Cyber Security
Cybersecurity
Nissan Confirms Data Breach at Creative Box After Qilin Ransomware Attack
Mitchell Langley
August 28, 2025
Nissan has confirmed a data breach at its Tokyo-based subsidiary, Creative Box Inc. (CBI), following unauthorized access on August 16, 2025. The Qilin ransomware group ...
Resources
Gunra Ransomware: Tactics, Victims, and Threat Intelligence
Gabby Lee
August 28, 2025
Gunra is a double-extortion ransomware group, active since April 2025, leveraging leaked Conti code for high-speed, cross-platform attacks. With victims spanning healthcare, manufacturing, and IT, ...
Blog
Australia Faces Rising Wave of AI-Driven Cyber Threats in 2025
Andrew Doyle
August 28, 2025
Australia is facing a surge in AI-driven cyberattacks, from deepfake phishing and malware development to supply chain compromises. With over 70 major incidents in 2025 ...
CVE Vulnerability Alerts
CISA Expands Known Exploited Vulnerabilities Catalog: 47 New Threats Identified
Mitchell Langley
August 28, 2025
CISA has added 47 new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog in 2025, including flaws in SharePoint, Google Chromium, and Cisco devices. The ...
Cybersecurity
Arizona Seeks $10M to Bolster Election Cybersecurity: Post-Attack Response Plan
Gabby Lee
August 28, 2025
A cyberattack on Arizona’s election portal, linked to Iranian-affiliated actors, has spurred calls for $10 million in cybersecurity funding and $3.5 million annually. Secretary of ...
Application Security
Microsoft Patches Teams Vulnerability: Critical Fix Against Remote Code Risks
Mitchell Langley
August 28, 2025
Microsoft has patched CVE-2025-53783, a heap-based buffer overflow in Teams that enables remote code execution across desktop, mobile, and hardware devices. Though exploitation requires social ...
Cybersecurity
Apple Patches Zero-Day Exploit: Immediate Fix for CVE-2025-43300 Threat
Andrew Doyle
August 28, 2025
Apple has released emergency patches for CVE-2025-43300, a zero-day flaw in the Image I/O framework enabling remote code execution via malicious images. Actively exploited in ...
News
APT36 Hackers Abuse Linux to Deliver Malware in Espionage Attacks
Gabby Lee
August 28, 2025
APT36 (Transparent Tribe) is exploiting Linux .desktop files in a new espionage campaign against Indian defense and government targets. Disguised as PDFs, these droppers fetch ...
Application Security
Google to Verify Android Developers: A New Era in App Security Emerges
Mitchell Langley
August 27, 2025
Google is rolling out its Developer Verification program, requiring all Android developers—inside and outside the Play Store—to verify their identity by 2027. The policy aims ...
Data Security
Okta Raises Annual Forecasts Amid Surging Demand for Cybersecurity Tools
Gabby Lee
August 27, 2025
Okta has lifted its fiscal 2026 revenue forecast after reporting strong Q2 results, driven by soaring demand for identity verification tools. As AI-powered impersonation attacks ...
Blog
The Dual Role of AI in Cybersecurity: Weapon and Shield
Mitchell Langley
August 26, 2025
AI hacking has moved from speculation to reality, enabling deepfake phishing, automated malware, and large-scale social engineering. While defenders deploy AI for detection and response, ...
Blog
FraudGPT, WormGPT, and Dark AI Models Fuel Surge in Cybercrime
Gabby Lee
August 26, 2025
Malicious AI models like FraudGPT, WormGPT, and PoisonGPT are reshaping cybercrime, enabling scalable phishing, malware generation, and disinformation. Unlike mainstream LLMs, these blackhat tools strip ...
Blog
The Imperative for a New Cyber Defense Playbook
Mitchell Langley
August 26, 2025
Traditional cybersecurity models are failing against AI-driven threats, workforce fatigue, and complex tool sprawl. From adaptive malware and deepfake phishing to poorly governed machine identities, ...
