Main Menu
Cyber Security
The Role of a Cyber Security Specialist in Building Cyber Resilience and Modern Defense Strategies
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
Why External Attack Surface Management Belongs at the Core of Your Cybersecurity Strategy
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
Arcane Infostealer Infects YouTube and Discord Users Through Game Cheats
News
Arcane Infostealer Infects YouTube and Discord Users Through Game Cheats
Andrew Doyle March 20, 2025
The Arcane infostealer, a new malware, is stealing data from YouTube and Discord users via game cheats, targeting VPNs, messengers, and cryptocurrency wallets. Its sophisticated ...
Pennsylvania Education Union Data Breach Impacts 500,000 Individuals
News
Pennsylvania Education Union Data Breach Impacts 500,000 Individuals
Andrew Doyle March 20, 2025
he Pennsylvania State Education Association (PSEA) suffered a data breach exposing the personal information of over 500,000 individuals, including financial and health records. Rhysida ransomware ...
Ransomware Victims on Dark Web - 3rd March, 2025
Ransomware
Ransomware Victims on Dark Web – 3rd March, 2025
Andrew Doyle March 20, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
California Cryobank Data Breach Exposes Sensitive Customer Information
News
California Cryobank Data Breach Exposes Sensitive Customer Information
Mitchell Langley March 19, 2025
California Cryobank, a major US sperm bank, suffered a data breach exposing customer names, bank details, Social Security numbers, and more. The company is offering ...
GitHub Action Hack May Cause Another Supply Chain Attack
News
GitHub Action Hack May Cause Another Supply Chain Attack
Andrew Doyle March 19, 2025
A cascading supply chain attack, starting with a GitHub Action hack, exposed CI/CD secrets across 23,000 repositories, highlighting vulnerabilities in third-party code reliance.
Western Alliance Bank Data Breach Impacts 21,899 Customers
News
Western Alliance Bank Data Breach Impacts 21,899 Customers
Mitchell Langley March 19, 2025
Western Alliance Bank suffered a data breach impacting 21,899 customers, exposing sensitive personal and financial information due to a third-party vendor's software vulnerability exploited by ...
11 State-Sponsored Hacking Groups Exploit Windows Zero-Day Exploit
News
11 State-Sponsored Hacking Groups Exploit Windows Zero-Day Exploit
Andrew Doyle March 19, 2025
A critical Windows zero-day exploit, ZDI-CAN-25373, has been exploited by 11 state-sponsored hacking groups since 2017, enabling data theft and espionage. Microsoft initially declined to ...
$6.1 Million Crypto Stolen in WEMIX Hack
News
$6.1 Million Crypto Stolen in WEMIX Hack
Andrew Doyle March 19, 2025
WEMIX, a blockchain gaming platform, suffered a $6.1 million crypto theft. Hackers stole authentication keys, planning the attack for two months before executing 13 successful ...
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
News
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
Mitchell Langley March 18, 2025
Microsoft discovered StilachiRAT, a new RAT malware using sophisticated techniques to steal cryptocurrency and perform reconnaissance. Its advanced evasion capabilities make proactive defense crucial.
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
News
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
Andrew Doyle March 18, 2025
A supply chain attack on the popular tj-actions/changed-files GitHub Action exposed CI/CD secrets. Attackers compromised a PAT, impacting 23,000 repositories. GitHub has since removed the ...
Critical Apache Tomcat Flaw Actively Exploited in Attacks
News
Critical Apache Tomcat Flaw Actively Exploited in Attacks
Mitchell Langley March 18, 2025
Critical Apache Tomcat RCE vulnerability (CVE-2025-24813) is actively exploited, allowing attackers to take control of servers via simple PUT requests. Immediate patching is crucial.
Fake "Security Alert" on GitHub Used to Hijack OAuth App Accounts
News
Fake “Security Alert” on GitHub Used to Hijack OAuth App Accounts
Andrew Doyle March 18, 2025
A massive GitHub phishing campaign uses fake "Security Alert" issues and a malicious OAuth app to hijack accounts, granting attackers full control. Immediate action is ...
Lingnan University Suffers Cybersecurity Breach: Sensitive Data Exposed
News
Lingnan University Suffers Cybersecurity Breach: Sensitive Data Exposed
Andrew Doyle March 18, 2025
Lingnan University in Hong Kong suffered a data breach exposing thousands of records, including sensitive personal data. The university is taking steps to enhance security.
Florida Hospital Data Breach Impacts Over 120,000 Patients
News
Florida Hospital Data Breach Impacts Over 120,000 Patients
Mitchell Langley March 17, 2025
A Florida hospital, CDH, suffered a data breach impacting over 120,000 patients. Sensitive data, including Social Security numbers and health information, was compromised. The BianLian ...
BlackBasta Ransomware Uses Automated Tool 'BRUTED' to Brute-Force VPNs
News
BlackBasta Ransomware Uses Automated Tool ‘BRUTED’ to Brute-Force VPNs
Andrew Doyle March 17, 2025
The BlackBasta ransomware group uses an automated tool, BRUTED, to brute-force VPNs and firewalls, highlighting the need for robust multi-factor authentication.
JD.com Data Breach: Babuk Ransomware Cartel Claims Massive Data Theft
News
JD.com Data Breach: Babuk Ransomware Cartel Claims Massive Data Theft
Mitchell Langley March 17, 2025
JD.com, a major Chinese retailer, faces a massive data breach after the Babuk ransomware cartel claims to have stolen customer passwords and other sensitive information. ...
UDMI Radiology Firm Suffers Major Data Breach: Fog Ransomware Claims Responsibility
News
UDMI Radiology Firm Suffers Major Data Breach: Fog Ransomware Claims Responsibility
Andrew Doyle March 17, 2025
Fog ransomware group claims responsibility for a major data breach at UDMI, a radiology firm, impacting over 138,000 individuals. The incident underscores the critical need ...
FBI Issues Warning Against Medusa Ransomware for Gmail, Outlook, and VPN Users
News
FBI Issues Warning Against Medusa Ransomware for Gmail, Outlook, and VPN Users
Mitchell Langley March 17, 2025
The FBI warns of escalating Medusa ransomware attacks targeting Gmail, Outlook, and VPN users, urging immediate security enhancements to mitigate the threat.
LockBit Ransomware Developer Extradited to the United States
News
LockBit Ransomware Developer Extradited to the United States
Andrew Doyle March 17, 2025
A key LockBit ransomware developer, Rostislav Panev, has been extradited to the US to face charges for his role in the group's global attacks.
Insider Attack and Extortion at Stram Center, SSK Plastic Surgery and Grove at Valhalla Rehabilitation
News
Insider Attack and Extortion at Stram Center, SSK Plastic Surgery and Grove at Valhalla Rehabilitation
Mitchell Langley March 14, 2025
Three healthcare providers suffered data breaches from insider attacks, extortion, and third-party vulnerabilities, highlighting the need for robust cybersecurity measures.
Stormous Ransomware: Unmasking the Pro-Russian Cyber Threat
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee July 3, 2025
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
Gabby Lee June 10, 2025
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley May 8, 2025

