Main Menu
Cyber Security
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
iRhythm Confirms PHI Exfiltration via Social Engineering
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
GhostTree NTFS Junctions Paralyze Windows Defender Scans
CVE-2026-2473: Vertex AI SDK Pickle Attack Enables Cross-Tenant RCE
Endpoint Security Solutions: How to Protect Every Enterprise Device
UNC6508 Abused Google Workspace Rules in Medical-Military Espionage
Three FortiSandbox CVEs Chained for Unauthenticated Root Execution
Cisco CVE-2026-20262 Added to CISA KEV; Eighth Exploited SD-WAN Flaw
LiteSpeed cPanel CVE-2026-54420 Escalates to Root on Shared Hosts
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
DOJ Seizes CFAKE.com and SOCFAKE.com in First TAKE IT DOWN Act Case
The Quarry PhaaS: IRS Lures, ConnectWise RAT, 500+ Victims
ESET Finds WIN_DRV: Earth Lusca’s First Windows SprySOCKS Rootkit
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
CVE-2026-48558 Exposes 14,000 SimpleHelp RMM Servers to Auth Bypass
ShinyHunters Claims 61M Sysco Salesforce Records in Unverified Breach
What Is Scareware? How Fake Security Warnings Lead to Real Malware
Lapsus$ Lists GitHub Internal Repos for Sale, Copilot Source Included
Nightspire Claims Blue Nile Medical and Silsbee Police as New Victims
Ukrainian Conti Developer Pleads Guilty to Ransomware Loader Coding
Awesome Motive CDN Compromised; Backdoor Served to OptinMonster Users
CVE-2026-42824: M365 Copilot SearchLeak Enables 1-Click Email Theft
Novo Nordisk Confirms Hack of Clinical Trial Biomarker Data
SearchJack: 23 Chrome Extensions Intercept 758,000 Users’ Searches
TheGentlemen Ransomware Posts 20 Victims Across 14 Countries
PromptSnatcher Extensions Stole AI Chats From 90,000 Users
SimpleHelp and ScreenConnect The IT Tools That Became a Backdoor
Cybersecurity
SimpleHelp and ScreenConnect: The IT Tools That Became a Backdoor
Gabby Lee May 5, 2026
VENOMOUS#HELPER spent 13 months inside 80+ organizations using legitimate RMM software — SimpleHelp and ScreenConnect — as undetected persistent access channels.
11 Million Downloads, One Poisoned Version PyTorch's Close Call
Application Security
11 Million Downloads, One Poisoned Version: PyTorch’s Close Call
Mitchell Langley May 5, 2026
Attackers compromised PyTorch Lightning 2.6.3 on PyPI with ShaiWorm credential stealer, targeting cloud API keys, browser credentials, and AWS/Azure/GCP tokens.
Hacking the Hackers What a Security Vendor Breach Really Means
Cybersecurity
Hacking the Hackers: What a Security Vendor Breach Really Means
Mitchell Langley May 5, 2026
Trellix disclosed that attackers accessed its internal source code repositories — raising serious questions about what stolen security vendor source code enables.
Signed, Sealed, Stolen Hackers Used DigiCert to Certify Malware
Application Security
Signed, Sealed, Stolen: Hackers Used DigiCert to Certify Malware
Gabby Lee May 5, 2026
Attackers compromised DigiCert support staff via a chat-delivered screenshot, used their access to obtain code-signing certificates, and signed Zhong Stealer malware.
Five Intelligence Agencies Agree Slow Down Your AI Agents
Application Security
Five Intelligence Agencies Agree: Slow Down Your AI Agents
Andrew Doyle May 5, 2026
The Five Eyes alliance issued its first joint advisory on agentic AI security, warning that autonomous AI systems introduce novel attack surfaces enterprises are not ...
275 Million Students' Records Allegedly Stolen in Canvas Breach
Cybersecurity
275 Million Students’ Records Allegedly Stolen in Canvas Breach
Mitchell Langley May 5, 2026
ShinyHunters claims 3.65 TB of Instructure Canvas data affecting 275 million users at 9,000 schools — with minors' data exposed and a Salesforce pivot involved.
Tax Season Never Really Ends for Hackers
Cybersecurity
Tax Season Never Really Ends for Hackers
Gabby Lee May 5, 2026
