Main Menu
Cyber Security
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
Amazon’s Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
ECB Decision Causes Costly Delays for Bank of England’s Payment System Overhaul
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
Google Chrome Extension With Millions of Users May Be Compromising Privacy
Militant Groups Experiment With AI, Amplifying Threats
SoundCloud’s VPN Restrictions Lead to Access Denials for Users
Unsecured 16TB Database Exposes 4.3 Billion Professional Records
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
Germany Accuses Russia of Cyberattacks on Air Traffic Control and Election Interference
Justice Department Alleges Misleading Compliance in Federal Audit Case
GeoServer Vulnerability Exploitation Facilitates External Entity Attacks
MITRE Highlights XSS and SQL Injection as Top Software Vulnerabilities for 2025
Shadow Spreadsheets’ Stealthy Role in Data Security Risks
Torrent Disguised as Leonardo DiCaprio Film Evades Detection Using Subtle Malware Delivery Technique
Kali Linux Version 2025.4 Introduces New Hacking Tools and Improvements
Fieldtex Ransomware Attack: Akira Group Claims Responsibility
Digital-only eVisa Scheme Faces Scrutiny Over Data Leaks and GDPR Concerns
Gladinet CentreStack Flaw: A Widespread Threat to Organizations
PyStoreRAT: New JavaScript-Based RAT Distributed via GitHub
Pentagon Pushes for Post-Quantum Cryptography Amid Rising Tech Tensions
New Cyber Threats: Movie Downloads and Software Updates Under Siege
Militant Groups Experiment With AI, Amplifying Threats
Cybersecurity
Militant Groups Experiment With AI, Amplifying Threats
Mitchell Langley December 16, 2025
Extremist groups are leveraging AI technologies to enhance their propaganda efforts, according to recent insights. This trend points to a growing challenge in cybersecurity as ...
SoundCloud's VPN Restrictions Lead to Access Denials for Users
Cybersecurity
SoundCloud’s VPN Restrictions Lead to Access Denials for Users
Andrew Doyle December 16, 2025
Users attempting to access SoundCloud via VPN connections are encountering a 403 forbidden error, resulting in blocked access to the audio streaming platform. This issue ...
Email Scam Exploits PayPal's Subscriptions Billing Feature
News
Email Scam Exploits PayPal’s Subscriptions Billing Feature
Gabby Lee December 15, 2025
PayPal's legitimate billing feature becomes a tool for scammers sending fraudulent emails, mimicking genuine purchase notifications. This latest financial scam uses deception to its full ...
Unsecured 16TB Database Exposes 4.3 Billion Professional Records
Information Security
Unsecured 16TB Database Exposes 4.3 Billion Professional Records
Mitchell Langley December 15, 2025
A massive 16TB MongoDB database containing 4.3 billion professional records was found unsecured, raising concerns about AI-driven social engineering threats. Researchers Bob Diachenko and nexos.ai ...
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
Application Security
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
Andrew Doyle December 15, 2025
A vulnerability in Notepad++ could have let attackers hijack update traffic. This flaw stemmed from weak file authentication during updates. A report by security researcher ...
Apple Patches Critical Vulnerabilities Across Multiple Platforms
CVE Vulnerability Alerts
Apple Patches Critical Vulnerabilities Across Multiple Platforms
Gabby Lee December 15, 2025
Apple releases crucial security patches for iOS, iPadOS, macOS, watchOS, and more, targeting two actively exploited vulnerabilities. Among these is CVE-2025-43529, a significant use-after-free flaw ...
CISA Alerts on Exploited Vulnerability in Sierra Wireless AirLink ALEOS Routers
CVE Vulnerability Alerts
CISA Alerts on Exploited Vulnerability in Sierra Wireless AirLink ALEOS Routers
Gabby Lee December 15, 2025
The U.S. Cybersecurity and Infrastructure Security Agency has added a flaw in Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities catalog. This follows ...
Germany Accuses Russia of Cyberattacks on Air Traffic Control and Election Interference
Cybersecurity
Germany Accuses Russia of Cyberattacks on Air Traffic Control and Election Interference
Mitchell Langley December 15, 2025
Germany has called in Russia's ambassador to address grave concerns about alleged cyberattacks on its air traffic control and a concurrent disinformation campaign designed to ...
Justice Department Alleges Misleading Compliance in Federal Audit Case
Cybersecurity
Justice Department Alleges Misleading Compliance in Federal Audit Case
Gabby Lee December 15, 2025
Accusations of deception rise as a former senior manager is sued for allegedly misleading the US government about the compliance status of a cloud platform ...
GeoServer Vulnerability Exploitation Facilitates External Entity Attacks
Endpoint Security
GeoServer Vulnerability Exploitation Facilitates External Entity Attacks
Andrew Doyle December 15, 2025
Attackers can exploit a flaw in GeoServer to define external entities within XML requests, resulting in critical security breaches. The vulnerability impacts data security, highlighting ...
MITRE Highlights XSS and SQL Injection as Top Software Vulnerabilities for 2025
Cybersecurity
MITRE Highlights XSS and SQL Injection as Top Software Vulnerabilities for 2025
Andrew Doyle December 15, 2025
MITRE's latest research identifies XSS, SQL injection, and CSRF as the primary software vulnerabilities in 2025, closely followed by buffer overflow issues and improper access ...
Shadow Spreadsheets' Stealthy Role in Data Security Risks
Data Security
Shadow Spreadsheets’ Stealthy Role in Data Security Risks
Mitchell Langley December 15, 2025
Employees using unauthorised spreadsheets for daily tasks may unknowingly introduce security risks. These "shadow spreadsheets" often lack oversight, leading to data exposure, version sprawl, and ...
New Wave of Phishing Kits Target Credential Theft at Scale
News
New Wave of Phishing Kits Target Credential Theft at Scale
Andrew Doyle December 15, 2025
Cybersecurity researchers analyze four new phishing kits, each with unique capabilities aimed at large-scale credential theft. BlackForce, GhostFrame, InboxPrime AI, and Spiderman introduce advanced tactics ...
Torrent Disguised as Leonardo DiCaprio Film Evades Detection Using Subtle Malware Delivery Technique
Cybersecurity
Torrent Disguised as Leonardo DiCaprio Film Evades Detection Using Subtle Malware Delivery Technique
Gabby Lee December 15, 2025
A fake torrent for the film 'One Battle After Another' employs a unique technique by embedding malicious PowerShell loaders in subtitle files, ultimately deploying Agent ...
Kali Linux Version 2025.4 Introduces New Hacking Tools and Improvements
Cybersecurity
Kali Linux Version 2025.4 Introduces New Hacking Tools and Improvements
Andrew Doyle December 15, 2025
Kali Linux 2025.4 marks the final update for the year, introducing new hacking tools, desktop environment improvements, and enhanced support for Wayland, alongside the preview ...
Fieldtex Ransomware Attack Akira Group Claims Responsibility
Cybersecurity
Fieldtex Ransomware Attack: Akira Group Claims Responsibility
Mitchell Langley December 15, 2025
The Akira ransomware group has claimed responsibility for the November cyberattack on Fieldtex Products, stating that 14 Gb of data was stolen. The breach potentially ...
Digital-only eVisa Scheme Faces Scrutiny Over Data Leaks and GDPR Concerns
Data Security
Digital-only eVisa Scheme Faces Scrutiny Over Data Leaks and GDPR Concerns
Gabby Lee December 15, 2025
The UK's digital-only eVisa scheme is under fire as civil society groups call for a data protection investigation. Concerns include systemic data errors and possible ...
Gladinet CentreStack Flaw A Widespread Threat to Organizations
Cybersecurity
Gladinet CentreStack Flaw: A Widespread Threat to Organizations
Andrew Doyle December 15, 2025
Cybersecurity teams are grappling with a new wave of attacks targeting a Gladinet CentreStack vulnerability, threatening multiple organizations globally.
PyStoreRAT New JavaScript-Based RAT Distributed via GitHub
Cybersecurity
PyStoreRAT: New JavaScript-Based RAT Distributed via GitHub
Mitchell Langley December 15, 2025
Cybersecurity experts uncover a new campaign using GitHub-hosted Python repositories to deploy PyStoreRAT, a JavaScript-based Remote Access Trojan. The threat disguises itself within repositories posing ...
Pentagon Pushes for Post-Quantum Cryptography Amid Rising Tech Tensions
Cybersecurity
Pentagon Pushes for Post-Quantum Cryptography Amid Rising Tech Tensions
Gabby Lee December 15, 2025
In a pivotal move, the Pentagon's directive to speed up the integration of post-quantum cryptography (PQC) technology comes amid heightened technical tensions. As the U.S. ...
Echo Secures $35 Million Series A Funding to Advance Cybersecurity Tools
Cybersecurity
Echo Secures $35 Million Series A Funding to Advance Cybersecurity Tools
Andrew Doyle December 17, 2025
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
Data Security
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
Andrew Doyle December 16, 2025
Askul Ransomware Attack Leads to Compromise of 700,000 Records
News
Askul Ransomware Attack Leads to Compromise of 700,000 Records
Gabby Lee December 17, 2025
Understanding Ransomware Attacks on Hypervisors A Growing Threat
Endpoint Security
Understanding Ransomware Attacks on Hypervisors: A Growing Threat
Andrew Doyle December 17, 2025

TOP CYBERSECURITY HEADLINES

Russian Hackers Shift Focus Toward Exploiting Misconfigurations
News
Russian Hackers Shift Focus Toward Exploiting Misconfigurations
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
Cybersecurity
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
PDVSA's Recent Cyberattack Reveals Vulnerabilities in Export Operations
Cybersecurity
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo
News
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo

This Week’s Security Spotlight

AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Identity and Access Management
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Andrew Doyle December 17, 2025
All I Want for Christmas is All of Your Data SantaStealer Malware Spreads for the Holidays
Cybersecurity
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
Mitchell Langley December 17, 2025
SoundCloud's VPN Restrictions Lead to Access Denials for Users
Cybersecurity
SoundCloud’s VPN Restrictions Lead to Access Denials for Users
Andrew Doyle December 16, 2025
Email Scam Exploits PayPal's Subscriptions Billing Feature
News
Email Scam Exploits PayPal’s Subscriptions Billing Feature
Gabby Lee December 15, 2025
More In News
Trending
Spiderman Phishing Kit Poses New Threat to European Banks and Crypto Holders
Intense Surge in Phishing Campaigns with New Malicious Domains
Browser Notifications Hijacked for Phishing in Matrix Push C2 Scheme
Sneaky2FA Phishing Kit Adds Browser-in-the-Browser Tool for Stealthier MFA Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Chainguard’s $3.5 Billion Valuation Signals Massive Investor Confidence in Secure-by-Default Software
October 28, 2025
Podcasts
$1 Million WhatsApp Exploit Withdrawn—Researcher Silent, Meta Calls It “Low-Risk”
October 27, 2025
Podcasts
OpenAI Atlas Omnibox Jailbreak Exposes New AI Security Flaw
October 27, 2025

Cyber Security News

From Open Source to OpenAI Navigating the Evolution of Third-Party Risks
Blog
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
December 17, 2025
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Identity and Access Management
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
December 17, 2025
All I Want for Christmas is All of Your Data SantaStealer Malware Spreads for the Holidays
Cybersecurity
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
December 17, 2025
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
Data Security
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
December 16, 2025
ECB Decision Causes Costly Delays for Bank of England's Payment System Overhaul
Cybersecurity
ECB Decision Causes Costly Delays for Bank of England’s Payment System Overhaul
December 16, 2025
Cyber Raid on Jaguar Land Rover August Attack Leads to Theft of Sensitive Information
Information Security
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
December 16, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Email Scam Exploits PayPal’s Subscriptions Billing Feature
December 15, 2025
PayPal's legitimate billing feature becomes a tool for scammers sending fraudulent emails, mimicking genuine purchase notifications. This latest financial scam uses deception to its full ...
Unsecured 16TB Database Exposes 4.3 Billion Professional Records
December 15, 2025
A massive 16TB MongoDB database containing 4.3 billion professional records was found unsecured, raising concerns about AI-driven social engineering threats. Researchers Bob Diachenko and nexos.ai ...
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
December 15, 2025
A vulnerability in Notepad++ could have let attackers hijack update traffic. This flaw stemmed from weak file authentication during updates. A report by security researcher ...
Apple Patches Critical Vulnerabilities Across Multiple Platforms
December 15, 2025
Apple releases crucial security patches for iOS, iPadOS, macOS, watchOS, and more, targeting two actively exploited vulnerabilities. Among these is CVE-2025-43529, a significant use-after-free flaw ...
CISA Alerts on Exploited Vulnerability in Sierra Wireless AirLink ALEOS Routers
December 15, 2025
The U.S. Cybersecurity and Infrastructure Security Agency has added a flaw in Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities catalog. This follows ...
