Main Menu
Cyber Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Mysk: WhatsApp Stores Chats Unencrypted, Meta Apps Can Read Them
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
FBI Warns Kali365 PhaaS Platform Bypasses Microsoft 365 MFA
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
DPRK npm Packages Use Hugging Face to Exfiltrate Developer Credentials
Deleted Google API Keys Stay Active for Up to 23 Minutes
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Texas AG Sues Meta Over WhatsApp Encryption Claims
Banana RAT Hijacks Brazil Pix QR Codes via NF-e Lures
UNG0002 Hides Cobalt Strike in macOS Folder Structures
INJ3CTOR3 Deploys JOMANGY Webshell in FreePBX Campaign
Operation Dragon Whistle Uses VS Code Tunnels as C2
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
NGINX 1.31.0 Zero-Day nginx-poolslip Bypasses ASLR
WantToCry Ransomware Hits SMB Ports, Evades EDR Tools
DOJ Secures Guilty Pleas From Tech-Support Fraud Executives
BadIIS Malware-as-a-Service Hijacks IIS Servers for SEO Fraud
GhostTree Exploit Hangs Windows Defender With NTFS Junctions
SilverFox APT Spreads ValleyRAT via Fake Microsoft Teams Sites
TamperedChef Hides Malware Inside Signed Apps
Chrome 148 Patches Critical WebRTC Use-After-Free
P2PInfect Botnet Infiltrates Kubernetes Clusters via Redis
VENON Banking Malware Targets Brazilian Users With Rust-Based Code
Cybersecurity
VENON Banking Malware Targets Brazilian Users With Rust-Based Code
Gabby Lee March 13, 2026
New banking malware VENON targets Brazilian users, developed in Rust, diverging from traditional Delphi-based threats.
Apple Releases iOS and iPadOS Updates to Patch Coruna Exploits
Application Security
Apple Releases iOS and iPadOS Updates to Patch Coruna Exploits
Andrew Doyle March 13, 2026
Apple issues iOS and iPadOS updates to address vulnerabilities, safeguarding against the Coruna exploit.
Veeam Software Fixes Critical RCE Vulnerabilities in Backup & Replication Solution
Application Security
Veeam Software Fixes Critical RCE Vulnerabilities in Backup & Replication Solution
Mitchell Langley March 13, 2026
Veeam Software addresses critical security flaws in their Backup & Replication tool, preventing potential remote code execution risks.
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
Cybersecurity
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
Gabby Lee March 13, 2026
England Hockey is assessing a potential data breach by the AiLock ransomware gang that listed it on its data leak site.
International Operation Dismantles the Dangerous SocksEscort Proxy Service
Cybersecurity
International Operation Dismantles the Dangerous SocksEscort Proxy Service
Andrew Doyle March 13, 2026
Global law enforcement dismantles SocksEscort proxy service involved in digital fraud, impacting numerous networks worldwide.
Slopoly Malware Linked to Interlock Ransomware Attack
News
Slopoly Malware Linked to Interlock Ransomware Attack
Mitchell Langley March 13, 2026
Investigating Slopoly malware's impact, AI origins, and role in Interlock attacks.
Apple Patches Older iPhones and iPads Against Coruna Exploit Kit Attacks
Cybersecurity
Apple Patches Older iPhones and iPads Against Coruna Exploit Kit Attacks
Gabby Lee March 13, 2026
Apple patches actively exploited vulnerabilities in older iPhones and iPads, addressing security gaps targeted by the Coruna exploit kit.
Cybercriminals Target Airline Loyalty Programs A New Threat to Travelers
Cybersecurity
Cybercriminals Target Airline Loyalty Programs: A New Threat to Travelers
