Chain Attack
Andrew Doyle March 19, 2025
A cascading supply chain attack, starting with a GitHub Action hack, exposed CI/CD secrets across 23,000 repositories, highlighting vulnerabilities in third-party code reliance.
Western Alliance Bank Data Breach Impacts 21,899 Customers
News
Western Alliance Bank Data Breach Impacts 21,899 Customers
Mitchell Langley March 19, 2025
Western Alliance Bank suffered a data breach impacting 21,899 customers, exposing sensitive personal and financial information due to a third-party vendor's software vulnerability exploited by ...
11 State-Sponsored Hacking Groups Exploit Windows Zero-Day Exploit
News
11 State-Sponsored Hacking Groups Exploit Windows Zero-Day Exploit
Andrew Doyle March 19, 2025
A critical Windows zero-day exploit, ZDI-CAN-25373, has been exploited by 11 state-sponsored hacking groups since 2017, enabling data theft and espionage. Microsoft initially declined to ...
$6.1 Million Crypto Stolen in WEMIX Hack
News
$6.1 Million Crypto Stolen in WEMIX Hack
Andrew Doyle March 19, 2025
WEMIX, a blockchain gaming platform, suffered a $6.1 million crypto theft. Hackers stole authentication keys, planning the attack for two months before executing 13 successful ...
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
News
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
Mitchell Langley March 18, 2025
Microsoft discovered StilachiRAT, a new RAT malware using sophisticated techniques to steal cryptocurrency and perform reconnaissance. Its advanced evasion capabilities make proactive defense crucial.
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
News
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
Andrew Doyle March 18, 2025
A supply chain attack on the popular tj-actions/changed-files GitHub Action exposed CI/CD secrets. Attackers compromised a PAT, impacting 23,000 repositories. GitHub has since removed the ...
Critical Apache Tomcat Flaw Actively Exploited in Attacks
News
Critical Apache Tomcat Flaw Actively Exploited in Attacks
Mitchell Langley March 18, 2025
Critical Apache Tomcat RCE vulnerability (CVE-2025-24813) is actively exploited, allowing attackers to take control of servers via simple PUT requests. Immediate patching is crucial.
Fake "Security Alert" on GitHub Used to Hijack OAuth App Accounts
News
Fake “Security Alert” on GitHub Used to Hijack OAuth App Accounts
Andrew Doyle March 18, 2025
A massive GitHub phishing campaign uses fake "Security Alert" issues and a malicious OAuth app to hijack accounts, granting attackers full control. Immediate action is ...
Lingnan University Suffers Cybersecurity Breach: Sensitive Data Exposed
News
Lingnan University Suffers Cybersecurity Breach: Sensitive Data Exposed
Andrew Doyle March 18, 2025
Lingnan University in Hong Kong suffered a data breach exposing thousands of records, including sensitive personal data. The university is taking steps to enhance security.
Florida Hospital Data Breach Impacts Over 120,000 Patients
News
Florida Hospital Data Breach Impacts Over 120,000 Patients
Mitchell Langley March 17, 2025
A Florida hospital, CDH, suffered a data breach impacting over 120,000 patients. Sensitive data, including Social Security numbers and health information, was compromised. The BianLian ...
BlackBasta Ransomware Uses Automated Tool 'BRUTED' to Brute-Force VPNs
News
BlackBasta Ransomware Uses Automated Tool ‘BRUTED’ to Brute-Force VPNs
Andrew Doyle March 17, 2025
The BlackBasta ransomware group uses an automated tool, BRUTED, to brute-force VPNs and firewalls, highlighting the need for robust multi-factor authentication.
JD.com Data Breach: Babuk Ransomware Cartel Claims Massive Data Theft
News
JD.com Data Breach: Babuk Ransomware Cartel Claims Massive Data Theft
Mitchell Langley March 17, 2025
JD.com, a major Chinese retailer, faces a massive data breach after the Babuk ransomware cartel claims to have stolen customer passwords and other sensitive information. ...
UDMI Radiology Firm Suffers Major Data Breach: Fog Ransomware Claims Responsibility
News
UDMI Radiology Firm Suffers Major Data Breach: Fog Ransomware Claims Responsibility
Andrew Doyle March 17, 2025
Fog ransomware group claims responsibility for a major data breach at UDMI, a radiology firm, impacting over 138,000 individuals. The incident underscores the critical need ...
FBI Issues Warning Against Medusa Ransomware for Gmail, Outlook, and VPN Users
News
FBI Issues Warning Against Medusa Ransomware for Gmail, Outlook, and VPN Users
Mitchell Langley March 17, 2025
The FBI warns of escalating Medusa ransomware attacks targeting Gmail, Outlook, and VPN users, urging immediate security enhancements to mitigate the threat.
LockBit Ransomware Developer Extradited to the United States
News
LockBit Ransomware Developer Extradited to the United States
Andrew Doyle March 17, 2025
A key LockBit ransomware developer, Rostislav Panev, has been extradited to the US to face charges for his role in the group's global attacks.
Insider Attack and Extortion at Stram Center, SSK Plastic Surgery and Grove at Valhalla Rehabilitation
News
Insider Attack and Extortion at Stram Center, SSK Plastic Surgery and Grove at Valhalla Rehabilitation
Mitchell Langley March 14, 2025
Three healthcare providers suffered data breaches from insider attacks, extortion, and third-party vulnerabilities, highlighting the need for robust cybersecurity measures.
CISA Reports Medusa Ransomware Attacks Over 300 Critical Infrastructure Organizations
News
CISA Reports Medusa Ransomware Attacks Over 300 Critical Infrastructure Organizations
Mitchell Langley March 14, 2025
A joint advisory from CISA, FBI, and MS-ISAC reveals Medusa ransomware impacted over 300 US critical infrastructure organizations by February 2025. The advisory details mitigation ...
Stormous Ransomware: Unmasking the Pro-Russian Cyber Threat
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee July 3, 2025
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
Gabby Lee June 10, 2025
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley May 8, 2025

