Main Menu
Cyber Security
PromptLock Ransomware Uses AI to Encrypt and Steal Data
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
Auchan Notifies Customers After Loyalty Account Data Exposure in Cyberattack
Critical Docker Desktop SSRF Vulnerability Compromises Hosts Using Containers
CISA Warns of Actively Exploited Git Arbitrary Code Execution Vulnerability
Coordinated Scans Surged Targeting Microsoft RDP Auth Servers
Citrix Fixes NetScaler RCE Flaw Exploited in Zero-Day Attacks
MathWorks Data Breach Exposes 10,000 Users in a Ransomware Attack
Thousands of Grok AI Chats Leaked, Transcripts Indexed Publicly
Murky Panda Exploits Cloud Trust to Breach Customers in Supply Chain Attacks
Salesloft Breach Exposes OAuth Tokens Used in Salesforce Data-Theft Campaign
Discord Message-Scraping Service Claims Access to 1.8 Billion Messages
Silk Typhoon Hackers Hijack Captive Portals to Deliver PlugX Backdoor
Farmers Insurance Data Breach Impacts 1.1 Million Customers in Salesforce Cyberattack
AI Summary Injection Turns Summaries into Malware Delivery
Nissan Confirms Data Breach at Creative Box After Qilin Ransomware Attack
Australia Faces Rising Wave of AI-Driven Cyber Threats in 2025
Arizona Seeks $10M to Bolster Election Cybersecurity: Post-Attack Response Plan
Microsoft Patches Teams Vulnerability: Critical Fix Against Remote Code Risks
Apple Patches Zero-Day Exploit: Immediate Fix for CVE-2025-43300 Threat
Google to Verify Android Developers: A New Era in App Security Emerges
Okta Raises Annual Forecasts Amid Surging Demand for Cybersecurity Tools
The Dual Role of AI in Cybersecurity: Weapon and Shield
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
Nevada State Offices Shut Down Amid Major Network Security Incident
Android Malware Masquerades as FSB Antivirus To Spy on Russian Business Executives
Orange Suffers Data Breach Affecting 850k Customers
Michigan Health System Hack Exposes Patients’ Lab Results in Healthcare Data Breach
Nissan Confirms Data Breach at Creative Box After Qilin Ransomware Attack
Cybersecurity
Nissan Confirms Data Breach at Creative Box After Qilin Ransomware Attack
Mitchell Langley August 28, 2025
Nissan has confirmed a data breach at its Tokyo-based subsidiary, Creative Box Inc. (CBI), following unauthorized access on August 16, 2025. The Qilin ransomware group ...
Gunra Ransomware: Tactics, Victims, and Threat Intelligence
Resources
Gunra Ransomware: Tactics, Victims, and Threat Intelligence
Gabby Lee August 28, 2025
Gunra is a double-extortion ransomware group, active since April 2025, leveraging leaked Conti code for high-speed, cross-platform attacks. With victims spanning healthcare, manufacturing, and IT, ...
Australia Faces Rising Wave of AI-Driven Cyber Threats in 2025
Blog
Australia Faces Rising Wave of AI-Driven Cyber Threats in 2025
Andrew Doyle August 28, 2025
Australia is facing a surge in AI-driven cyberattacks, from deepfake phishing and malware development to supply chain compromises. With over 70 major incidents in 2025 ...
CISA Expands Known Exploited Vulnerabilities Catalog 47 New Threats Identified
CVE Vulnerability Alerts
CISA Expands Known Exploited Vulnerabilities Catalog: 47 New Threats Identified
Mitchell Langley August 28, 2025
CISA has added 47 new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog in 2025, including flaws in SharePoint, Google Chromium, and Cisco devices. The ...
Arizona Seeks 10M to Bolster Election Cybersecurity
Cybersecurity
Arizona Seeks $10M to Bolster Election Cybersecurity: Post-Attack Response Plan
Gabby Lee August 28, 2025
A cyberattack on Arizona’s election portal, linked to Iranian-affiliated actors, has spurred calls for $10 million in cybersecurity funding and $3.5 million annually. Secretary of ...
Microsoft Patches Teams Vulnerability Critical Fix Against Remote Code Risks
Application Security
Microsoft Patches Teams Vulnerability: Critical Fix Against Remote Code Risks
Mitchell Langley August 28, 2025
Microsoft has patched CVE-2025-53783, a heap-based buffer overflow in Teams that enables remote code execution across desktop, mobile, and hardware devices. Though exploitation requires social ...
Apple Patches Zero-Day Exploit Immediate Fix for CVE-2025-43300 Threat
Cybersecurity
Apple Patches Zero-Day Exploit: Immediate Fix for CVE-2025-43300 Threat
Andrew Doyle August 28, 2025
Apple has released emergency patches for CVE-2025-43300, a zero-day flaw in the Image I/O framework enabling remote code execution via malicious images. Actively exploited in ...
APT36 Hackers Abuse Linux to Deliver Malware in Espionage Attacks
News
APT36 Hackers Abuse Linux to Deliver Malware in Espionage Attacks
Gabby Lee August 28, 2025
APT36 (Transparent Tribe) is exploiting Linux .desktop files in a new espionage campaign against Indian defense and government targets. Disguised as PDFs, these droppers fetch ...
Google to Verify Android Developers A New Era in App Security Emerges
Application Security
Google to Verify Android Developers: A New Era in App Security Emerges
Mitchell Langley August 27, 2025
Google is rolling out its Developer Verification program, requiring all Android developers—inside and outside the Play Store—to verify their identity by 2027. The policy aims ...
Okta Raises FY26 Forecast as Identity Verification Demand Surges
Data Security
Okta Raises Annual Forecasts Amid Surging Demand for Cybersecurity Tools
Gabby Lee August 27, 2025
Okta has lifted its fiscal 2026 revenue forecast after reporting strong Q2 results, driven by soaring demand for identity verification tools. As AI-powered impersonation attacks ...
The Dual Role of AI in Cybersecurity Weapon and Shield
Blog
The Dual Role of AI in Cybersecurity: Weapon and Shield
Mitchell Langley August 26, 2025
AI hacking has moved from speculation to reality, enabling deepfake phishing, automated malware, and large-scale social engineering. While defenders deploy AI for detection and response, ...
FraudGPT, WormGPT, and Dark AI Models Fuel Surge in Cybercrime
Blog
FraudGPT, WormGPT, and Dark AI Models Fuel Surge in Cybercrime
Gabby Lee August 26, 2025
Malicious AI models like FraudGPT, WormGPT, and PoisonGPT are reshaping cybercrime, enabling scalable phishing, malware generation, and disinformation. Unlike mainstream LLMs, these blackhat tools strip ...
The Imperative for a New Cyber Defense Playbook
Blog
The Imperative for a New Cyber Defense Playbook
Mitchell Langley August 26, 2025
Traditional cybersecurity models are failing against AI-driven threats, workforce fatigue, and complex tool sprawl. From adaptive malware and deepfake phishing to poorly governed machine identities, ...
Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads
News
UpCrypter Phishing Campaign Exploits Fake Emails to Deliver RAT Payloads
Gabby Lee August 26, 2025
A new phishing campaign is distributing the UpCrypter malware loader through fake voicemail and purchase order emails. Targeting industries worldwide, UpCrypter delivers multiple remote access ...
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
Cybersecurity
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
Mitchell Langley August 26, 2025
Senator Ron Wyden is urging an independent review of federal court cybersecurity after breaches exposed sealed case files. Citing outdated systems and weak defenses, he ...