Andrew Doyle March 13, 2026
Airline miles stolen by cybercriminals are transformed into flights and hotel stays, then sold as discounted travel.
Global Arrests Made in a Social Media Scam Targeting Thousands
Cybersecurity
Global Arrests Made in a Social Media Scam Targeting Thousands
Gabby Lee March 12, 2026
Authorities dismantle a major social media scam ring, arresting suspects and affecting thousands.
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
Application Security
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
Andrew Doyle March 12, 2026
An SQL injection flaw in the Ally WordPress plugin poses data breach risks on over 400,000 websites.
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
Cybersecurity
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
Gabby Lee March 12, 2026
WhatsApp rolls out a feature for parent-managed accounts, enhancing safety for pre-teen users.
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Andrew Doyle March 12, 2026
The Senate has confirmed Joshua Rudd to head both the NSA and US Cyber Command, continuing the "dual-hat" arrangement.
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
Cybersecurity
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
Mitchell Langley March 12, 2026
Police Scotland faces a £66,000 fine due to mishandling sensitive data.
'PhantomRaven' Supply-Chain Campaign Floods npm Registry with Malicious Packages
Application Security
‘PhantomRaven’ Supply-Chain Campaign Floods npm Registry with Malicious Packages
Andrew Doyle March 12, 2026
'PhantomRaven' attacks are affecting JavaScript developers by targeting the npm registry with dozens of malicious packages designed to steal sensitive...
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
Cybersecurity
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
Gabby Lee March 12, 2026
Stryker, a medical tech leader, attacked by pro-Palestinian hacktivist group Handala, using impactful wiper malware.
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Mitchell Langley March 12, 2026
Two critical security vulnerabilities in n8n automation platform have been patched.
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
Cybersecurity
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
Andrew Doyle March 12, 2026
Google completes $32 billion acquisition of cloud security leader Wiz, expanding its cybersecurity capabilities.
Fake Starlink Android Apps Spread BeatBanker Malware
Cybersecurity
Fake Starlink Android Apps Spread BeatBanker Malware
Gabby Lee March 12, 2026
BeatBanker Android malware targets users through fake apps.
ELECQ Data Breach May Have Exposed EV Charger Users' Private Information
Cybersecurity
ELECQ Data Breach May Have Exposed EV Charger Users’ Private Information
Mitchell Langley March 11, 2026
ELECQ warns of potential data theft after ransomware attack on its cloud systems.
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
Cybersecurity
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
Andrew Doyle March 11, 2026
Ericsson Inc. reports data theft affecting employees and customers due to a service provider breach.
Application Security
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
Mitchell Langley May 25, 2026
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Gabby Lee May 25, 2026
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Gabby Lee May 25, 2026
Cybersecurity
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Mitchell Langley May 25, 2026