News
UpCrypter Phishing Campaign Exploits Fake Emails to Deliver RAT Payloads
Gabby Lee
August 26, 2025
A new phishing campaign is distributing the UpCrypter malware loader through fake voicemail and purchase order emails. Targeting industries worldwide, UpCrypter delivers multiple remote access ...
Cybersecurity
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
Mitchell Langley
August 26, 2025
Senator Ron Wyden is urging an independent review of federal court cybersecurity after breaches exposed sealed case files. Citing outdated systems and weak defenses, he ...
Cybersecurity
Nevada State Offices Shut Down Amid Major Network Security Incident
Gabby Lee
August 26, 2025
Nevada’s state government was forced to suspend in-person services and shut down major websites after a large-scale network security incident on August 25, 2025. Early ...
Application Security
Android Malware Masquerades as FSB Antivirus To Spy on Russian Business Executives
Andrew Doyle
August 25, 2025
A fake FSB antivirus hides Android malware spying on Russian executives, logging keystrokes, streaming cameras, exfiltrating messenger data, and rotating providers for command and control.
Cybersecurity
Orange Suffers Data Breach Affecting 850k Customers
Mitchell Langley
August 25, 2025
Orange Belgium reports a cyberattack exposing SIM details, PUK codes, names, phone numbers, and tariff plans for 850,000 customers; no financial data or passwords were ...
Cybersecurity
Michigan Health System Hack Exposes Patients’ Lab Results in Healthcare Data Breach
Andrew Doyle
August 25, 2025
Aspire Rural Health Systems suffered a major healthcare data breach, exposing nearly 140,000 patients’ records — including lab results, financial data, and personal identifiers.
Cybersecurity
Gmail Breach Exposes 2.5 Billion Accounts in Social Engineering Attack
Andrew Doyle
August 25, 2025
Google confirmed a massive breach exposing 2.5 billion Gmail accounts, with hacker group ShinyHunters exploiting Salesforce access through social engineering and launching large-scale phishing and ...
Cybersecurity
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
Gabby Lee
August 28, 2025
Cybersecurity
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Andrew Doyle
August 28, 2025
News
Inotiv Ransomware Attack Disrupts Operations After Qilin Claims 176GB Data Theft
Gabby Lee
August 19, 2025
TOP CYBERSECURITY HEADLINES
Cybersecurity
PromptLock Ransomware Uses AI to Encrypt and Steal Data
Application Security
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
This Week’s Security Spotlight
Cybersecurity
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
Mitchell Langley
August 26, 2025
Cybersecurity
Gmail Breach Exposes 2.5 Billion Accounts in Social Engineering Attack
Andrew Doyle
August 25, 2025
Cybersecurity
Researcher Harvests 270k Employee Records Exploiting Intel Flaw
Mitchell Langley
August 19, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Detection Tools
Farmers Insurance Data Breach Impacts 1.1 Million Customers in Salesforce Cyberattack
August 28, 2025
Farmers Insurance confirmed a third-party vendor database was breached on May 29, exposing PII for 1,111,386 customers in the wider Salesforce data theft campaign.
AI Summary Injection Turns Summaries into Malware Delivery
August 28, 2025
Researchers show attackers hide malicious payloads in HTML using CSS obfuscation and prompt overdose so AI summaries output malware instructions that lead to ransomware execution.
Nissan Confirms Data Breach at Creative Box After Qilin Ransomware Attack
August 28, 2025
Nissan has confirmed a data breach at its Tokyo-based subsidiary, Creative Box Inc. (CBI), following unauthorized access on August 16, 2025. The Qilin ransomware group ...
Gunra Ransomware: Tactics, Victims, and Threat Intelligence
August 28, 2025
Gunra is a double-extortion ransomware group, active since April 2025, leveraging leaked Conti code for high-speed, cross-platform attacks. With victims spanning healthcare, manufacturing, and IT, ...
Australia Faces Rising Wave of AI-Driven Cyber Threats in 2025
August 28, 2025
Australia is facing a surge in AI-driven cyberattacks, from deepfake phishing and malware development to supply chain compromises. With over 70 major incidents in 2025 ...
