Cyber Security
Ransomware-as-a-Service (RaaS): The Industrialization of Cybercrime and What Enterprises Must Do
Why is Activity Logging Crucial for Detecting Cyberattacks
Say Goodbye to Manual Identity Processes and Hello to Scalable IAM Automation
The Role of a Cyber Security Specialist in Building Cyber Resilience and Modern Defense Strategies
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
Why External Attack Surface Management Belongs at the Core of Your Cybersecurity Strategy
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Chinese Espionage Groups Target SharePoint Servers in Large-Scale Exploitation Campaigns
News
Chinese Espionage Groups Target SharePoint Servers in Large-Scale Exploitation Campaigns
Microsoft links SharePoint attacks to three Chinese espionage groups, urging immediate patching as critical vulnerabilities enable full server compromise without authentication.
Interlock Ransomware Escalates Attacks on North America and Europe, Warns CISA
News
Interlock Ransomware Escalates Attacks on North America and Europe, Warns CISA
CISA and FBI warn that Interlock ransomware is accelerating attacks across North America and Europe, targeting healthcare and critical infrastructure with advanced RATs and extortion ...
Scammers Exploit Net Financing and Corporate Identities to Steal High-Value Tech Equipment
News
Scammers Exploit Net Financing and Corporate Identities to Steal High-Value Tech Equipment
Scammers posing as real businesses use stolen corporate identities and net financing to order expensive equipment—vanishing with goods before invoices come due.
AMEOS Healthcare Network Confirms Cyberattack, Patient and Employee Data Potentially Exposed
News
AMEOS Healthcare Network Confirms Cyberattack, Patient and Employee Data Potentially Exposed
AMEOS Group, a leading healthcare provider in Central Europe, has confirmed a data breach affecting patients, employees, and partners. Investigation and containment measures are ongoing. ...
Naval Group Suffers Cyberattack: Hackers Claim Access to French Warship Combat Systems
News
Naval Group Suffers Cyberattack: Hackers Claim Access to French Warship Combat Systems
Naval Group, France’s top warship builder, is allegedly breached by hackers claiming access to combat systems source code, raising serious national security concerns.
Ransomware Attack Destroys 158-Year-Old Firm After Weak Password Breach
News
Ransomware Attack Destroys 158-Year-Old Firm After Weak Password Breach
A weak employee password allowed ransomware hackers to cripple 158-year-old logistics firm KNP, causing 700 job losses and highlighting the growing threat of ransomware attacks. ...
Veeam Recovery Orchestrator Locks Out Users After MFA Rollout in Faulty Update
News
Veeam Recovery Orchestrator Locks Out Users After MFA Rollout in Faulty Update
Veeam Recovery Orchestrator's latest update causes user lockouts after enabling MFA. A fix is available, but affected users must contact support for remediation.
California Engineer Admits to Stealing U.S. Missile Detection Secrets for China
News
California Engineer Admits to Stealing U.S. Missile Detection Secrets for China
A California engineer admitted to stealing top-secret U.S. missile tracking technology and funneling it to China, exposing a deep insider espionage operation.
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
News
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
A backend glitch at Ring caused customers to see unknown devices logged into their accounts, but Amazon insists there’s been no security breach or unauthorized ...
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
News
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
A bug in ExpressVPN's Windows client leaked real IP addresses during RDP sessions. The issue, now fixed, affected traffic over port 3389 outside the VPN ...
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
News
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
Dior is alerting U.S. customers about a data breach that exposed personal data. The cyberattack, linked to ShinyHunters, targeted LVMH brands via a third-party vendor. ...
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
News
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
Arch Linux pulled three AUR packages after discovering they delivered Chaos RAT malware through a malicious GitHub script, compromising Linux systems via community-sourced PKGBUILD files. ...
New CrushFTP Zero-Day Exploit Enables Admin Access on Unpatched Servers
News
New CrushFTP Zero-Day Exploit Enables Admin Access on Unpatched Servers
CrushFTP warns of an actively exploited zero-day vulnerability (CVE-2025-54309) allowing full admin access via web interface on unpatched servers running outdated builds.
Widespread Cyberattack Exploits Microsoft SharePoint Zero-Day, Hits U.S. Agencies and Global Targets
News
Widespread Cyberattack Exploits Microsoft SharePoint Zero-Day, Hits U.S. Agencies and Global Targets
Hackers exploited a zero-day in Microsoft SharePoint, breaching U.S. agencies, global businesses, and universities before patches were issued. Some breaches include loss of critical data. ...
Weekly Cybersecurity Newsletter: 14th to 18th August
Cybersecurity Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
News
BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
BigONE cryptocurrency exchange suffered a $27 million breach involving its hot wallet. While user funds are safe, blockchain forensics reveal ongoing laundering of stolen assets. ...
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
News
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
LameHug malware uses an AI language model to craft system commands on the fly, targeting Windows machines in attacks linked to Russian-backed APT28.
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
News
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
Luxury fashion house Louis Vuitton confirmed that recent customer data breaches in the UK, South Korea, and Turkey all trace back to a single cyberattack ...
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
News
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
A critical Cisco ISE vulnerability (CVE-2025-20337) exposes systems to remote code execution and root access. Enterprises must upgrade to Patch 7 or Patch 2 immediately. ...
Chinese APT Group Salt Typhoon Breaches U.S. National Guard Network, Steals Critical Configuration Files
News
Chinese APT Group Salt Typhoon Breaches U.S. National Guard Network, Steals Critical Configuration Files
Salt Typhoon, a Chinese state-backed hacking group, quietly breached a U.S. Army National Guard network for nine months, stealing sensitive configuration files and credentials.

TOP CYBERSECURITY HEADLINES

SECURITYWEEK INDUSTRY EXPERTS

Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Lynx Ransomware: INC Ransomware Reincarnated
The Lynx ransomware group is a financially motivated threat actor operating under a Ransomware-as-a-Service (RaaS) model. Emerging as a successor to the INC ransomware group ...
How to Backup and Restore the Windows Registry
Protect your system settings from accidental changes or corruption. Learn how to safely backup and restore the Windows Registry with this easy step-by-step guide.
Google Patches Gemini CLI Vulnerability That Enabled Silent Code Execution and Data Theft
A critical flaw in Google’s Gemini CLI exposed developers to silent command execution and data theft through poisoned context files, prompting an urgent security patch. ...
NASCAR Confirms Data Breach Tied to Medusa Ransomware Gang, SSNs Exposed
NASCAR confirms a data breach exposing Social Security numbers, linked to Medusa ransomware gang. Victims are receiving breach notifications and one year of credit monitoring. ...
Tea App Data Breach Deepens as 1.1 Million Private Messages Are Exposed
Tea app’s data breach escalates as 1.1 million private messages and 72,000 sensitive images, including government IDs and selfies, are leaked on hacker forums.
Hackers Claim Deep Access to Systems, Threaten to Leak Passenger Data
Aeroflot suffers massive cyberattack by pro-Ukraine hackers, disrupting flights, destroying 7,000 servers, and exposing personal data of passengers and staff. A criminal probe is underway. ...
CISA Warns of Ongoing Exploits Targeting PaperCut RCE Vulnerability, Urges Immediate Patching
CISA warns that hackers are actively exploiting a PaperCut vulnerability (CVE-2023-2533) for remote code execution, urging organizations to patch systems immediately to reduce risk.
Exploit Published for Actively Exploited Cisco ISE Vulnerability Leading to Root Access
Cisco ISE vulnerability CVE-2025-20281 now has a public exploit, enabling remote root access. Active exploitation is confirmed. Patching remains the only defense.
Neferpitou Claims Cyberattack on French Naval Defense Giant
French defense contractor Naval Group, a cornerstone of Europe’s naval defense industry, is facing a high-stakes cybersecurity crisis. A threat actor known as “Neferpitou” claims ...
Root Evidence Launches With $12.5M to Redefine Vulnerability Management
In July 2025, a team of seasoned cybersecurity leaders launched Root Evidence, a Boise-based startup with a mission to revolutionize how organizations tackle vulnerability management. ...
NASCAR Hit by Medusa Ransomware: 1TB of Data Stolen in April 2025 Cyberattack
In April 2025, NASCAR became the latest victim of a major cyberattack, with hackers infiltrating its network between March 31 and April 3. During the ...
Scattered Spider Strikes Again: Inside the VMware ESXi Ransomware Tactics
In this episode, we examine the sophisticated operations of Scattered Spider—also known as Muddled Libra, UNC3944, and Octo Tempest—a financially motivated cybercriminal group that has ...
BlackSuit Ransomware Operation Disrupted in Global Law Enforcement Seizure
Authorities have seized the BlackSuit ransomware gang’s dark web site, disrupting its operations as members appear to rebrand under a new name: Chaos ransomware.
Scattered Spider Ramps Up VMware ESXi Attacks Targeting U.S. Enterprise Virtual Infrastructure
Scattered Spider hackers are compromising VMware ESXi infrastructure through social engineering, enabling full control and ransomware deployment without exploiting any software vulnerabilities.
Amazon Q Developer Extension Compromised to Include Data-Wiping Commands
A hacker breached Amazon's AI coding assistant for Visual Studio Code, injecting data-wiping instructions before detection. A patched version was released following security reports.
Allianz Life Data Breach Exposes Information of Over 1 Million Customers
A recent data breach at Allianz Life compromised personal data of most of its 1.4 million customers via a third-party CRM system, possibly tied to ...
Philadelphia Insurance Companies Reports Personal Data Breach After June Cyber Incident
Philadelphia Insurance Companies has confirmed a personal data breach involving driver’s license numbers and birth dates following a June cyberattack that disrupted multiple insurers.
Koske Malware Hides in Panda Images, Weaponizes AI to Target Linux
A new and highly sophisticated malware strain named Koske is redefining the threat landscape for Linux environments. Suspected to be partially developed using artificial intelligence, ...
Operation Checkmate: BlackSuit Ransomware’s Dark Web Sites Seized
BlackSuit, the ransomware strain known for crippling critical sectors and demanding multi-million dollar payouts, has just suffered a devastating blow. In a coordinated international law ...
Coyote Malware Exploits Microsoft UI Automation in First-Ever Wild Attack
A new banking trojan called Coyote has emerged as a groundbreaking cyber threat, becoming the first known malware in the wild to exploit Microsoft’s User ...
Minnesota Deploys National Guard Cyber Unit Following Major Cyberattack on St. Paul City Systems
Tea App Disables Messaging After Second Breach Exposes Over One Million Private Conversations
ShinyHunters Behind Salesforce-Related Data Breaches at Qantas, Allianz Life, LVMH
RiteCheck Confirms Data Breach Affecting Nearly 70,000 Customers and Employees
Auto-Color Linux Malware Exploits SAP Zero-Day CVE-2025-31324
Inside the July 2025 PyPI Phishing Scam: How Hackers Stole Developer Credentials
IoT Security Crisis: Dahua Smart Camera Vulnerabilities Expose Surveillance Systems
Dropzone AI Secures $37M to Tackle Alert Fatigue with Autonomous SOC Analysts
Axonius Buys Cynerio for $100M+: Closing Healthcare’s Biggest Cybersecurity Blind Spot
Hackers Exploit SAP NetWeaver Flaw to Deploy Advanced Auto-Color Malware on U.S. Chemical Firm
Aeroflot Flights Canceled After Hacktivist Cyberattack Cripples Airline Systems
Scattered Spider Ransomware Group Ramps Up Sophisticated Attacks Targeting Enterprises Globally
Cheap McDonald’s Deal Turns Into Subscription Scam: Over 10,000 Romanians Targeted via Facebook and Instagram Ads
Orange Discloses Cyberattack, Service Disruptions in France Following Breach
Critical Lenovo Firmware Flaws Expose Millions to Persistent UEFI Attacks
Promptfoo Secures $18.4M to Combat AI Security Threats in Generative AI
1.1 Million Private Messages Leaked: Inside the Tea App Privacy Disaster
Job Scams, Corporate Espionage, and Digital Deception: Inside the Deepfake Crisis
Microsoft Exposes Major macOS Flaws in Transparency, Consent, and Control
Aeroflot in Chaos: How Hackers Crippled Russia’s Flagship Airline