TOP CYBERSECURITY HEADLINES

Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
News
Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
News
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
News
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
News
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident

SECURITYWEEK INDUSTRY EXPERTS

BMW Financial Services Caught in Third-Party Data Breach Involving Texas Fintech Firm
News
BMW Financial Services Caught in Third-Party Data Breach Involving Texas Fintech Firm
Andrew Doyle July 7, 2025
Telefónica Faces New Data Leak Allegations After Hacker Publishes Sample Files
News
Telefónica Faces New Data Leak Allegations After Hacker Publishes Sample Files
Mitchell Langley July 7, 2025
Ingram Micro Confirms SafePay Ransomware Attack Behind Major Outage
News
Ingram Micro Confirms SafePay Ransomware Attack Behind Major Outage
Mitchell Langley July 7, 2025
Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
News
Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
Mitchell Langley July 7, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Citrix NetScaler Flaws Expose Enterprise Networks: CVE-2025-5349 & CVE-2025-5777
June 19, 2025
Podcasts
GerriScary: How CVE-2025-1568 Threatened Google’s Open-Source Supply Chain
June 19, 2025
Podcasts
Cisco & Atlassian Under Fire: High-Severity Flaws and What’s at Risk
June 19, 2025

Cyber Security News

This Week in Cybersecurity: 19th August to 23rd August, Halliburton Hit by Cyberattack
Cybersecurity
This Week in Cybersecurity: 19th August to 23rd August, Halliburton Hit by Cyberattack
August 24, 2024
The Financial Fallout of Ransomware in 2024
Blog
The Financial Fallout of Ransomware in 2024
August 23, 2024
QNAP Bolsters NAS Security with Enhanced Ransomware Protection in Latest QTS Update
Cybersecurity
QNAP Bolsters NAS Security with Enhanced Ransomware Protection in Latest QTS Update
August 23, 2024
What is Maze Ransomware? A Comprehensive Guide for Enterprises
Blog
What is Maze Ransomware? A Comprehensive Guide for Enterprise Businesses
August 21, 2024
Cyber Resilience Your Lifeline Against Cyberattacks
Blog
Cyber Resilience: Your Lifeline Against Cyberattacks
August 19, 2024
This Week in Cybersecurity: 12th August to 16th August, National Public Data Breach Exposed Personal Information of Billions
Cybersecurity
This Week in Cybersecurity: 12th August to 16th August, National Public Data Breach Exposed Personal Information of Billions
August 16, 2024
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
May 7, 2025
Masimo disclosed a cyberattack impacting manufacturing and logistics, coinciding with the $350M sale of its Sound United audio brands to Samsung subsidiary Harman.
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
May 7, 2025
Ransom House claims to have breached German brewing giant Oettinger, threatening to leak sensitive data if the company fails to meet its ransom demands.
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
May 7, 2025
CISA confirms active exploitation of critical Langflow RCE flaw CVE-2025-3248, urging urgent updates to prevent full server takeover through exposed API endpoints.
“Bring Your Own Installer” EDR Bypass Used in Ransomware Attack Targeting SentinelOne
May 7, 2025
A new “Bring Your Own Installer” bypass lets ransomware actors disable SentinelOne EDR protection by exploiting the agent upgrade process, leaving endpoints exposed to attack. ...
Another Day, Another Commvault Zero-Day: RCE, Path Traversal, and KEV Inclusions
May 6, 2025
In this episode, we break down the anatomy of some of the most critical vulnerabilities threatening enterprise systems in 2025 — and the real-world attacks ...
Kelly Benefits Breach: What 413,000 Exposed Records Teach Us About Cybersecurity
May 6, 2025
In this episode, we dive deep into the massive data breach at Kelly Benefits, a payroll and benefits administrator that exposed the sensitive personal data ...
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
May 6, 2025
Explore six critical Supply Chain Cybersecurity Risks in 2025—from AI-driven cyberattacks and IoT vulnerabilities to quantum computing and geopolitical threats shaping logistics.
$491M Budget Cut: The White House Move That Could Reshape CISA
May 6, 2025
 In this episode, we unpack the rising tensions surrounding the Cybersecurity and Infrastructure Security Agency (CISA) as it faces proposed budget cuts, looming layoffs, and ...
Rhysida Ransomware Gang Claims Cyberattack on Peruvian Government Systems
May 6, 2025
Rhysida ransomware group has claimed responsibility for a cyberattack on Peru’s government systems, demanding payment for stolen data while officials deny any breach occurred.
Anonymous Hacks GlobalX Airline Over Deportation Flights Linked to ICE and Trump-Era Policy
May 6, 2025
Anonymous defaced a GlobalX subdomain and leaked flight manifests related to ICE deportation flights of Venezuelan migrants, protesting Trump-era policies ruled unlawful by a federal ...
Trump’s Security Adviser Targeted in Messaging App Breach Linked to Signal Clone
May 6, 2025
A hacked Signal clone used by Trump’s former security adviser Mike Waltz has raised serious concerns over the safety of sensitive government communications.
New York Post X Account Hacked and Hijacked in Targeted Crypto Scam
May 6, 2025
Hackers hijacked the New York Post’s verified X account to target crypto users via direct messages, redirecting victims to a Telegram-based scam under false pretenses. ...
EU Fines TikTok €530 Million For Data Protection Failures
May 6, 2025
TikTok has been fined €530 million by EU regulators over data protection failures and may face a data transfer suspension to China unless it complies ...
TikTok Fined €530M: GDPR Breach Over Data Transfers to China
May 5, 2025
The Irish Data Protection Commission (DPC) has fined TikTok a staggering €530 million ($601 million) for violating the GDPR by transferring European user data to ...
StealC Malware Upgraded With Advanced Data Theft and Stealth Capabilities
May 5, 2025
StealC malware receives major upgrade with advanced stealth, encryption, and data theft tools, including real-time Telegram alerts and full desktop screenshot capabilities.
Endor Labs Raises $93M to Cut AppSec Noise and Secure the Software Supply Chain
May 5, 2025
In this episode, we explore the security challenges of the AI-driven software era and how Endor Labs is reshaping application security for the modern development ...
UK Retailer Co-op Discloses Data Theft After DragonForce Ransomware Compromise
May 5, 2025
UK retailer Co-op has confirmed a data breach impacting millions, following a ransomware attack by DragonForce. Personal details were stolen, but no financial data.
U.S. Indicts Black Kingdom Ransomware Developer Behind 1,500 Microsoft Exchange Attacks
May 5, 2025
The U.S. has indicted a Yemeni national for operating Black Kingdom ransomware, targeting Microsoft Exchange servers in 1,500 global attacks demanding $10,000 in Bitcoin.
CVE-2025-3928: How One Vulnerability Breached Commvault’s Azure Stack
May 5, 2025
In this episode, we take a deep dive into CVE-2025-3928—a critical vulnerability in the Commvault Web Server that enables remote attackers to deploy and execute ...
Sodinokibi/REvil Ransomware: The Evasive Threat
May 5, 2025
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April 2019. Initially observed primarily in ...
SAP’s July 2025 Patch Day: Critical Flaws, CVE-2025-30012, and Ransomware Risk
106GB Exposed? Telefónica, HellCat, and the Silent Data Breach
Ingram Micro’s SafePay Ransomware Breach: Human-Operated Threats and Supply Chain Fallout
The Illusion of Shutdowns: What Hunters International’s Closure Really Means
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
BMW Financial Services Caught in Third-Party Data Breach Involving Texas Fintech Firm
CISA Flags CVE-2025-6554: Patching Chrome’s Critical Flaw Before It’s Too Late
Telefónica Faces New Data Leak Allegations After Hacker Publishes Sample Files
Ingram Micro Confirms SafePay Ransomware Attack Behind Major Outage
Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
ANSSI vs. Houken: France Battles Advanced Chinese Hacking Threat
Psychological Manipulation and AI Fraud: How Spain Exposed a $12M Scam
CVE-2025-20309: Critical Cisco Root Access Flaw Threatens VoIP Security
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
Citrix Patch for Critical NetScaler Vulnerabilities Causes Login Issues for Some Customers
Forminator Plugin Flaw Leaves 600,000+ WordPress Sites at Risk of Full Takeover
Grafana Issues Critical Security Fixes for Image Renderer Plugin and Synthetic Monitoring Agent