Cyber Security
News
Western Alliance Bank Data Breach Impacts 21,899 Customers
Mitchell Langley
March 19, 2025
Western Alliance Bank suffered a data breach impacting 21,899 customers, exposing sensitive personal and financial information due to a third-party vendor's software vulnerability exploited by ...
News
11 State-Sponsored Hacking Groups Exploit Windows Zero-Day Exploit
Andrew Doyle
March 19, 2025
A critical Windows zero-day exploit, ZDI-CAN-25373, has been exploited by 11 state-sponsored hacking groups since 2017, enabling data theft and espionage. Microsoft initially declined to ...
News
$6.1 Million Crypto Stolen in WEMIX Hack
Andrew Doyle
March 19, 2025
WEMIX, a blockchain gaming platform, suffered a $6.1 million crypto theft. Hackers stole authentication keys, planning the attack for two months before executing 13 successful ...
News
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
Mitchell Langley
March 18, 2025
Microsoft discovered StilachiRAT, a new RAT malware using sophisticated techniques to steal cryptocurrency and perform reconnaissance. Its advanced evasion capabilities make proactive defense crucial.
News
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
Andrew Doyle
March 18, 2025
A supply chain attack on the popular tj-actions/changed-files GitHub Action exposed CI/CD secrets. Attackers compromised a PAT, impacting 23,000 repositories. GitHub has since removed the ...
News
Critical Apache Tomcat Flaw Actively Exploited in Attacks
Mitchell Langley
March 18, 2025
Critical Apache Tomcat RCE vulnerability (CVE-2025-24813) is actively exploited, allowing attackers to take control of servers via simple PUT requests. Immediate patching is crucial.
News
Fake “Security Alert” on GitHub Used to Hijack OAuth App Accounts
Andrew Doyle
March 18, 2025
A massive GitHub phishing campaign uses fake "Security Alert" issues and a malicious OAuth app to hijack accounts, granting attackers full control. Immediate action is ...
News
Lingnan University Suffers Cybersecurity Breach: Sensitive Data Exposed
Andrew Doyle
March 18, 2025
Lingnan University in Hong Kong suffered a data breach exposing thousands of records, including sensitive personal data. The university is taking steps to enhance security.
News
Florida Hospital Data Breach Impacts Over 120,000 Patients
Mitchell Langley
March 17, 2025
A Florida hospital, CDH, suffered a data breach impacting over 120,000 patients. Sensitive data, including Social Security numbers and health information, was compromised. The BianLian ...
News
BlackBasta Ransomware Uses Automated Tool ‘BRUTED’ to Brute-Force VPNs
Andrew Doyle
March 17, 2025
The BlackBasta ransomware group uses an automated tool, BRUTED, to brute-force VPNs and firewalls, highlighting the need for robust multi-factor authentication.
News
JD.com Data Breach: Babuk Ransomware Cartel Claims Massive Data Theft
Mitchell Langley
March 17, 2025
JD.com, a major Chinese retailer, faces a massive data breach after the Babuk ransomware cartel claims to have stolen customer passwords and other sensitive information. ...
News
UDMI Radiology Firm Suffers Major Data Breach: Fog Ransomware Claims Responsibility
Andrew Doyle
March 17, 2025
Fog ransomware group claims responsibility for a major data breach at UDMI, a radiology firm, impacting over 138,000 individuals. The incident underscores the critical need ...
News
FBI Issues Warning Against Medusa Ransomware for Gmail, Outlook, and VPN Users
Mitchell Langley
March 17, 2025
The FBI warns of escalating Medusa ransomware attacks targeting Gmail, Outlook, and VPN users, urging immediate security enhancements to mitigate the threat.
News
LockBit Ransomware Developer Extradited to the United States
Andrew Doyle
March 17, 2025
A key LockBit ransomware developer, Rostislav Panev, has been extradited to the US to face charges for his role in the group's global attacks.
News
Insider Attack and Extortion at Stram Center, SSK Plastic Surgery and Grove at Valhalla Rehabilitation
Mitchell Langley
March 14, 2025
Three healthcare providers suffered data breaches from insider attacks, extortion, and third-party vulnerabilities, highlighting the need for robust cybersecurity measures.
News
CISA Reports Medusa Ransomware Attacks Over 300 Critical Infrastructure Organizations
Mitchell Langley
March 14, 2025
A joint advisory from CISA, FBI, and MS-ISAC reveals Medusa ransomware impacted over 300 US critical infrastructure organizations by February 2025. The advisory details mitigation ...
News
Critical FreeType Vulnerability Exploited in Attacks: Urgent Update Required
Andrew Doyle
March 14, 2025
Facebook disclosed a critical FreeType vulnerability (CVE-2025-27363), allowing arbitrary code execution. All versions up to 2.13 are affected; immediate updates are crucial.
News
Lazarus Group North Korean Hackers Infect Hundreds via Malicious npm Packages
Mitchell Langley
March 14, 2025
The Lazarus Group, a North Korean hacking collective, deployed six malicious npm packages, infecting hundreds of developers. The packages steal credentials and deploy backdoors.
News
Sunflower Medical Group Data Breach: Rhysida Ransomware Attack Exposes 220,968 Records
Andrew Doyle
March 14, 2025
Kansas' Sunflower Medical Group suffered a data breach impacting 220,968 individuals. The Rhysida ransomware group claimed responsibility for the incident in January.