China-linked Silver Fox deployed a new ABCDoor backdoor through tax-themed phishing targeting both Indian and Russian filers simultaneously — a significant operational expansion.
When Amazon Sends the Phishing Email
Cybersecurity
When Amazon Sends the Phishing Email
Andrew Doyle May 5, 2026
Threat actors are systematically abusing Amazon SES to send phishing emails that pass SPF, DKIM, and DMARC checks — turning AWS's own email infrastructure against ...
WhatsApp Patches Flaws That Let Hackers Hide Malware in Plain Sight
Application Security
WhatsApp Patches Flaws That Let Hackers Hide Malware in Plain Sight
Gabby Lee May 5, 2026
Meta patched WhatsApp file type spoofing and URL scheme vulnerabilities that could disguise malicious executables as benign files and redirect users to attacker-controlled resources.
North Korea Turned a Gaming App Into a Spyware Platform
Cybersecurity
North Korea Turned a Gaming App Into a Spyware Platform
Mitchell Langley May 5, 2026
North Korean APT37 compromised a gaming platform to deliver BirdCall, a new cross-platform spy tool targeting Android and Windows users since 2024.
Debug Mode Left Open Enterprise Platform Hit With Unauthenticated RCE
Application Security
Debug Mode Left Open: Enterprise Platform Hit With Unauthenticated RCE
Mitchell Langley May 5, 2026
CVE-2026-22679, a critical unauthenticated RCE in Weaver E-cology, has been actively exploited since March — weeks before public disclosure reached defenders.
One Zero-Day, 40,000 Servers The cPanel Mass-Compromise
Application Security
One Zero-Day, 40,000 Servers: The cPanel Mass-Compromise
Gabby Lee May 5, 2026
A critical cPanel authentication bypass zero-day exploited for two months before disclosure compromised 40,000+ servers and targeted governments in Southeast Asia.
Confident Posture Navigating Ransomware Incidents with Expert Guidance
Blog
Confident Posture: Navigating Ransomware Incidents with Expert Guidance
Mitchell Langley April 24, 2026
No organization wants to be the next ransomware headline. But every business, from small startups to global enterprises, is at ...
Cybersecurity
Threat Actors Are Ramping Up Microsoft Teams Exploitation for Network Access
Gabby Lee April 21, 2026
Cybercriminals are increasingly targeting Microsoft Teams in enterprise attacks, using the platform alongside legitimate tools to gain unauthorized ac...
Cybersecurity
Cybercriminals Are Bending Trust, Not Breaking Systems
Gabby Lee April 21, 2026
Cyber attackers bypass systems without breaking them, taking advantage of trusted pathways, smartly bending trust.
Application Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Mitchell Langley April 21, 2026
Claude Desktop's unauthorized modifications may breach EU laws on clear user consent.
CVE Vulnerability Alerts
Severe Command Injection Flaw Discovered in SGLang
Andrew Doyle April 21, 2026
A critical vulnerability in SGLang could allow remote code execution. Tracked as CVE-2026-5760, this flaw scores 9.8 on CVSS.
Cybersecurity
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Gabby Lee April 21, 2026
Vulnerabilities in Lantronix and Silex products risk exploitation in OT and healthcare sectors.
News
Seiko USA Faces Ransom Threat After Website Defacement
Mitchell Langley April 21, 2026
Attackers reportedly demand ransom from Seiko USA after defacing the website and claiming to possess customer data.
Cybersecurity
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Andrew Doyle April 21, 2026
A Scottish man pleads guilty in a US court to a cryptocurrency theft using phishing and SIM-swap tactics.
Application Security
Mastra AI npm Supply Chain Attack Hits 1.1M Weekly Downloads
Mitchell Langley June 17, 2026
Cybersecurity
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
Gabby Lee June 17, 2026
Cybersecurity
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
Mitchell Langley June 17, 2026
Cybersecurity
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Andrew Doyle June 17, 2026