TOP CYBERSECURITY HEADLINES

Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Application Security
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
Cybersecurity
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Cybersecurity
Netherlands Seizes 800 Stark Industries Servers, Arrests Two

This Week’s Security Spotlight

Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Mitchell Langley May 25, 2026
Application Security
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Gabby Lee May 25, 2026
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Gabby Lee May 22, 2026
Cybersecurity
NYC Health + Hospitals Breach Exposes 1.8M Patients’ Fingerprints
Gabby Lee May 21, 2026
More In News
Trending
INTERPOL Operation Ramz: 201 Arrests in 13-Nation MENA Sweep
Tycoon2FA Adds Device-Code Attack to Bypass Microsoft 365 MFA
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Ghana, Senegal, Ivory Coast at the Center of Interpol’s Multi-Nation Cybercrime Takedown
September 29, 2025
Podcasts
Harrods Data Breach Exposes Customer Details in Third-Party Hack
September 29, 2025
Podcasts
Steam Game BlockBlasters Turns Malicious, Drains $150K in Crypto
September 23, 2025

Cyber Security News

Cybersecurity
QLNX Fileless Linux RAT Combines eBPF Rootkit, PAM Backdoor
May 12, 2026
Cybersecurity
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield
May 12, 2026
Application Security
Google GTIG Documents First AI-Generated Zero-Day Exploit
May 12, 2026
Application Security
Apache CVE-2026-23918: HTTP/2 Double-Free Enables RCE on Debian
May 12, 2026
Application Security
SailPoint GitHub Repositories Breached via Third-Party App Flaw
May 12, 2026
Cybersecurity
TrickMo Android Banker Routes C2 Traffic Through TON Blockchain
May 12, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
March 13, 2026
England Hockey is assessing a potential data breach by the AiLock ransomware gang that listed it on its data leak site.
International Operation Dismantles the Dangerous SocksEscort Proxy Service
March 13, 2026
Global law enforcement dismantles SocksEscort proxy service involved in digital fraud, impacting numerous networks worldwide.
Slopoly Malware Linked to Interlock Ransomware Attack
March 13, 2026
Investigating Slopoly malware's impact, AI origins, and role in Interlock attacks.
Apple Patches Older iPhones and iPads Against Coruna Exploit Kit Attacks
March 13, 2026
Apple patches actively exploited vulnerabilities in older iPhones and iPads, addressing security gaps targeted by the Coruna exploit kit.
Cybercriminals Target Airline Loyalty Programs: A New Threat to Travelers
March 13, 2026
Airline miles stolen by cybercriminals are transformed into flights and hotel stays, then sold as discounted travel.
Global Arrests Made in a Social Media Scam Targeting Thousands
March 12, 2026
Authorities dismantle a major social media scam ring, arresting suspects and affecting thousands.
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
March 12, 2026
An SQL injection flaw in the Ally WordPress plugin poses data breach risks on over 400,000 websites.
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
March 12, 2026
WhatsApp rolls out a feature for parent-managed accounts, enhancing safety for pre-teen users.
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
March 12, 2026
The Senate has confirmed Joshua Rudd to head both the NSA and US Cyber Command, continuing the "dual-hat" arrangement.
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
March 12, 2026
Police Scotland faces a £66,000 fine due to mishandling sensitive data.
‘PhantomRaven’ Supply-Chain Campaign Floods npm Registry with Malicious Packages
March 12, 2026
'PhantomRaven' attacks are affecting JavaScript developers by targeting the npm registry with dozens of malicious packages designed to steal sensitive...
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
March 12, 2026
Stryker, a medical tech leader, attacked by pro-Palestinian hacktivist group Handala, using impactful wiper malware.
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
March 12, 2026
Two critical security vulnerabilities in n8n automation platform have been patched.
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
March 12, 2026
Google completes $32 billion acquisition of cloud security leader Wiz, expanding its cybersecurity capabilities.
Fake Starlink Android Apps Spread BeatBanker Malware
March 12, 2026
BeatBanker Android malware targets users through fake apps.
ELECQ Data Breach May Have Exposed EV Charger Users’ Private Information
March 11, 2026
ELECQ warns of potential data theft after ransomware attack on its cloud systems.
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
March 11, 2026
Ericsson Inc. reports data theft affecting employees and customers due to a service provider breach.
Malicious npm Package Disguises as OpenClaw Installer for Data Theft
March 11, 2026
New npm threat involves package posing as OpenClaw installer deploying RAT to steal sensitive data.
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
March 11, 2026
ShinyHunters claims responsibility for a high-profile data breach affecting Salesforce and other major companies, utilizing an open-source tool develo...
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
March 11, 2026
Salesforce's Experience Cloud under scrutiny as vulnerabilities expose extensive data risks.
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
ShinyHunters Claims 260K Baker Distributing Salesforce Records
Ubiquiti Patches 3 Max-Severity UniFi OS Flaws, 100K Exposed
Trump Mobile Exposes 27,000 Customer Records via Insecure API
Mysk: WhatsApp Stores Chats Unencrypted, Meta Apps Can Read Them
Wireshark 4.6.6 Patches ROHC Crash and MACsec Buffer Overflow
FBI Warns Kali365 PhaaS Platform Bypasses Microsoft 365 MFA
Lenovo BootRepair.sys Driver Exposes BYOVD Attack on CrowdStrike
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
DPRK npm Packages Use Hugging Face to Exfiltrate Developer Credentials
Deleted Google API Keys Stay Active for Up to 23 Minutes
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Texas AG Sues Meta Over WhatsApp Encryption Claims
Banana RAT Hijacks Brazil Pix QR Codes via NF-e Lures
UNG0002 Hides Cobalt Strike in macOS Folder Structures
INJ3CTOR3 Deploys JOMANGY Webshell in FreePBX Campaign
Operation Dragon Whistle Uses VS Code Tunnels as C2