Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Apple Patches Critical Vulnerabilities Across Multiple Platforms
CVE Vulnerability Alerts
Apple Patches Critical Vulnerabilities Across Multiple Platforms
Gabby Lee December 15, 2025
Apple releases crucial security patches for iOS, iPadOS, macOS, watchOS, and more, targeting two actively exploited vulnerabilities. Among these is CVE-2025-43529, a significant use-after-free flaw ...
CISA Alerts on Exploited Vulnerability in Sierra Wireless AirLink ALEOS Routers
CVE Vulnerability Alerts
CISA Alerts on Exploited Vulnerability in Sierra Wireless AirLink ALEOS Routers
Gabby Lee December 15, 2025
The U.S. Cybersecurity and Infrastructure Security Agency has added a flaw in Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities catalog. This follows ...
Germany Accuses Russia of Cyberattacks on Air Traffic Control and Election Interference
Cybersecurity
Germany Accuses Russia of Cyberattacks on Air Traffic Control and Election Interference
Mitchell Langley December 15, 2025
Germany has called in Russia's ambassador to address grave concerns about alleged cyberattacks on its air traffic control and a concurrent disinformation campaign designed to ...
Justice Department Alleges Misleading Compliance in Federal Audit Case
Cybersecurity
Justice Department Alleges Misleading Compliance in Federal Audit Case
Gabby Lee December 15, 2025
Accusations of deception rise as a former senior manager is sued for allegedly misleading the US government about the compliance status of a cloud platform ...
GeoServer Vulnerability Exploitation Facilitates External Entity Attacks
Endpoint Security
GeoServer Vulnerability Exploitation Facilitates External Entity Attacks
Andrew Doyle December 15, 2025
Attackers can exploit a flaw in GeoServer to define external entities within XML requests, resulting in critical security breaches. The vulnerability impacts data security, highlighting ...
MITRE Highlights XSS and SQL Injection as Top Software Vulnerabilities for 2025
Cybersecurity
MITRE Highlights XSS and SQL Injection as Top Software Vulnerabilities for 2025
Andrew Doyle December 15, 2025
MITRE's latest research identifies XSS, SQL injection, and CSRF as the primary software vulnerabilities in 2025, closely followed by buffer overflow issues and improper access ...
Shadow Spreadsheets' Stealthy Role in Data Security Risks
Data Security
Shadow Spreadsheets’ Stealthy Role in Data Security Risks
Mitchell Langley December 15, 2025
Employees using unauthorised spreadsheets for daily tasks may unknowingly introduce security risks. These "shadow spreadsheets" often lack oversight, leading to data exposure, version sprawl, and ...
New Wave of Phishing Kits Target Credential Theft at Scale
News
New Wave of Phishing Kits Target Credential Theft at Scale
Andrew Doyle December 15, 2025
Cybersecurity researchers analyze four new phishing kits, each with unique capabilities aimed at large-scale credential theft. BlackForce, GhostFrame, InboxPrime AI, and Spiderman introduce advanced tactics ...
Torrent Disguised as Leonardo DiCaprio Film Evades Detection Using Subtle Malware Delivery Technique
Cybersecurity
Torrent Disguised as Leonardo DiCaprio Film Evades Detection Using Subtle Malware Delivery Technique
Gabby Lee December 15, 2025
A fake torrent for the film 'One Battle After Another' employs a unique technique by embedding malicious PowerShell loaders in subtitle files, ultimately deploying Agent ...
Kali Linux Version 2025.4 Introduces New Hacking Tools and Improvements
Cybersecurity
Kali Linux Version 2025.4 Introduces New Hacking Tools and Improvements
Andrew Doyle December 15, 2025
Kali Linux 2025.4 marks the final update for the year, introducing new hacking tools, desktop environment improvements, and enhanced support for Wayland, alongside the preview ...
Fieldtex Ransomware Attack Akira Group Claims Responsibility
Cybersecurity
Fieldtex Ransomware Attack: Akira Group Claims Responsibility
Mitchell Langley December 15, 2025
The Akira ransomware group has claimed responsibility for the November cyberattack on Fieldtex Products, stating that 14 Gb of data was stolen. The breach potentially ...
Digital-only eVisa Scheme Faces Scrutiny Over Data Leaks and GDPR Concerns
Data Security
Digital-only eVisa Scheme Faces Scrutiny Over Data Leaks and GDPR Concerns
Gabby Lee December 15, 2025
The UK's digital-only eVisa scheme is under fire as civil society groups call for a data protection investigation. Concerns include systemic data errors and possible ...
Gladinet CentreStack Flaw A Widespread Threat to Organizations
Cybersecurity
Gladinet CentreStack Flaw: A Widespread Threat to Organizations
Andrew Doyle December 15, 2025
Cybersecurity teams are grappling with a new wave of attacks targeting a Gladinet CentreStack vulnerability, threatening multiple organizations globally.