Germany Accuses Russia of Cyberattacks on Air Traffic Control and Election Interference
December 15, 2025
Germany has called in Russia's ambassador to address grave concerns about alleged cyberattacks on its air traffic control and a concurrent disinformation campaign designed to ...
Justice Department Alleges Misleading Compliance in Federal Audit Case
December 15, 2025
Accusations of deception rise as a former senior manager is sued for allegedly misleading the US government about the compliance status of a cloud platform ...
GeoServer Vulnerability Exploitation Facilitates External Entity Attacks
December 15, 2025
Attackers can exploit a flaw in GeoServer to define external entities within XML requests, resulting in critical security breaches. The vulnerability impacts data security, highlighting ...
MITRE Highlights XSS and SQL Injection as Top Software Vulnerabilities for 2025
December 15, 2025
MITRE's latest research identifies XSS, SQL injection, and CSRF as the primary software vulnerabilities in 2025, closely followed by buffer overflow issues and improper access ...
Shadow Spreadsheets’ Stealthy Role in Data Security Risks
December 15, 2025
Employees using unauthorised spreadsheets for daily tasks may unknowingly introduce security risks. These "shadow spreadsheets" often lack oversight, leading to data exposure, version sprawl, and ...
New Wave of Phishing Kits Target Credential Theft at Scale
December 15, 2025
Cybersecurity researchers analyze four new phishing kits, each with unique capabilities aimed at large-scale credential theft. BlackForce, GhostFrame, InboxPrime AI, and Spiderman introduce advanced tactics ...
Torrent Disguised as Leonardo DiCaprio Film Evades Detection Using Subtle Malware Delivery Technique
December 15, 2025
A fake torrent for the film 'One Battle After Another' employs a unique technique by embedding malicious PowerShell loaders in subtitle files, ultimately deploying Agent ...
Kali Linux Version 2025.4 Introduces New Hacking Tools and Improvements
December 15, 2025
Kali Linux 2025.4 marks the final update for the year, introducing new hacking tools, desktop environment improvements, and enhanced support for Wayland, alongside the preview ...
Fieldtex Ransomware Attack: Akira Group Claims Responsibility
December 15, 2025
The Akira ransomware group has claimed responsibility for the November cyberattack on Fieldtex Products, stating that 14 Gb of data was stolen. The breach potentially ...
Digital-only eVisa Scheme Faces Scrutiny Over Data Leaks and GDPR Concerns
December 15, 2025
The UK's digital-only eVisa scheme is under fire as civil society groups call for a data protection investigation. Concerns include systemic data errors and possible ...
Gladinet CentreStack Flaw: A Widespread Threat to Organizations
December 15, 2025
Cybersecurity teams are grappling with a new wave of attacks targeting a Gladinet CentreStack vulnerability, threatening multiple organizations globally.
PyStoreRAT: New JavaScript-Based RAT Distributed via GitHub
December 15, 2025
Cybersecurity experts uncover a new campaign using GitHub-hosted Python repositories to deploy PyStoreRAT, a JavaScript-based Remote Access Trojan. The threat disguises itself within repositories posing ...
Pentagon Pushes for Post-Quantum Cryptography Amid Rising Tech Tensions
December 15, 2025
In a pivotal move, the Pentagon's directive to speed up the integration of post-quantum cryptography (PQC) technology comes amid heightened technical tensions. As the U.S. ...
New Cyber Threats: Movie Downloads and Software Updates Under Siege
December 15, 2025
Cybersecurity incidents reveal a growing threat landscape as hackers infiltrate common online platforms, from movie downloads to browser extensions, leaving users vulnerable. Tech companies and ...
Zero-day Vulnerability in Gogs Leads to Hundreds of Compromised Servers
December 15, 2025
A zero-day vulnerability in Gogs, a well-known self-hosted Git service, has enabled attackers to execute remote code execution on numerous internet-facing instances, impacting hundreds of ...
Understanding Ransomware Attacks on Hypervisors: A Growing Threat
Russian Hackers Shift Focus Toward Exploiting Misconfigurations
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo
Amazon’s Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
ECB Decision Causes Costly Delays for Bank of England’s Payment System Overhaul
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
FreePBX Critical Vulnerability Enables Potential Authentication Bypass
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
Google Chrome Extension With Millions of Users May Be Compromising Privacy
Phishing Attacks in 2026: Evolution Beyond Email and Its Implications
Militant Groups Experiment With AI, Amplifying Threats
SoundCloud’s VPN Restrictions Lead to Access Denials for Users