Cyber Security
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
News
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
Medusa ransomware claims a 150GB data breach at RE/MAX and demands $200K ransom. Exposed files include agent details, commissions, and internal property documents.
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
News
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
BSI warns of an unpatched flaw in Windows Server 2025 Active Directory that allows domain takeover via dMSA. Microsoft rates it moderate; Germany rates it ...
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
News
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
An exposed Azure storage bucket leaked 1.6 million customer emails from Etsy, TikTok Shop, and others, revealing names, addresses, and order data.
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
News
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
Everest ransomware group claims to have breached Jordan Kuwait Bank, stealing 11.7GB of internal data, including personal employee details, and demanding ransom by May 31. ...
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
News
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
Chaos ransomware has claimed a cyberattack on the Salvation Army, threatening to leak sensitive charity data unless demands are met. Scope and content remain undisclosed. ...
Alleged AT&T Data Breach Exposes 31 Million Records
News
Alleged AT&T Data Breach Exposes 31 Million Records
Hackers claim to have leaked 31 million AT&T user records, including tax IDs and IPs, though researchers cannot confirm the breach due to limited data ...
Russian Espionage Group ‘Laundry Bear’ Hacks Dutch Police and NATO-Aligned Targets
News
Russian Espionage Group ‘Laundry Bear’ Hacks Dutch Police and NATO-Aligned Targets
Dutch intelligence links a new Russian cyber espionage group, Laundry Bear, to attacks on NATO entities and the Dutch police targeting sensitive military and diplomatic ...
Firmware and Bootloaders Under Attack as Hackers Target Pre-OS Environments
News
Firmware and Bootloaders Under Attack as Hackers Target Pre-OS Environments
Hackers are escalating attacks on BIOS and bootloaders, exploiting pre-OS vulnerabilities to maintain persistence, evade detection, and bypass Secure Boot protections.
Everest Ransomware Gang Targets $5.4B Global Hospital Group Mediclinic
News
Everest Ransomware Gang Targets $5.4B Global Hospital Group Mediclinic
Everest ransomware gang claims cyberattack on global hospital group Mediclinic, stealing employee data and 4GB of internal files. Ransom deadline set for five days.
Rhysida Ransomware Gang Claims Cyberattack on Brazilian Chevrolet Retailer
News
Rhysida Ransomware Gang Claims Cyberattack on Brazilian Chevrolet Retailer
Rhysida ransomware gang claims to have breached Carrera, a leading Brazilian Chevrolet dealership, demanding $1 million and threatening to leak passports and contracts.
Coca-Cola Data Breach: Employee Details Leaked After Ignored Ransom Demand
News
Coca-Cola Data Breach: Employee Details Leaked After Ignored Ransom Demand
Hackers leaked Coca-Cola employee data after the company ignored Everest ransomware’s ransom demand. The breach exposed passport scans, visa documents, and personal IDs online.
Coinbase Faces Investor Lawsuit After Data Breach Exposes 69,000+ Customers
News
Coinbase Faces Investor Lawsuit After Data Breach Exposes 69,000+ Customers
Coinbase faces a class action lawsuit after a breach exposed data of over 69,000 users. Insider involvement and financial impact raise enterprise security concerns.
Global Data Breach Exposes 184 Million Credentials from Major Tech and Government Platforms
News
Global Data Breach Exposes 184 Million Credentials from Major Tech and Government Platforms
A global data breach exposed 184 million credentials from tech, government, and banking platforms, highlighting serious risks of credential stuffing, phishing, and ransomware attacks.
Healthcare Data Breaches Hit Providers in Four U.S. States, Impacting Over 60,000 Individuals
News
Healthcare Data Breaches Hit Providers in Four U.S. States, Impacting Over 60,000 Individuals
Healthcare data breaches in NJ, PA, IA, and LA compromise sensitive information of over 60,000 individuals, including Social Security numbers and health records.
U.S. and Allies Release Security Guidance to Protect AI Models from Tampering and Exploitation
News
U.S. and Allies Release Security Guidance to Protect AI Models from Tampering and Exploitation
The U.S. and allies urge stronger protections for AI systems, warning that data tampering and system vulnerabilities pose rising risks to critical infrastructure.
Adidas Confirms Third-Party Data Breach Exposing Global Customer Information
News
Adidas Confirms Third-Party Data Breach Exposing Global Customer Information
Adidas confirms a third-party data breach involving customer service data. No payment information was leaked, but global exposure is possible due to Adidas' vast reach. ...
Cetus Protocol Hit by $223 Million Cryptocurrency Heist, $5M Bounty Offered
News
Cetus Protocol Hit by $223 Million Cryptocurrency Heist, $5M Bounty Offered
Hackers stole $223 million from Cetus Protocol via a blockchain exploit. The platform offers a whitehat deal and $5 million bounty to recover stolen funds. ...
Qilin Ransomware Gang Targets Luxury Jet Firm Elit Avia, Leaks Staff Documents
News
Qilin Ransomware Gang Targets Luxury Jet Firm Elit Avia, Leaks Staff Documents
Ransomware group Qilin posts alleged staff data from Elit Avia, including passport photos, raising security concerns for employees at the luxury private jet operator.
Operation Endgame Dismantles 300 Servers in Global Ransomware Infrastructure Crackdown
News
Operation Endgame Dismantles 300 Servers in Global Ransomware Infrastructure Crackdown
Operation Endgame dismantled 300 servers and 650 domains supporting ransomware campaigns, while U.S. authorities indicted 16 cybercriminals tied to DanaBot malware and botnet operations.
Stormous Ransomware Gang Posts French Government Credentials on Dark Web
News
Stormous Ransomware Gang Posts French Government Credentials on Dark Web
Stormous ransomware gang published email and password data allegedly tied to French government bodies, raising concerns over outdated security practices and ongoing exposure risks.

TOP CYBERSECURITY HEADLINES

SECURITYWEEK INDUSTRY EXPERTS

Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
Exploit details for a critical Cisco IOS XE Wireless LAN Controller vulnerability (CVE-2025-20188) are now public, raising urgent concerns about remote code execution risks.
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
Two critical vBulletin vulnerabilities, actively exploited in the wild, allow attackers to execute code remotely by abusing template logic and PHP’s Reflection API.
184 Million Login Credentials Exposed in Major Unprotected Database Leak
Over 184 million login credentials were exposed online in plain text, revealing widespread negligence in data protection and the growing threat of credential-based cyberattacks.
Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers
In this episode, we dive into the graphical corruption saga triggered by Firefox version 139, released on May 27, 2025. Aimed at uncovering what went ...
ConnectWise Breach: Nation-State Exploits CVE-2025-3935 in ScreenConnect
ConnectWise has confirmed a cyberattack targeting ScreenConnect, its remote access solution used by thousands of Managed Service Providers (MSPs). The breach is reportedly tied to ...
Unbound Raises $4M to Secure Generative AI in the Enterprise
In this episode, we break down the recent $4 million seed funding round for Unbound, a startup tackling one of the biggest unsolved problems in ...
This Week In Cybersecurity: 26th to 30th May, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
Victoria’s Secret Takes Website Offline Following Security Incident
Victoria’s Secret temporarily disabled its website and limited in-store services to address a cybersecurity incident. Third-party experts have been engaged; stores remain open.
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
An exposed Unimed server leaked over 14 million private patient-doctor messages, including medical data, documents, and IDs—posing major cybersecurity and privacy risks.
Russian Nuclear Facility Blueprints Exposed in Massive Security Breach
Russian nuclear facility blueprints were exposed in a public procurement database, revealing sensitive layouts of missile silos and bunkers tied to Moscow’s nuclear modernization.
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
Chinese APT41 hackers used Google Calendar to run malware operations and exfiltrate data, exploiting Calendar events for covert command-and-control and stealth communications.
Windows Updates, Reimagined: Inside Microsoft’s Unified Orchestration Push
Microsoft is taking direct aim at one of the biggest pain points in the Windows ecosystem: update fragmentation. In this episode, we dive deep into ...
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
Medusa ransomware claims a 150GB data breach at RE/MAX and demands $200K ransom. Exposed files include agent details, commissions, and internal property documents.
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
BSI warns of an unpatched flaw in Windows Server 2025 Active Directory that allows domain takeover via dMSA. Microsoft rates it moderate; Germany rates it ...
Systemd as a Weapon: How PumaBot Exploits Linux Persistence
Linux systems are under siege—particularly in the world of IoT and internet-exposed servers. In this episode, we dissect PumaBot, a new GoLang-based botnet that’s turning ...
The LexisNexis Breach: 364,000 Records Exposed via GitHub
On December 25, 2024, while most businesses were offline, a serious data breach struck LexisNexis Risk Solutions—exposing the personal data of over 360,000 individuals. The ...
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
Everest ransomware group claims to have breached Jordan Kuwait Bank, stealing 11.7GB of internal data, including personal employee details, and demanding ransom by May 31. ...
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
An exposed Azure storage bucket leaked 1.6 million customer emails from Etsy, TikTok Shop, and others, revealing names, addresses, and order data.
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
Chaos ransomware has claimed a cyberattack on the Salvation Army, threatening to leak sensitive charity data unless demands are met. Scope and content remain undisclosed. ...
Ransomware Hits MathWorks: Week-Long Outage Disrupts Millions
On this episode, we dissect the ransomware attack that brought MathWorks—a cornerstone software provider for engineers, scientists, and educators—to a grinding halt. The attack, which ...
GhostSec: From Hacktivist Roots to RaaS Powerhouse
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
Google Chrome vs. Failing CAs: The Policy Behind the Distrust
CVE-2025-48827 & 48828: How vBulletin’s API and Template Engine Got Weaponized
JINX-0132: How Cryptojackers Hijacked DevOps Infrastructure via Nomad and Docker
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
Multi-Stage Phishing Attacks Now Use Google Infrastructure—Here’s How
Password Hashes Leaked via Linux Crash Handlers: The Truth Behind CVE-2025-5054 & 4598
Inside the AVCheck Takedown: How Law Enforcement Disrupted a Key Cybercrime Tool
Kaiser Permanente Recovers from Widespread Network Outage That Disrupted Patient Services Nationwide
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev