Main Menu
Cyber Security
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Autovista Battles Ransomware Attack Across Europe and Australia
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Basic-Fit Data Breach Exposes Personal Information of One Million Members
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
Adobe’s ColdFusion Vulnerabilities Pose a Major Threat Amid Broader Security Concerns
Microsoft Rolls Out Fast-Track Account Recovery for Windows Hardware Program Suspensions
Google Enhances Pixel Security with Rust-Based DNS Parser
US, UK, and Canadian Forces Execute Successful Anti-Cryptocurrency Theft Operation
Stolen Credentials and Zero Trust: Preventing Privilege Escalation in Security Breaches
Cybercriminals Use Ad Fraud With AI and SEO Tactics to Push Scareware
JanelaRAT: Continuing Threat to Latin American Financial Institutions
Information Theft Revolutionized: No Local Decryption in This Security Threat
Booking.com Confirms Unauthorized Access Compromising User Data
LinkedIn’s Browser Extension Draws Corporate Espionage Allegations
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Juniper Networks Addresses Critical Junos OS Vulnerabilities
GlassWorm Campaign Deploys New Zig Dropper to Target Developer IDEs
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
$100 Million AI Initiative Targets Hidden Vulnerabilities in Open Source Software
AI Browser Extensions Pose a Hidden Risk to Network Security
React Native's Metro Server Vulnerability A Growing Cyber Threat
Cybersecurity
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Andrew Doyle February 4, 2026
A critical flaw in React Native's Metro server is being exploited to propagate malware across Windows and Linux systems. The attacks, despite escalating in severity, ...
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
Cybersecurity
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
Mitchell Langley February 4, 2026
A coordinated reconnaissance campaign used thousands of proxies to target Citrix NetScaler, aiming to pinpoint login panels. This marks a substantial cyber concern due to ...
State-Sponsored Cyber Espionage Notepad++ Update Traffic Hijacked
Cybersecurity
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Gabby Lee February 4, 2026
Chinese hackers hijacked Notepad++ updates for months, claims the developer. State-sponsored involvement underlines cybersecurity challenges. Key details on tactics and duration shared.
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Cybersecurity
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Andrew Doyle February 4, 2026
Over 1,400 MongoDB servers, lacking secure access controls, have been seized by hackers who wiped data and left ransom notes. Cybercriminals demanded $500 in Bitcoin ...
Malicious VS Code Extensions Spread GlassWorm Loader
Application Security
Malicious VS Code Extensions Spread GlassWorm Loader
Mitchell Langley February 4, 2026
Hackers hijacked an account to publish harmful VS Code extensions, distributing the GlassWorm malware loader. This compromised open-source repositories impacting numerous users by embedding malicious ...
Surge in Fake Investment Platforms Exploiting Social Media
Cybersecurity
Surge in Fake Investment Platforms Exploiting Social Media
Gabby Lee February 4, 2026
High-yield investment platforms are exploiting unsuspecting investors with promises of high returns. These scams, often resembling Ponzi schemes, use social media, recycled scripts, and referral ...
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Cybersecurity
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Gabby Lee February 4, 2026
McDonald's is urging individuals to enhance their cybersecurity by creating more complex passwords. This comes in light of "Change Your Password Day," emphasizing the importance ...
Identity Challenges in User Data Storage and Security Maintenance
Cybersecurity
Identity Challenges in User Data Storage and Security Maintenance
Andrew Doyle February 4, 2026
The StopICE platform, focused on tracking immigration enforcement, faces scrutiny following claims of user data leaks instigated by a CBP agent. Learn about the complexities ...
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
CVE Vulnerability Alerts
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Mitchell Langley February 4, 2026