TOP CYBERSECURITY HEADLINES

Application Security
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
Cybersecurity
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
Cybersecurity
iRhythm Confirms PHI Exfiltration via Social Engineering
Cybersecurity
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps

This Week’s Security Spotlight

Cybersecurity
iRhythm Confirms PHI Exfiltration via Social Engineering
Mitchell Langley June 17, 2026
Application Security
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
Mitchell Langley June 16, 2026
Application Security
PromptSnatcher Extensions Stole AI Chats From 90,000 Users
Mitchell Langley June 15, 2026
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Andrew Doyle June 12, 2026
More In News
Trending
Storm-3075 Uses ChatGPT and Claude Brands to Harvest Credentials
Fake Claude Code Installers on Google Sites Steal AI API Keys
Fake Chrome Web Store DMCA Notices Target Extension Developers
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Ghana, Senegal, Ivory Coast at the Center of Interpol’s Multi-Nation Cybercrime Takedown
September 29, 2025
Podcasts
Harrods Data Breach Exposes Customer Details in Third-Party Hack
September 29, 2025
Podcasts
Steam Game BlockBlasters Turns Malicious, Drains $150K in Crypto
September 23, 2025

Cyber Security News

Cybersecurity
Supreme Court Upholds $200M FCC Fines on AT&T and Verizon
June 5, 2026
Cybersecurity
FTC Seeks Public Comment on X Corp Bid to Void Twitter Settlement
June 5, 2026
CVE Vulnerability Alerts
CISA Orders Patch for Linux Container Escape CVE-2022-0492
June 4, 2026
Application Security
CISA Flags Magento RCE CVE-2026-45247; 150K Stores Exposed
June 4, 2026
Cybersecurity
CISA, FBI, NSA, DOE Warn of Active Attacks on Fuel Tank Monitors
June 4, 2026
Cybersecurity
OFAC Sanctions Nobitex, Iran’s Largest Crypto Exchange
June 4, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Signed, Sealed, Stolen: Hackers Used DigiCert to Certify Malware
May 5, 2026
Attackers compromised DigiCert support staff via a chat-delivered screenshot, used their access to obtain code-signing certificates, and signed Zhong Stealer malware.
Five Intelligence Agencies Agree: Slow Down Your AI Agents
May 5, 2026
The Five Eyes alliance issued its first joint advisory on agentic AI security, warning that autonomous AI systems introduce novel attack surfaces enterprises are not ...
275 Million Students’ Records Allegedly Stolen in Canvas Breach
May 5, 2026
ShinyHunters claims 3.65 TB of Instructure Canvas data affecting 275 million users at 9,000 schools — with minors' data exposed and a Salesforce pivot involved.
Tax Season Never Really Ends for Hackers
May 5, 2026
China-linked Silver Fox deployed a new ABCDoor backdoor through tax-themed phishing targeting both Indian and Russian filers simultaneously — a significant operational expansion.
When Amazon Sends the Phishing Email
May 5, 2026
Threat actors are systematically abusing Amazon SES to send phishing emails that pass SPF, DKIM, and DMARC checks — turning AWS's own email infrastructure against ...
WhatsApp Patches Flaws That Let Hackers Hide Malware in Plain Sight
May 5, 2026
Meta patched WhatsApp file type spoofing and URL scheme vulnerabilities that could disguise malicious executables as benign files and redirect users to attacker-controlled resources.
North Korea Turned a Gaming App Into a Spyware Platform
May 5, 2026
North Korean APT37 compromised a gaming platform to deliver BirdCall, a new cross-platform spy tool targeting Android and Windows users since 2024.
Debug Mode Left Open: Enterprise Platform Hit With Unauthenticated RCE
May 5, 2026
CVE-2026-22679, a critical unauthenticated RCE in Weaver E-cology, has been actively exploited since March — weeks before public disclosure reached defenders.
One Zero-Day, 40,000 Servers: The cPanel Mass-Compromise
May 5, 2026
A critical cPanel authentication bypass zero-day exploited for two months before disclosure compromised 40,000+ servers and targeted governments in Southeast Asia.
Confident Posture: Navigating Ransomware Incidents with Expert Guidance
April 24, 2026
No organization wants to be the next ransomware headline. But every business, from small startups to global enterprises, is at risk from disruptive and financially ...
Threat Actors Are Ramping Up Microsoft Teams Exploitation for Network Access
April 21, 2026
Cybercriminals are increasingly targeting Microsoft Teams in enterprise attacks, using the platform alongside legitimate tools to gain unauthorized ac...
Cybercriminals Are Bending Trust, Not Breaking Systems
April 21, 2026
Cyber attackers bypass systems without breaking them, taking advantage of trusted pathways, smartly bending trust.
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
April 21, 2026
Claude Desktop's unauthorized modifications may breach EU laws on clear user consent.
Severe Command Injection Flaw Discovered in SGLang
April 21, 2026
A critical vulnerability in SGLang could allow remote code execution. Tracked as CVE-2026-5760, this flaw scores 9.8 on CVSS.
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
April 21, 2026
Vulnerabilities in Lantronix and Silex products risk exploitation in OT and healthcare sectors.
Seiko USA Faces Ransom Threat After Website Defacement
April 21, 2026
Attackers reportedly demand ransom from Seiko USA after defacing the website and claiming to possess customer data.
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
April 21, 2026
A Scottish man pleads guilty in a US court to a cryptocurrency theft using phishing and SIM-swap tactics.
Cyberattacks Are Outpacing MSP and Corporate Defenses
April 21, 2026
Discover cybersecurity strategies to counter evolving threats in an upcoming webinar focused on security and recovery.
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
April 21, 2026
Huntress identifies threat actors exploiting vulnerabilities in Microsoft Defender.
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
April 21, 2026
Lawmakers discuss the rapid development of AI, expressing fears over its potential impact on various global aspects.
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
iRhythm Confirms PHI Exfiltration via Social Engineering
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
GhostTree NTFS Junctions Paralyze Windows Defender Scans
CVE-2026-2473: Vertex AI SDK Pickle Attack Enables Cross-Tenant RCE
Endpoint Security Solutions: How to Protect Every Enterprise Device
UNC6508 Abused Google Workspace Rules in Medical-Military Espionage
Three FortiSandbox CVEs Chained for Unauthenticated Root Execution
Cisco CVE-2026-20262 Added to CISA KEV; Eighth Exploited SD-WAN Flaw
LiteSpeed cPanel CVE-2026-54420 Escalates to Root on Shared Hosts
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
DOJ Seizes CFAKE.com and SOCFAKE.com in First TAKE IT DOWN Act Case
The Quarry PhaaS: IRS Lures, ConnectWise RAT, 500+ Victims
ESET Finds WIN_DRV: Earth Lusca’s First Windows SprySOCKS Rootkit
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
CVE-2026-48558 Exposes 14,000 SimpleHelp RMM Servers to Auth Bypass
ShinyHunters Claims 61M Sysco Salesforce Records in Unverified Breach