Nevada State Offices Shut Down Amid Major Network Security Incident
Cybersecurity
Nevada State Offices Shut Down Amid Major Network Security Incident
Gabby Lee August 26, 2025
Nevada’s state government was forced to suspend in-person services and shut down major websites after a large-scale network security incident on August 25, 2025. Early ...
Android Malware Masquerades as FSB Antivirus To Spy on Russian Business Executives
Application Security
Android Malware Masquerades as FSB Antivirus To Spy on Russian Business Executives
Andrew Doyle August 25, 2025
A fake FSB antivirus hides Android malware spying on Russian executives, logging keystrokes, streaming cameras, exfiltrating messenger data, and rotating providers for command and control.
Orange Suffers Data Breach Affecting 850k Customers
Cybersecurity
Orange Suffers Data Breach Affecting 850k Customers
Mitchell Langley August 25, 2025
Orange Belgium reports a cyberattack exposing SIM details, PUK codes, names, phone numbers, and tariff plans for 850,000 customers; no financial data or passwords were ...
Michigan Health System Hack Exposes Patients’ Lab Results in Healthcare Data Breach
Cybersecurity
Michigan Health System Hack Exposes Patients’ Lab Results in Healthcare Data Breach
Andrew Doyle August 25, 2025
Aspire Rural Health Systems suffered a major healthcare data breach, exposing nearly 140,000 patients’ records — including lab results, financial data, and personal identifiers.
Gmail Breach Exposes 2.5 Billion Accounts in Social Engineering Attack
Cybersecurity
Gmail Breach Exposes 2.5 Billion Accounts in Social Engineering Attack
Andrew Doyle August 25, 2025
Google confirmed a massive breach exposing 2.5 billion Gmail accounts, with hacker group ShinyHunters exploiting Salesforce access through social engineering and launching large-scale phishing and ...
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
Cybersecurity
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
Gabby Lee August 28, 2025
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Cybersecurity
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Andrew Doyle August 28, 2025
Inotiv Ransomware Attack Disrupts Operations After Qilin Claims 176GB Data Theft
News
Inotiv Ransomware Attack Disrupts Operations After Qilin Claims 176GB Data Theft
Gabby Lee August 19, 2025
U.S. Seizes 1M in Cryptocurrency from BlackSuit Ransomware Gang
News
U.S. Seizes $1M in Cryptocurrency from BlackSuit Ransomware Gang
Gabby Lee August 18, 2025

TOP CYBERSECURITY HEADLINES

PromptLock Ransomware Uses AI to Encrypt and Steal Data
Cybersecurity
PromptLock Ransomware Uses AI to Encrypt and Steal Data
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Application Security
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
Cybersecurity
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
Cybersecurity
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems

This Week’s Security Spotlight

PromptLock Ransomware Uses AI to Encrypt and Steal Data
Cybersecurity
PromptLock Ransomware Uses AI to Encrypt and Steal Data
Gabby Lee August 28, 2025
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
Cybersecurity
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
Mitchell Langley August 26, 2025
Gmail Breach Exposes 2.5 Billion Accounts in Social Engineering Attack
Cybersecurity
Gmail Breach Exposes 2.5 Billion Accounts in Social Engineering Attack
Andrew Doyle August 25, 2025
Researcher Harvests 270k Employee Records Exploiting Intel Flaw
Cybersecurity
Researcher Harvests 270k Employee Records Exploiting Intel Flaw
Mitchell Langley August 19, 2025
More In News
Trending
Darcula PhaaS 3.0 Auto-Generates Phishing Kits for Any Brand
Sophisticated Gmail Attacks Target Users: FBI Issues “Do Not Click” Alert
This Facebook Phishing Attack Could Steal EVERYTHING!
What is a Whaling Phishing Attack?