News
Infostealer Malware Infects 26 Million Devices, Steals Bank Card Data and Passwords
Mitchell Langley
March 14, 2025
A devastating Infostealer malware campaign has compromised 26 million devices, stealing bank card details and passwords. Kaspersky's report highlights the scale of the threat.
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee
July 3, 2025
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle
May 12, 2025
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley
May 8, 2025
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
News
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
Mitchell Langley
July 4, 2025
News
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
Andrew Doyle
July 4, 2025
News
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
Mitchell Langley
July 4, 2025
News
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
Mitchell Langley
July 4, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
TikTok Fined €530M: GDPR Breach Over Data Transfers to China
May 5, 2025
The Irish Data Protection Commission (DPC) has fined TikTok a staggering €530 million ($601 million) for violating the GDPR by transferring European user data to ...
StealC Malware Upgraded With Advanced Data Theft and Stealth Capabilities
May 5, 2025
StealC malware receives major upgrade with advanced stealth, encryption, and data theft tools, including real-time Telegram alerts and full desktop screenshot capabilities.
Endor Labs Raises $93M to Cut AppSec Noise and Secure the Software Supply Chain
May 5, 2025
In this episode, we explore the security challenges of the AI-driven software era and how Endor Labs is reshaping application security for the modern development ...
UK Retailer Co-op Discloses Data Theft After DragonForce Ransomware Compromise
May 5, 2025
UK retailer Co-op has confirmed a data breach impacting millions, following a ransomware attack by DragonForce. Personal details were stolen, but no financial data.
U.S. Indicts Black Kingdom Ransomware Developer Behind 1,500 Microsoft Exchange Attacks
May 5, 2025
The U.S. has indicted a Yemeni national for operating Black Kingdom ransomware, targeting Microsoft Exchange servers in 1,500 global attacks demanding $10,000 in Bitcoin.
CVE-2025-3928: How One Vulnerability Breached Commvault’s Azure Stack
May 5, 2025
In this episode, we take a deep dive into CVE-2025-3928—a critical vulnerability in the Commvault Web Server that enables remote attackers to deploy and execute ...
Sodinokibi/REvil Ransomware: The Evasive Threat
May 5, 2025
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April 2019. Initially observed primarily in ...
beWanted Exposes Personal Data of 1.1 Million Job Seekers Across Europe and Latin America
May 5, 2025
Employment platform beWanted leaked over 1.1 million CVs containing names, ID numbers, contact details, and employment history.
Nova Scotia Power, a Canadian Utility, Breached: A Global Warning for Critical Infrastructure
May 2, 2025
On April 25, 2025, Nova Scotia Power, the province’s primary electricity provider, confirmed what many suspected: a cyber incident involving unauthorized access had compromised customer ...
SentinelOne Discloses Ongoing Attacks by Nation-State Hackers and Ransomware Gangs
May 2, 2025
In a rare move, SentinelOne has publicly confirmed that it is under persistent attack from nation-state threat actors and ransomware gangs. This episode breaks down ...
Nova Scotia Power Confirms Customer Data Compromised in Cyberattack
May 2, 2025
Nova Scotia Power confirms personal customer data was stolen in a cyberattack on April 25, though electricity services remain unaffected as the investigation continues.
OpenEoX and the Future of End-of-Life Standardization in IT
May 2, 2025
In this episode, we unpack the evolving landscape of Product Lifecycle Management (PLM) and why it’s become a strategic cornerstone in modern IT environments. From ...
Malicious PyPI Packages Exploit Gmail and WebSockets to Hijack Systems
May 2, 2025
Seven malicious PyPI packages exploited Gmail and WebSockets for remote command execution and data theft, with some packages downloaded over 18,000 times.
iHeartMedia Breach Exposes Personal Data Including SSNs and Passport Numbers
May 2, 2025
iHeartMedia confirmed a December data breach exposing names, Social Security, and passport numbers from local station systems. The company is offering identity theft protection.
Ascension Discloses Data Breach Affecting 5.6 Million Individuals
May 2, 2025
Ascension, a major U.S. healthcare provider, confirmed a ransomware breach affecting 5.6 million individuals, compromising medical, financial, and personal data.
Harrods Confirms Cyberattack Amid Growing Wave Targeting UK Retail Sector
May 2, 2025
Harrods joins M&S and Co-op as the latest UK retailer targeted in a cyberattack, prompting immediate security measures amid a surge in retail-focused intrusions.
LayerX Secures $45M Total to Battle Data Leaks, One Browser at a Time
April 30, 2025
LayerX just raised another $11 million — and it’s not to build another antivirus. With $45 million in total funding, the company is betting that ...
AirBorne: How a Zero-Click Bug Threatens Millions of Apple and Third-Party Devices
April 30, 2025
In this episode, we dive deep into AirBorne — a critical set of vulnerabilities in Apple’s AirPlay protocol and SDK, recently uncovered by security researchers ...
$10.5M to Fight AI-Phishing: The Rise of Pistachio’s Cybersecurity Training Platform
April 30, 2025
In this episode, we dive into the story of Pistachio, the Norwegian cybersecurity startup that just raised $7 million in new funding—bringing its total to ...
Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack
April 30, 2025
Hitachi Vantara shut down servers to contain an Akira ransomware attack that disrupted systems and led to stolen data across corporate and government-related operations.