TOP CYBERSECURITY HEADLINES

Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
News
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
News
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
Episource Data Breach Hits Over 5 Million Patients, Sensitive Medical and Insurance Data Potentially Exposed
News
Episource Data Breach Hits Over 5 Million Patients, Sensitive Medical and Insurance Data Potentially Exposed
Abacus Market Disappears in Suspected Exit Scam After Handling $300 Million in Darknet Transactions
News
Abacus Market Disappears in Suspected Exit Scam After Handling $300 Million in Darknet Transactions

SECURITYWEEK INDUSTRY EXPERTS

Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
News
Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
Mitchell Langley July 17, 2025
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US
News
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US
Andrew Doyle July 17, 2025
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
News
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
Mitchell Langley July 17, 2025
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
News
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
Andrew Doyle July 17, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
The Insurance Industry Under Fire: Anatomy of the Aflac Cyber Incident
June 23, 2025
Podcasts
The Nucor Cyberattack: How Ransomware Threatens American Steel
June 23, 2025
Podcasts
Inside the $225M Crypto Seizure: How Law Enforcement Traced Illicit Funds Across Borders
June 22, 2025

Cyber Security News

This Week in Cybersecurity: 5th August to 9th August, National Public Data Breach
Cybersecurity
This Week in Cybersecurity: 5th August to 9th August, National Public Data Breach
August 9, 2024
ADT Confirms Data Breach, Customer Information Impacted in Major Security Incident
Cybersecurity
ADT Data Breach, Customer Information Impacted in Major Security Incident
August 9, 2024
Blog
Top 5 Cyber Scams to Watch Out for in 2024
August 7, 2024
Phishing Attacks on the Rise Businesses Face Growing Cyberthreat
Blog
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
August 5, 2024
The 911 S5 Botnet How FBI Dismantled the World’s Largest Botnet
Blog
The 911 S5 Botnet: How FBI Dismantled the World’s Largest Botnet
August 2, 2024
The Rise of AI-Powered Cyberattacks Are We Prepared
Blog
The Rise of AI-Powered Cyberattacks: Are We Prepared?
July 31, 2024
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Marbled Dust’s Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
May 13, 2025
In April 2024, a sophisticated cyber espionage campaign orchestrated by the Türkiye-linked hacker group, Marbled Dust, began exploiting a previously unknown zero-day vulnerability in the ...
M&S Confirms Customer Data Breach Following Cyberattack
May 13, 2025
M&S confirms a customer data breach exposing contact details and order history after a cyberattack, but reassures no payment data or passwords were compromised.
TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP
May 13, 2025
In this episode, we dissect CVE-2025-47729, a critical vulnerability in TeleMessage, a message archiving app recently thrust into the spotlight due to its use by ...
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
May 13, 2025
Broadcom patches a critical VMware Tools vulnerability that allows attackers with limited VM access to tamper with files. Affects Windows, Linux, and open-vm-tools versions.
Thousands of Node Developers Compromised by Malware in Popular npm Packages
May 13, 2025
A sophisticated supply chain attack on npm injected malware into widely used packages, exposing thousands of developers to remote access trojans, data theft, and backdoors. ...
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
May 13, 2025
A Türkiye-linked cyberespionage group exploited a zero-day in Output Messenger, enabling access to sensitive data and communications in targeted attacks on Kurdish-aligned users.
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
May 13, 2025
A Moldovan suspect has been arrested for a 2021 DoppelPaymer ransomware attack that crippled Dutch research systems and caused €4.5 million in damages.
rand-user-agent: The NPM Package That Opened a Backdoor
May 12, 2025
In this episode, we break down the recent compromise of the rand-user-agent NPM package—an attack that quietly turned a once-trusted JavaScript library into a delivery ...
160,000 Victims Later: The Aspire USA Breach Under Valsoft’s Watch
May 12, 2025
In this episode, we break down the February 2025 data breach that hit Valsoft Corporation, operating under the name AllTrust, through its subsidiary Aspire USA. ...
Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE
May 12, 2025
A new supply chain attack has emerged—this time targeting macOS users of the Cursor AI code editor through rogue npm packages. In this episode, we ...
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
May 12, 2025
Chinese threat group Chaya_004 exploited a zero-day flaw in SAP NetWeaver servers, compromising hundreds of systems using remote code execution and web shell deployments.
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
May 12, 2025
The iClicker website was hacked between April 12–16, 2025, using a fake CAPTCHA to deploy malware via a ClickFix attack targeting students and faculty.
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
May 12, 2025
LockBit's dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a leaked MySQL database.
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
May 12, 2025
Ascension confirms a third-party data breach affecting 437,329 patients, exposing sensitive personal and medical data, including Social Security numbers and health insurance details.
PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain
May 8, 2025
A zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824, became the center of a global cybersecurity storm when it was ...
Pegasus Spyware, WhatsApp v. NSO Group, and the Global Battle for Data Privacy
May 8, 2025
In this episode, we dive deep into the legal, technical, and geopolitical implications of the U.S. court ruling in WhatsApp v. NSO Group—a landmark case ...
How CodeAnt AI is Automating Code Reviews for 50+ Dev Teams
May 8, 2025
AI tools are generating more code than ever — but who’s reviewing it? In this episode, we spotlight CodeAnt AI, the fast-growing platform built to ...
The Truth About Identity Attacks: How to Protect Your Business and Data
May 8, 2025
In today's digital landscape, identity attacks are rampant, costing businesses millions and causing irreparable damage to reputations. This comprehensive guide explores seven common identity-based attacks, ...
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
May 8, 2025
U.S. Oil and Gas Sectors Face Persistent Cyber Threats, CISA Warns The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory warning that ...
NSO Group Fined $167 Million for Pegasus Spyware Attack on WhatsApp Users
May 8, 2025
A U.S. jury has ordered NSO Group to pay over $167 million in damages for a 2019 Pegasus spyware attack that targeted 1,400 WhatsApp users. ...
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
Operation Eastwood: Inside the Takedown of NoName057(16)
Phished and Exposed: What the Co-op Hack Reveals About Retail Cybersecurity
FileFix Attacks Are Here: How Interlock’s Ransomware is Skipping Your Defenses
Ontinue Uncovers SVG-Based Phishing: Why Your Browser Could Be the Weak Link
Episource Data Breach Hits Over 5 Million Patients, Sensitive Medical and Insurance Data Potentially Exposed
Exein Raises €70M: Defending the IoT-AI Frontier with Embedded Security
Salt Typhoon Strikes Again: National Guard, Telecoms, and a Crisis in U.S. Cyber Defense
Abacus Market Disappears in Suspected Exit Scam After Handling $300 Million in Darknet Transactions
DragonForce Claims Cyberattack on US Retail Giant Belk, Leaks 156GB of Sensitive Customer and Employee Data
Diskstation Ransomware Gang Dismantled After Years of Targeting NAS Devices Across Europe
Consentik Breach Exposes Hundreds of Shopify Stores to Admin Takeovers and Data Theft
CISA Faces Budget and Staffing Reductions Under Current Administration
Chinese Cyberespionage Group ‘Salt Typhoon’ Infiltrates U.S. National Guard Network
Quantum Computing Emerges as Major Future Cybersecurity Threat
Outdated Hiring Practices Hamper Cybersecurity Talent Acquisition
Employee Fear of Reprisal Leads to Unreported Cyber Attacks
DragonForce Ransomware Hits Belk: 150GB Data Leak and Operational Chaos