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Salesforce Breach: How OAuth Token Theft Exposed Hundreds of Organizations
August 28, 2025
Podcasts
Silk Typhoon’s Fake Adobe Update: How China-Backed Hackers Target Diplomats
August 27, 2025
Podcasts
FTC Warns Tech Giants: Don’t Weaken Encryption for Foreign Governments
August 27, 2025

Cyber Security News

Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
Cybersecurity
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
August 28, 2025
Auchan Notifies Customers After Loyalty Account Data Exposure in Cyberattack
Cybersecurity
Auchan Notifies Customers After Loyalty Account Data Exposure in Cyberattack
August 28, 2025
Critical Docker Desktop SSRF Vulnerability Compromises Hosts Using Containers
Cybersecurity
Critical Docker Desktop SSRF Vulnerability Compromises Hosts Using Containers
August 28, 2025
CISA Warns of Actively Exploited Git Arbitrary Code Execution Vulnerability
CVE Vulnerability Alerts
CISA Warns of Actively Exploited Git Arbitrary Code Execution Vulnerability
August 28, 2025
Coordinated Scans Surged Targeting Microsoft RDP Auth Servers
Application Security
Coordinated Scans Surged Targeting Microsoft RDP Auth Servers
August 28, 2025
Citrix Fixes NetScaler RCE Flaw Exploited in Zero-Day Attacks
CVE Vulnerability Alerts
Citrix Fixes NetScaler RCE Flaw Exploited in Zero-Day Attacks
August 28, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Detection Tools
Farmers Insurance Data Breach Impacts 1.1 Million Customers in Salesforce Cyberattack
August 28, 2025
Farmers Insurance confirmed a third-party vendor database was breached on May 29, exposing PII for 1,111,386 customers in the wider Salesforce data theft campaign.
AI Summary Injection Turns Summaries into Malware Delivery
August 28, 2025
Researchers show attackers hide malicious payloads in HTML using CSS obfuscation and prompt overdose so AI summaries output malware instructions that lead to ransomware execution.
Nissan Confirms Data Breach at Creative Box After Qilin Ransomware Attack
August 28, 2025
Nissan has confirmed a data breach at its Tokyo-based subsidiary, Creative Box Inc. (CBI), following unauthorized access on August 16, 2025. The Qilin ransomware group ...
Gunra Ransomware: Tactics, Victims, and Threat Intelligence
August 28, 2025
Gunra is a double-extortion ransomware group, active since April 2025, leveraging leaked Conti code for high-speed, cross-platform attacks. With victims spanning healthcare, manufacturing, and IT, ...
Australia Faces Rising Wave of AI-Driven Cyber Threats in 2025
August 28, 2025
Australia is facing a surge in AI-driven cyberattacks, from deepfake phishing and malware development to supply chain compromises. With over 70 major incidents in 2025 ...
CISA Expands Known Exploited Vulnerabilities Catalog: 47 New Threats Identified
August 28, 2025
CISA has added 47 new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog in 2025, including flaws in SharePoint, Google Chromium, and Cisco devices. The ...
Arizona Seeks $10M to Bolster Election Cybersecurity: Post-Attack Response Plan
August 28, 2025
A cyberattack on Arizona’s election portal, linked to Iranian-affiliated actors, has spurred calls for $10 million in cybersecurity funding and $3.5 million annually. Secretary of ...
Microsoft Patches Teams Vulnerability: Critical Fix Against Remote Code Risks
August 28, 2025
Microsoft has patched CVE-2025-53783, a heap-based buffer overflow in Teams that enables remote code execution across desktop, mobile, and hardware devices. Though exploitation requires social ...
Apple Patches Zero-Day Exploit: Immediate Fix for CVE-2025-43300 Threat
August 28, 2025
Apple has released emergency patches for CVE-2025-43300, a zero-day flaw in the Image I/O framework enabling remote code execution via malicious images. Actively exploited in ...
APT36 Hackers Abuse Linux to Deliver Malware in Espionage Attacks
August 28, 2025
APT36 (Transparent Tribe) is exploiting Linux .desktop files in a new espionage campaign against Indian defense and government targets. Disguised as PDFs, these droppers fetch ...