CISA Expands Known Exploited Vulnerabilities Catalog: 47 New Threats Identified
August 28, 2025
CISA has added 47 new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog in 2025, including flaws in SharePoint, Google Chromium, and Cisco devices. The ...
Arizona Seeks $10M to Bolster Election Cybersecurity: Post-Attack Response Plan
August 28, 2025
A cyberattack on Arizona’s election portal, linked to Iranian-affiliated actors, has spurred calls for $10 million in cybersecurity funding and $3.5 million annually. Secretary of ...
Microsoft Patches Teams Vulnerability: Critical Fix Against Remote Code Risks
August 28, 2025
Microsoft has patched CVE-2025-53783, a heap-based buffer overflow in Teams that enables remote code execution across desktop, mobile, and hardware devices. Though exploitation requires social ...
Apple Patches Zero-Day Exploit: Immediate Fix for CVE-2025-43300 Threat
August 28, 2025
Apple has released emergency patches for CVE-2025-43300, a zero-day flaw in the Image I/O framework enabling remote code execution via malicious images. Actively exploited in ...
APT36 Hackers Abuse Linux to Deliver Malware in Espionage Attacks
August 28, 2025
APT36 (Transparent Tribe) is exploiting Linux .desktop files in a new espionage campaign against Indian defense and government targets. Disguised as PDFs, these droppers fetch ...
Silk Typhoon’s Fake Adobe Update: How China-Backed Hackers Target Diplomats
August 27, 2025
A new and highly sophisticated cyber espionage campaign attributed to Silk Typhoon—also known as Mustang Panda, TEMP.Hex, or UNC6384—has been uncovered, targeting diplomats and government ...
FTC Warns Tech Giants: Don’t Weaken Encryption for Foreign Governments
August 27, 2025
The fight over encryption has entered a new phase. The Federal Trade Commission (FTC), led by Chairman Andrew Ferguson, has issued a strong warning to ...
Invisible Prompts: How Image Scaling Attacks Break AI Security
August 27, 2025
Researchers have uncovered a new form of indirect prompt injection that leverages a simple but powerful trick: image scaling. This novel attack involves hiding malicious ...
Google to Verify Android Developers: A New Era in App Security Emerges
August 27, 2025
Google is rolling out its Developer Verification program, requiring all Android developers—inside and outside the Play Store—to verify their identity by 2027. The policy aims ...
Healthcare Services Group Breach Exposes 624,000 Individuals’ Sensitive Data
August 27, 2025
The healthcare sector has been rocked yet again by a massive cybersecurity incident. Healthcare Services Group (HCSG), a provider of dining and laundry services to ...
Okta Raises Annual Forecasts Amid Surging Demand for Cybersecurity Tools
August 27, 2025
Okta has lifted its fiscal 2026 revenue forecast after reporting strong Q2 results, driven by soaring demand for identity verification tools. As AI-powered impersonation attacks ...
Auchan Data Breach: Hundreds of Thousands of Loyalty Accounts Compromised
August 27, 2025
French retail giant Auchan has confirmed a massive data breach that compromised the personal details of hundreds of thousands of customers. The stolen data includes ...
Docker Desktop Vulnerability: Why Containers Aren’t as Safe as You Think
August 26, 2025
A critical vulnerability in Docker Desktop, CVE-2025-9074, has shaken the container security world. Scoring 9.3 on the CVSS scale, this flaw exposed an unauthenticated Docker ...
Arch Linux Website, Forums, and AUR Targeted in Sustained Cyber Assault
August 26, 2025
The Arch Linux community has just endured more than a week of turbulence as a massive distributed denial-of-service (DDoS) attack disrupted its most critical services, ...
Data I/O Ransomware Attack: Supply Chain Cybersecurity in Crisis
August 26, 2025
Cyberattacks against supply chains are no longer isolated disruptions—they are systemic threats with the power to cascade across industries and nations. The recent ransomware attack ...