PyStoreRAT New JavaScript-Based RAT Distributed via GitHub
Cybersecurity
PyStoreRAT: New JavaScript-Based RAT Distributed via GitHub
Mitchell Langley December 15, 2025
Cybersecurity experts uncover a new campaign using GitHub-hosted Python repositories to deploy PyStoreRAT, a JavaScript-based Remote Access Trojan. The threat disguises itself within repositories posing ...
Pentagon Pushes for Post-Quantum Cryptography Amid Rising Tech Tensions
Cybersecurity
Pentagon Pushes for Post-Quantum Cryptography Amid Rising Tech Tensions
Gabby Lee December 15, 2025
In a pivotal move, the Pentagon's directive to speed up the integration of post-quantum cryptography (PQC) technology comes amid heightened technical tensions. As the U.S. ...
New Cyber Threats Movie Downloads and Software Updates Under Siege
Cybersecurity
New Cyber Threats: Movie Downloads and Software Updates Under Siege
Mitchell Langley December 15, 2025
Cybersecurity incidents reveal a growing threat landscape as hackers infiltrate common online platforms, from movie downloads to browser extensions, leaving users vulnerable. Tech companies and ...
Zero-day Vulnerability in Gogs Leads to Hundreds of Compromised Servers
Cybersecurity
Zero-day Vulnerability in Gogs Leads to Hundreds of Compromised Servers
Andrew Doyle December 15, 2025
A zero-day vulnerability in Gogs, a well-known self-hosted Git service, has enabled attackers to execute remote code execution on numerous internet-facing instances, impacting hundreds of ...
Former Employee Faces Charges Over Alleged Cybersecurity Fraud DoD Compliance in Question
Cybersecurity
Former Employee Faces Charges Over Alleged Cybersecurity Fraud: DoD Compliance in Question
Mitchell Langley December 15, 2025
Danielle Hillmer, a former Accenture executive, is facing charges for allegedly misrepresenting the Department of Defense (DoD) compliance of a cloud platform used by her ...
Microsoft Expands Vulnerability Rewards Program to Third-Party Code
Cybersecurity
Microsoft Expands Vulnerability Rewards Program to Third-Party Code
Gabby Lee December 15, 2025
Microsoft's updated program rewards security researchers for finding critical vulnerabilities in Microsoft online services, including third-party code. The initiative aims to strengthen digital defenses and ...
Stealthy Campaign Targets Developers With Malicious VSCode Extensions
Application Security
Stealthy Campaign Targets Developers With Malicious VSCode Extensions
Andrew Doyle December 15, 2025
A stealth campaign has targeted developers using VSCode with 19 malware-infested extensions since February. Threat actors exploit the flexibility of VSCode extensions to distribute malicious ...
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Ghana, Senegal, Ivory Coast at the Center of Interpol’s Multi-Nation Cybercrime Takedown
September 29, 2025
Podcasts
Harrods Data Breach Exposes Customer Details in Third-Party Hack
September 29, 2025
Podcasts
Steam Game BlockBlasters Turns Malicious, Drains $150K in Crypto
September 23, 2025

Cyber Security News

New Vulnerability Affects Google’s Fast Pair Bluetooth Protocol
Cybersecurity
New Vulnerability Affects Google’s Fast Pair Bluetooth Protocol
January 18, 2026
New Attack Method, Reprompt, Poses Significant Risk to AI Chatbots
Cybersecurity
New Attack Method, Reprompt, Poses Significant Risk to AI Chatbots
January 18, 2026
Critical Security Vulnerabilities Redis Found at Risk of Unauthenticated RCE
Application Security
Critical Security Vulnerabilities: Redis Found at Risk of Unauthenticated RCE
January 18, 2026
AMD's ‘StackWarp’ Exploit Raises Concerns for Confidential Virtual Machines
Endpoint Security
AMD’s ‘StackWarp’ Exploit Raises Concerns for Confidential Virtual Machines
January 18, 2026
Visual Studio Code's Copilot Studio Extension Now Widely Available
Application Security
Visual Studio Code’s Copilot Studio Extension Now Widely Available
January 18, 2026
AWS CodeBuild Critical Security Flaw Exposed GitHub Repositories
Application Security
AWS CodeBuild Critical Security Flaw Exposed GitHub Repositories
January 18, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Germany Accuses Russia of Cyberattacks on Air Traffic Control and Election Interference
December 15, 2025
Germany has called in Russia's ambassador to address grave concerns about alleged cyberattacks on its air traffic control and a concurrent disinformation campaign designed to ...
Justice Department Alleges Misleading Compliance in Federal Audit Case
December 15, 2025
Accusations of deception rise as a former senior manager is sued for allegedly misleading the US government about the compliance status of a cloud platform ...
