Cyber Security
News
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
EDRi is calling for a full ban on spyware in the EU, warning that unchecked surveillance software threatens human rights, democratic institutions, and cybersecurity.
News
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
Several Washington Post journalists’ Microsoft email accounts were compromised in a cyberattack believed to be the work of a foreign government targeting national security reporting. ...
News
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
Cybercriminals are now targeting the U.S. insurance sector with Scattered Spider-style tactics—experts warn of imminent threats involving phishing, SIM swapping, and MFA abuse.
News
Zoomcar Confirms Data Breach Impacting 8.4 Million Users Following Threat Actor Alert
Zoomcar has confirmed a cybersecurity breach affecting 8.4 million users, exposing names, contact details, and vehicle data—but not financial information or passwords.
News
Hackers Claim Breach of Scania’s Corporate Insurance Arm, 34,000 Files Allegedly Stolen
Hackers claim to have breached Scania’s corporate insurance arm, stealing 34,000 internal files. The targeted platform remains offline, citing maintenance.
News
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
A ransomware attack forced Germany’s century-old napkin manufacturer Fasana into insolvency, halting production, delaying salaries, and causing losses over €2 million in two weeks.
Cybersecurity
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
Hackers have claimed to leak a database containing 64 million records linked to T-Mobile, one of the largest mobile carriers ...
News
Debt Collection Breach at CCC Exposes Data of Over 9 Million Americans
A cyberattack on Credit Control Corporation exposed data of 9.1 million Americans, including personal and financial records. Attackers may exploit the information for targeted scams. ...
News
Yes24 Ransomware Attack Disrupts South Korea’s Entertainment Industry, Exposes Millions to Risk
A ransomware attack on Yes24, South Korea’s leading ticket platform, brought services to a halt, disrupted major K-pop events, and triggered fears over customer data ...
News
Cyberattack Disrupts WestJet Internal Systems, Airline Investigating with Authorities
A cyberattack on Canada’s second-largest airline, WestJet, disrupted internal systems and app access, prompting an ongoing investigation involving law enforcement and transport authorities.
News
Over 46,000 Grafana Instances Still Vulnerable to ‘Grafana Ghost’ Account Takeover Bug
A critical vulnerability in Grafana leaves over 46,000 internet-facing instances exposed to account hijacking and JavaScript injection through malicious plugin redirects.
News
Victoria’s Secret Restores Critical Systems Following Cyberattack That Delayed Q1 Earnings
Victoria’s Secret confirms full restoration of core systems after a May cyberattack disrupted corporate operations and forced a delay in the company’s Q1 earnings release. ...
News
Graphite Spyware Used in Zero-Click iOS Attacks on European Journalists
Citizen Lab confirms Paragon’s Graphite spyware exploited an iOS zero-day to launch zero-click attacks on European journalists through iMessage without any user interaction.
News
Password-Spraying Campaign Hits Over 80,000 Microsoft Entra ID Accounts with TeamFiltration Tool
Threat actor UNK_SneakyStrike used TeamFiltration to launch password-spraying attacks on over 80,000 Microsoft Entra ID accounts across hundreds of global organizations.
News
Hackers Claim 64 Million T-Mobile Records Leaked Online
Hackers claim to have leaked 64 million T-Mobile records online, including sensitive personal and device data. The breach may contain new data unseen in past ...
News
Qilin Ransomware Claims Asefa Attack: 210GB of Data Leaked Including FC Barcelona Insurance Files
Qilin ransomware group claims to have stolen 210GB of sensitive data from Spanish insurer Asefa, including internal documents and a Camp Nou insurance plan.
News
Spyware Scandal Expands as Second Italian Journalist Targeted with Paragon Surveillance Tool
Citizen Lab confirms Paragon spyware targeted a second journalist at Fanpage, deepening Italy’s political surveillance controversy and raising new concerns over investigative oversight.
News
Food Delivery App GonnaOrder Leaked Customer Names, Addresses, and Order Info for Nearly Two Years
A misconfigured Kafka Broker on GonnaOrder’s platform exposed customer names, phone numbers, and delivery details across Europe from August 2022 to May 2025.
News
Ransomware Attack on Mastery Schools Exposes Thousands of Sensitive Records, Including Credit Card and Biometric Data
A ransomware breach at Mastery Schools in Philadelphia exposed sensitive personal and financial records, affecting over 37,000 individuals including students, staff, and families.
News
Headero App Data Leak Exposes Over Four Million Sensitive User Records, Including GPS and Sexual Preferences
A misconfigured database tied to the Headero dating app exposed over four million sensitive user records, including GPS coordinates, explicit chat logs, and STD statuses. ...
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
Inside the 16 Billion Credential Leak: The Infostealer Engine Behind the Biggest Breach Yet
In this episode, we break down the true scale and mechanics behind the largest credential leak ever recorded—over 16 billion login credentials, most of them ...
Over 1,500 Minecraft Users Infected in Stargazers Ghost Malware Campaign
A malware distribution network hiding in plain sight — on GitHub. This episode unpacks the Stargazers Ghost Network, a massive Distribution-as-a-Service (DaaS) infrastructure run by ...
Oxford City Council Breach Exposes 21 Years of Data
State and local governments are under cyber siege. In this episode, we break down how and why these public institutions have become top targets for ...
Weaponized GitHub Repositories: How Banana Squad and Water Curse Are Hitting Devs
Cybercriminals are increasingly turning GitHub into a malware distribution network. In this episode, we unpack two of the most alarming recent campaigns: Water Curse and ...
Chain IQ Breach Exposes UBS & Pictet Employee Data: A Supply Chain Failure
A single vendor was compromised — and suddenly, internal records from UBS, Pictet, Manor, and Implenia were leaked. The Chain IQ cyberattack is a textbook ...
Citrix NetScaler Flaws Expose Enterprise Networks: CVE-2025-5349 & CVE-2025-5777
Two newly disclosed critical vulnerabilities—CVE-2025-5349 and CVE-2025-5777—have put Citrix NetScaler ADC and Gateway deployments at serious risk, exposing enterprise environments to potential data breaches and ...
GerriScary: How CVE-2025-1568 Threatened Google’s Open-Source Supply Chain
CVE-2025-1568, dubbed “GerriScary”, has shaken the open-source ecosystem by exposing a fundamental weakness in Google’s Gerrit code review system—one that could have enabled attackers to ...
Cisco & Atlassian Under Fire: High-Severity Flaws and What’s at Risk
Cisco and Atlassian have both released urgent security advisories in response to newly discovered high-severity vulnerabilities—and the implications are serious. Cisco’s firmware flaws impact Meraki ...
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
A key figure behind Ryuk ransomware’s initial network intrusions has been extradited to the U.S., marking a major step in global efforts against ransomware operations. ...
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
A data breach at Episource has compromised the personal and medical information of over 5.4 million individuals in a targeted January 2025 cyberattack.
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
Veeam patched a critical RCE flaw (CVE-2025-23121) allowing domain users to hijack backup servers, risking ransomware exploitation in misconfigured enterprise environments.
Predatory Sparrow Drains and Burns $90M in Cyberattack on Iran’s Nobitex Exchange
Predatory Sparrow claims responsibility for a politically motivated cyberattack on Iran’s Nobitex exchange, draining and burning over $90 million in unusable cryptocurrency.
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
BeyondTrust patched a critical vulnerability (CVE-2025-5309) in its Remote Support software that allowed unauthenticated attackers to gain full remote code execution on servers.
Double Extortion, Biometric Data, and Donuts: How Play Ransomware Hit Krispy Kreme
A deep dive into one of the most aggressive ransomware groups operating today—Play—and their latest high-profile target: Krispy Kreme. Operating since 2022, the Play ransomware ...
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
China-backed Salt Typhoon breached Viasat in a broader espionage campaign against U.S. telecoms ahead of the 2024 election, targeting both government and private networks.
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
A World Leaks ransomware attack on Freedman Healthcare may expose over 42,000 sensitive files. The health tech firm supports data systems for 27 U.S. state ...
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
CISA warns of active exploitation targeting outdated TP-Link routers with command injection flaws. Users and federal agencies must act fast to avoid security breaches.
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
Scattered Spider may have pivoted from retail to insurance, with Erie Indemnity likely its first U.S. victim. Experts urge insurers to prepare for advanced phishing ...
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
EDRi is calling for a full ban on spyware in the EU, warning that unchecked surveillance software threatens human rights, democratic institutions, and cybersecurity.
Archetyp Market Seized: €250M Drug Empire Toppled by Operation Deep Sentinel
In this episode, we unpack the dramatic takedown of Archetyp Market, a darknet marketplace that dominated the online drug trade since its launch in May ...