Silk Typhoon’s Fake Adobe Update: How China-Backed Hackers Target Diplomats
August 27, 2025
A new and highly sophisticated cyber espionage campaign attributed to Silk Typhoon—also known as Mustang Panda, TEMP.Hex, or UNC6384—has been uncovered, targeting diplomats and government ...
FTC Warns Tech Giants: Don’t Weaken Encryption for Foreign Governments
August 27, 2025
The fight over encryption has entered a new phase. The Federal Trade Commission (FTC), led by Chairman Andrew Ferguson, has issued a strong warning to ...
Invisible Prompts: How Image Scaling Attacks Break AI Security
August 27, 2025
Researchers have uncovered a new form of indirect prompt injection that leverages a simple but powerful trick: image scaling. This novel attack involves hiding malicious ...
Google to Verify Android Developers: A New Era in App Security Emerges
August 27, 2025
Google is rolling out its Developer Verification program, requiring all Android developers—inside and outside the Play Store—to verify their identity by 2027. The policy aims ...
Healthcare Services Group Breach Exposes 624,000 Individuals’ Sensitive Data
August 27, 2025
The healthcare sector has been rocked yet again by a massive cybersecurity incident. Healthcare Services Group (HCSG), a provider of dining and laundry services to ...
Okta Raises Annual Forecasts Amid Surging Demand for Cybersecurity Tools
August 27, 2025
Okta has lifted its fiscal 2026 revenue forecast after reporting strong Q2 results, driven by soaring demand for identity verification tools. As AI-powered impersonation attacks ...
Auchan Data Breach: Hundreds of Thousands of Loyalty Accounts Compromised
August 27, 2025
French retail giant Auchan has confirmed a massive data breach that compromised the personal details of hundreds of thousands of customers. The stolen data includes ...
Docker Desktop Vulnerability: Why Containers Aren’t as Safe as You Think
August 26, 2025
A critical vulnerability in Docker Desktop, CVE-2025-9074, has shaken the container security world. Scoring 9.3 on the CVSS scale, this flaw exposed an unauthenticated Docker ...
Arch Linux Website, Forums, and AUR Targeted in Sustained Cyber Assault
August 26, 2025
The Arch Linux community has just endured more than a week of turbulence as a massive distributed denial-of-service (DDoS) attack disrupted its most critical services, ...
Data I/O Ransomware Attack: Supply Chain Cybersecurity in Crisis
August 26, 2025
Cyberattacks against supply chains are no longer isolated disruptions—they are systemic threats with the power to cascade across industries and nations. The recent ransomware attack ...
AI-Powered Polymorphic Phishing: The New Era of Social Engineering
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Healthcare Services Group Data Breach Impacts 624,000 Individuals After 2024 Network Intrusion
PromptLock Ransomware Uses AI to Encrypt and Steal Data
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
Salesforce Breach: How OAuth Token Theft Exposed Hundreds of Organizations
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
Auchan Notifies Customers After Loyalty Account Data Exposure in Cyberattack
Critical Docker Desktop SSRF Vulnerability Compromises Hosts Using Containers
CISA Warns of Actively Exploited Git Arbitrary Code Execution Vulnerability
Coordinated Scans Surged Targeting Microsoft RDP Auth Servers
Citrix Fixes NetScaler RCE Flaw Exploited in Zero-Day Attacks
MathWorks Data Breach Exposes 10,000 Users in a Ransomware Attack
Thousands of Grok AI Chats Leaked, Transcripts Indexed Publicly
Murky Panda Exploits Cloud Trust to Breach Customers in Supply Chain Attacks
Salesloft Breach Exposes OAuth Tokens Used in Salesforce Data-Theft Campaign
Discord Message-Scraping Service Claims Access to 1.8 Billion Messages
Silk Typhoon Hackers Hijack Captive Portals to Deliver PlugX Backdoor