Russian hackers exploited CVE-2026-21509 vulnerability in Microsoft Office targeting Ukrainian systems. CERT Ukraine urges immediate security updates as exploitation risk persists.
Microsoft's Strategy to Eliminate NTLM in Favor of Kerberos
Application Security
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
Gabby Lee February 4, 2026
Microsoft outlines its plan to discontinue NTLM, pushing for Kerberos-based solutions due to NTLM's vulnerability to attacks. Their strategy aims at enhanced security for Windows ...
ClawHub's Third-Party Skills Security Risks User Data at Stake
Cybersecurity
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Gabby Lee February 4, 2026
A security audit of ClawHub has uncovered 341 malicious skills out of an examined total of 2,857, raising significant concerns about supply chain risks for ...
Firefox Introduces Options to Control AI Features
Application Security
Firefox Introduces Options to Control AI Features
Andrew Doyle February 4, 2026
Mozilla is responding to user concerns by allowing control over AI features in Firefox's next update. Users can choose to disable these features entirely or ...
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Application Security
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Mitchell Langley February 4, 2026
Microsoft confirms a shutdown bug in Windows 11 also affects Windows 10 with Virtual Secure Mode enabled, impacting system operations.
Increasing Threats from Automated Data Extortion Targeting MongoDB
Application Security
Increasing Threats from Automated Data Extortion Targeting MongoDB
Gabby Lee February 4, 2026
A threat actor has launched automated attacks on MongoDB databases, exploiting weak security to extort low ransoms from victims for data restoration. This situation highlights ...
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Cybersecurity
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Andrew Doyle February 4, 2026
Apple's new privacy feature allows users to reduce the precision of location data shared with networks, bolstering privacy on select iPhone and iPad models. This ...
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Application Security
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Mitchell Langley February 4, 2026
Ivanti has addressed two zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) following warnings from security experts about their active exploitation, raising significant threats to ...
Global Cloud Storage Scam Emails Threaten Users With False Data Deletion Alerts
News
Global Cloud Storage Scam Emails Threaten Users With False Data Deletion Alerts
Mitchell Langley February 4, 2026
A widespread phishing campaign has emerged, tricking users with fake alerts about impending deletion of their cloud storage files due to alleged payment failures. The ...
RedKitten Campaign Targets NGOs Amid Iranian Unrest
News
RedKitten Campaign Targets NGOs Amid Iranian Unrest
Mitchell Langley February 4, 2026
A group likely linked to Iranian state interests, RedKitten, targets NGOs working on human rights documentation. This activity arose during the nationwide unrest in Iran.
Targeted Vishing Attacks Amplify ShinyHunters's SaaS Data Breaches
News
Targeted Vishing Attacks Amplify ShinyHunters’s SaaS Data Breaches
Gabby Lee February 4, 2026
ShinyHunters group intensifies SaaS data breaches, leveraging voice phishing and custom phishing sites to harvest SSO credentials and tap multi-factor authentication.
Instagram's Privacy Controls Data Exposure Review of Recent Findings
Application Security
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Andrew Doyle February 4, 2026
A researcher found that Instagram's private accounts were not as secure as users believed, exposing photo links to unauthorized visitors. Despite the issue being fixed, ...
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
CVE Vulnerability Alerts
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Mitchell Langley April 16, 2026
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Application Security
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Gabby Lee April 16, 2026
Autovista Battles Ransomware Attack Across Europe and Australia
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
Gabby Lee April 16, 2026
JanelaRAT - Continuing Threat to Latin American Financial Institutions
Cybersecurity
JanelaRAT: Continuing Threat to Latin American Financial Institutions
Mitchell Langley April 14, 2026

TOP CYBERSECURITY HEADLINES

Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Cybersecurity
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Autovista Battles Ransomware Attack Across Europe and Australia
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
Cybersecurity
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws

This Week’s Security Spotlight

Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Andrew Doyle April 16, 2026
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Cybersecurity
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Gabby Lee April 16, 2026
France's Rising Kidnapping Cases Amid Crypto Extortion Schemes
Cybersecurity
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Mitchell Langley April 16, 2026
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Application Security
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Andrew Doyle April 14, 2026
More In News
Trending
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Bogus Traffic Violation Text Scam Targeting Americans
EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Ghana, Senegal, Ivory Coast at the Center of Interpol’s Multi-Nation Cybercrime Takedown
September 29, 2025
Podcasts
Harrods Data Breach Exposes Customer Details in Third-Party Hack
September 29, 2025
Podcasts
Steam Game BlockBlasters Turns Malicious, Drains $150K in Crypto
September 23, 2025

Cyber Security News

Iranian Hackers Breach FBI Director's Personal Email Account
Cybersecurity
Iranian Hackers Breach FBI Director’s Personal Email Account
March 31, 2026
European Commission Responds to Cloud Infrastructure Cyberattack
Cybersecurity
European Commission Responds to Cloud Infrastructure Cyberattack
March 31, 2026
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
Application Security
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
March 31, 2026
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
Cybersecurity
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
March 31, 2026
CareCloud Responds to a Potential Data Security Breach
Cybersecurity
CareCloud Responds to a Potential Data Security Breach
March 31, 2026
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
Cybersecurity
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
March 31, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
February 4, 2026
Over 1,400 MongoDB servers, lacking secure access controls, have been seized by hackers who wiped data and left ransom notes. Cybercriminals demanded $500 in Bitcoin ...
Malicious VS Code Extensions Spread GlassWorm Loader
February 4, 2026
Hackers hijacked an account to publish harmful VS Code extensions, distributing the GlassWorm malware loader. This compromised open-source repositories impacting numerous users by embedding malicious ...
Surge in Fake Investment Platforms Exploiting Social Media
February 4, 2026
High-yield investment platforms are exploiting unsuspecting investors with promises of high returns. These scams, often resembling Ponzi schemes, use social media, recycled scripts, and referral ...
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
February 4, 2026
McDonald's is urging individuals to enhance their cybersecurity by creating more complex passwords. This comes in light of "Change Your Password Day," emphasizing the importance ...
Identity Challenges in User Data Storage and Security Maintenance
February 4, 2026
The StopICE platform, focused on tracking immigration enforcement, faces scrutiny following claims of user data leaks instigated by a CBP agent. Learn about the complexities ...
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
February 4, 2026
Russian hackers exploited CVE-2026-21509 vulnerability in Microsoft Office targeting Ukrainian systems. CERT Ukraine urges immediate security updates as exploitation risk persists.
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
February 4, 2026
Microsoft outlines its plan to discontinue NTLM, pushing for Kerberos-based solutions due to NTLM's vulnerability to attacks. Their strategy aims at enhanced security for Windows ...
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
February 4, 2026
A security audit of ClawHub has uncovered 341 malicious skills out of an examined total of 2,857, raising significant concerns about supply chain risks for ...
Firefox Introduces Options to Control AI Features
February 4, 2026
Mozilla is responding to user concerns by allowing control over AI features in Firefox's next update. Users can choose to disable these features entirely or ...
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
February 4, 2026
Microsoft confirms a shutdown bug in Windows 11 also affects Windows 10 with Virtual Secure Mode enabled, impacting system operations.
Increasing Threats from Automated Data Extortion Targeting MongoDB
February 4, 2026
A threat actor has launched automated attacks on MongoDB databases, exploiting weak security to extort low ransoms from victims for data restoration. This situation highlights ...
Apple Enhances Location Privacy With New Feature for iPhone and iPad
February 4, 2026
Apple's new privacy feature allows users to reduce the precision of location data shared with networks, bolstering privacy on select iPhone and iPad models. This ...
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
February 4, 2026
Ivanti has addressed two zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) following warnings from security experts about their active exploitation, raising significant threats to ...
Global Cloud Storage Scam Emails Threaten Users With False Data Deletion Alerts
February 4, 2026
A widespread phishing campaign has emerged, tricking users with fake alerts about impending deletion of their cloud storage files due to alleged payment failures. The ...
RedKitten Campaign Targets NGOs Amid Iranian Unrest
February 4, 2026
A group likely linked to Iranian state interests, RedKitten, targets NGOs working on human rights documentation. This activity arose during the nationwide unrest in Iran.
Targeted Vishing Attacks Amplify ShinyHunters’s SaaS Data Breaches
February 4, 2026
ShinyHunters group intensifies SaaS data breaches, leveraging voice phishing and custom phishing sites to harvest SSO credentials and tap multi-factor authentication.
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
February 4, 2026
A researcher found that Instagram's private accounts were not as secure as users believed, exposing photo links to unauthorized visitors. Despite the issue being fixed, ...
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
February 4, 2026
A federal jury recently found Linwei Ding, an ex-Google software engineer, guilty of misappropriating AI supercomputer project data for Chinese tech companies. This case highlights ...
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
February 4, 2026
Hackers breached an update server at MicroWorld Technologies, delivering malware to customers through eScan Antivirus software. This supply chain attack exposed vulnerabilities within the software's ...
Revelations from Epstein Files: Allegations of a “Personal Hacker”
February 4, 2026
A Justice Department document, recently disclosed, reveals that in 2017, Jeffrey Epstein was alleged to have a "personal hacker," linked to his network.
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Autovista Battles Ransomware Attack Across Europe and Australia
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Basic-Fit Data Breach Exposes Personal Information of One Million Members
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
Adobe’s ColdFusion Vulnerabilities Pose a Major Threat Amid Broader Security Concerns
Microsoft Rolls Out Fast-Track Account Recovery for Windows Hardware Program Suspensions
Cyberwarfare Within the Underground: Ransomware Gangs Clash
Google Enhances Pixel Security with Rust-Based DNS Parser
US, UK, and Canadian Forces Execute Successful Anti-Cryptocurrency Theft Operation
Stolen Credentials and Zero Trust: Preventing Privilege Escalation in Security Breaches