GeoServer Vulnerability Exploitation Facilitates External Entity Attacks
December 15, 2025
Attackers can exploit a flaw in GeoServer to define external entities within XML requests, resulting in critical security breaches. The vulnerability impacts data security, highlighting ...
MITRE Highlights XSS and SQL Injection as Top Software Vulnerabilities for 2025
December 15, 2025
MITRE's latest research identifies XSS, SQL injection, and CSRF as the primary software vulnerabilities in 2025, closely followed by buffer overflow issues and improper access ...
Shadow Spreadsheets’ Stealthy Role in Data Security Risks
December 15, 2025
Employees using unauthorised spreadsheets for daily tasks may unknowingly introduce security risks. These "shadow spreadsheets" often lack oversight, leading to data exposure, version sprawl, and ...
New Wave of Phishing Kits Target Credential Theft at Scale
December 15, 2025
Cybersecurity researchers analyze four new phishing kits, each with unique capabilities aimed at large-scale credential theft. BlackForce, GhostFrame, InboxPrime AI, and Spiderman introduce advanced tactics ...
Torrent Disguised as Leonardo DiCaprio Film Evades Detection Using Subtle Malware Delivery Technique
December 15, 2025
A fake torrent for the film 'One Battle After Another' employs a unique technique by embedding malicious PowerShell loaders in subtitle files, ultimately deploying Agent ...
Kali Linux Version 2025.4 Introduces New Hacking Tools and Improvements
December 15, 2025
Kali Linux 2025.4 marks the final update for the year, introducing new hacking tools, desktop environment improvements, and enhanced support for Wayland, alongside the preview ...
Fieldtex Ransomware Attack: Akira Group Claims Responsibility
December 15, 2025
The Akira ransomware group has claimed responsibility for the November cyberattack on Fieldtex Products, stating that 14 Gb of data was stolen. The breach potentially ...
Digital-only eVisa Scheme Faces Scrutiny Over Data Leaks and GDPR Concerns
December 15, 2025
The UK's digital-only eVisa scheme is under fire as civil society groups call for a data protection investigation. Concerns include systemic data errors and possible ...
Gladinet CentreStack Flaw: A Widespread Threat to Organizations
December 15, 2025
Cybersecurity teams are grappling with a new wave of attacks targeting a Gladinet CentreStack vulnerability, threatening multiple organizations globally.
PyStoreRAT: New JavaScript-Based RAT Distributed via GitHub
December 15, 2025
Cybersecurity experts uncover a new campaign using GitHub-hosted Python repositories to deploy PyStoreRAT, a JavaScript-based Remote Access Trojan. The threat disguises itself within repositories posing ...
Pentagon Pushes for Post-Quantum Cryptography Amid Rising Tech Tensions
December 15, 2025
In a pivotal move, the Pentagon's directive to speed up the integration of post-quantum cryptography (PQC) technology comes amid heightened technical tensions. As the U.S. ...
New Cyber Threats: Movie Downloads and Software Updates Under Siege
December 15, 2025
Cybersecurity incidents reveal a growing threat landscape as hackers infiltrate common online platforms, from movie downloads to browser extensions, leaving users vulnerable. Tech companies and ...
Zero-day Vulnerability in Gogs Leads to Hundreds of Compromised Servers
December 15, 2025
A zero-day vulnerability in Gogs, a well-known self-hosted Git service, has enabled attackers to execute remote code execution on numerous internet-facing instances, impacting hundreds of ...
Former Employee Faces Charges Over Alleged Cybersecurity Fraud: DoD Compliance in Question
December 15, 2025
Danielle Hillmer, a former Accenture executive, is facing charges for allegedly misrepresenting the Department of Defense (DoD) compliance of a cloud platform used by her ...
Microsoft Expands Vulnerability Rewards Program to Third-Party Code
December 15, 2025
Microsoft's updated program rewards security researchers for finding critical vulnerabilities in Microsoft online services, including third-party code. The initiative aims to strengthen digital defenses and ...
Stealthy Campaign Targets Developers With Malicious VSCode Extensions
December 15, 2025
A stealth campaign has targeted developers using VSCode with 19 malware-infested extensions since February. Threat actors exploit the flexibility of VSCode extensions to distribute malicious ...
CyberVolk’s Return: Unpacking the Pro-Russian Hacktivist’s Ransomware Resurgence
December 15, 2025
CyberVolk, a pro-Russian hacktivist group, resurfaces with new ransomware. Despite causing alarm, they inadvertently left a method for data recovery.
Cybercrime as a Service: The New Era of Subscription-Based Attacks
December 15, 2025
Cybercriminals have adopted a subscription-based model akin to SaaS, granting low-skill hackers easy access to potent tools. Phishing kits, OTP bots, infostealer logs, and RATs ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited