Main Menu
Cyber Security
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
Russian Ransomware Operator Admits Guilt in U.S. Court
Meta’s Smart Glasses Face Privacy Investigation in Britain
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
HungerRush POS Platform Targeted in Data Extortion Scheme
Fake OpenClaw Installers on GitHub Are Stealing User Data
Coruna iOS Exploits Target Apple Devices in Espionage and Financial Attacks
FBI Seizes LeakBase and Disrupts a Major Cybercrime Forum
Zurich Forms Cyber Insurance Powerhouse with $11 Billion Beazley Acquisition
Retaliatory Hacktivism Escalates Amid Epic Fury and Roaring Lion Military Operations
University of Mississippi Medical Center Resumes Operations After Nine-Day Ransomware Attack
LexisNexis Data Breach Claimed by Fulcrumsec Group
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX
Alabama Man Pleads Guilty to Cyberstalking and Extortion After Hijacking Hundreds of Women’s Accounts
Chrome’s Gemini Live Feature Left Users Exposed to Malicious Extensions
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
Criminals Exploit Dubai Crisis With Elaborate Fake Police Scheme
Russian APT28 Allegedly Exploited MSHTML Vulnerability Before Microsoft Patch
Madison Square Garden Cyber Incident Revealed Months Later
Samsung Reaches Settlement with Texas Over Smart TV Data Collection
Hackers Used Claude Code to Steal 150GB of Mexican Government Data
Netherlands Faces Its Biggest Data Breach as ShinyHunters Leaks Odido’s Full Customer Database
‘Sandworm_Mode’ Supply Chain Attack Hits the NPM Ecosystem
ICO Fines Reddit £14.47 Million for Failing to Protect Children’s Data
ShinyHunters Leak Exposes Millions of CarGurus User Records
Aflac Confirms Data Breach Impacting Over 22 Million Customers
Data Security
Aflac Confirms Data Breach Impacting Over 22 Million Customers
Gabby Lee December 28, 2025
A data breach at Aflac has exposed sensitive personal information of over 22 million customers. The company confirmed detecting unusual activities on its systems in ...
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
News
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
Mitchell Langley December 28, 2025
Grubhub customers received deceptive messages, seemingly from a company email, promising tenfold bitcoin returns. This scam misled users into transferring cryptocurrency to a specific wallet.
Trust Wallet Urges Users to Update Chrome Extension Due to Security Incident
Application Security
Trust Wallet Urges Users to Update Chrome Extension Due to Security Incident
Gabby Lee December 28, 2025
Trust Wallet experienced a critical security breach affecting its Google Chrome extension, leading to losses of approximately $7 million. Users are urged to update to ...
Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812 Noted
CVE Vulnerability Alerts
Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812
Andrew Doyle December 28, 2025
Fortinet has identified ongoing exploitation of the five-year-old FortiOS SSL VPN flaw CVE-2020-12812, revealing it poses significant risks in specific configurations.
Ripple Effects of the 2022 LastPass Data Breach Cryptocurrency at Stake
Cybersecurity
Ripple Effects of the 2022 LastPass Data Breach: Cryptocurrency at Stake
Gabby Lee December 28, 2025
Weak master passwords from 2022's LastPass breach are being exploited to compromise cryptocurrency assets, implicating Russian cybercriminal involvement, according to TRM Labs.
CISA Issues Urgent Advisory on Digiever NVRs Due to Known Exploited Vulnerability
CVE Vulnerability Alerts
CISA Issues Urgent Advisory on Digiever NVRs Due to Known Exploited Vulnerability
Andrew Doyle December 28, 2025
CISA has highlighted CVE-2023-52163, a vulnerability in Digiever NVRs, for active exploitation, advising immediate update and security precautions.
U.S. Government Seizes Web3 Ads Panel Domain Linked To Cybercrime
Cybersecurity
U.S. Government Seizes Web3 Ads Panel Domain Linked to Cybercrime
Mitchell Langley December 28, 2025
Federal authorities confiscated the 'web3adspanels.org' domain, a crucial tool for cybercriminals in hosting and distributing stolen banking login credentials. This move represents a significant intervention ...
Fraudulent Investment Scheme Nomani Expands Beyond Facebook
Cybersecurity
Fraudulent Investment Scheme Nomani Expands Beyond Facebook
Gabby Lee December 28, 2025
The fraudulent Nomani scheme has increased 62%, spreading from Facebook to YouTube. ESET's data indicates a block of 64,000 URLs in 2023.
Microsoft Enhances Codebase Security by Transitioning to Rust with AI Assistance
Application Security
Microsoft Enhances Codebase Security by Transitioning to Rust with AI Assistance
Andrew Doyle December 28, 2025
Microsoft's integration of Rust aims to improve security and performance in software. With AI assistance, this significant codebase migration targets safety vulnerabilities in existing programming ...
U.S. SEC Accuses Firms of Orchestrating Cryptocurrency Fraud Worth Over $14 Million
Cybersecurity
U.S. SEC Accuses Firms of Orchestrating Cryptocurrency Fraud Worth Over $14 Million
Mitchell Langley December 28, 2025
The SEC has filed charges against Morocoin Tech Corp. and others, accusing them of a $14 million cryptocurrency scam. The companies allegedly misled investors with ...
AI Vulnerabilities Identified by Researchers in Eurostar's Chatbot
Cybersecurity
AI Vulnerabilities Identified by Researchers in Eurostar’s Chatbot
Gabby Lee December 28, 2025
Researchers revealed security weaknesses in Eurostar’s AI chatbot, uncovering four flaws, including HTML injections. Eurostar's reaction raised eyebrows within cybersecurity circles.
Critical Patch Alert MongoDB Urges Immediate Update to Prevent RCE Attack
Application Security
Critical Patch Alert: MongoDB Urges Immediate Update to Prevent RCE Attacks
Andrew Doyle December 28, 2025
MongoDB has issued an urgent advisory for IT admins to rapidly patch a high-severity vulnerability allowing potential remote code execution (RCE) attacks on susceptible servers. ...
Italy's AGCM Fines Apple €98.6 Million Over Alleged App Tracking Transparency Misuse
Cybersecurity
Italy’s AGCM Fines Apple €98.6 Million Over Alleged App Tracking Transparency Misuse
Gabby Lee December 24, 2025
Italy's competition authority, AGCM, has fined Apple €98.6 million for allegedly abusing its dominant market position with the App Tracking Transparency framework.
Passwd Offers Secure Credential Management for Google Workspace Users
Application Security
Passwd Offers Secure Credential Management for Google Workspace Users
Andrew Doyle December 24, 2025
Passwd provides a secure credential management platform designed exclusively for businesses using Google Workspace, emphasizing integration, controlled sharing, and practicality.
Operation Sentinel INTERPOL's Comprehensive Cybercrime Crackdown Across Africa
Cybersecurity
Operation Sentinel: INTERPOL’s Comprehensive Cybercrime Crackdown Across Africa
Mitchell Langley December 24, 2025
INTERPOL's Operation Sentinel culminated in the arrest of 574 suspects and the recovery of $3 million. The operation involved collaboration with 19 countries to target ...
Feds Seize Database Targeting $28 Million Bank Account Theft
News
Feds Seize Database Targeting $28 Million Bank Account Theft
Mitchell Langley December 24, 2025
Authorities took significant action by seizing a password database used in a phishing attack that attempted a $28 million bank heist. This article delves into ...
ServiceNow Acquires Armis for $7.75 Billion, Boosting Cybersecurity Capabilities
Cybersecurity
ServiceNow Acquires Armis for $7.75 Billion, Boosting Cybersecurity Capabilities
Gabby Lee December 24, 2025
Following rumors, ServiceNow confirms its acquisition of Armis for $7.75 billion, expanding its capabilities in securing IoT and connected device environments, a crucial move post ...
WebRAT Malware Utilizing GitHub for Malicious Distribution
Cybersecurity
WebRAT Malware Utilizing GitHub for Malicious Distribution
Andrew Doyle December 24, 2025
WebRAT malware spreads through GitHub, claiming to offer proof-of-concept exploits for recent vulnerabilities, revealing challenging implications for cybersecurity experts.
n8n Automation Platform Faces Severe Security Issue
Application Security
n8n Automation Platform Faces Severe Security Issue
Mitchell Langley December 24, 2025
CVE-2025-68613 vulnerability in n8n's automation platform potentially allows unauthorized code execution, demanding immediate attention from users.
Dangerous Chrome Extensions Phantom Shuttle Targets Sensitive Data
Application Security
Dangerous Chrome Extensions: Phantom Shuttle Targets Sensitive Data
Gabby Lee December 24, 2025
'Phantom Shuttle' Chrome extensions mimic legitimate plugins but hijack user traffic to exfiltrate sensitive data. These malicious tools in the Web Store pose a significant ...
Perplexity's Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Application Security
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Andrew Doyle March 6, 2026
Meta's Smart Glasses Face Privacy Investigation in Britain
Cybersecurity
Meta’s Smart Glasses Face Privacy Investigation in Britain
Gabby Lee March 6, 2026
Lazarus Group Expands Its Ransomware Arsenal with Medusa
News
Lazarus Group Expands Its Ransomware Arsenal with Medusa
Andrew Doyle February 25, 2026
Polish Authorities Detain Suspected Phobos Ransomware Operative
News
Polish Authorities Detain Suspected Phobos Ransomware Operative
Andrew Doyle February 18, 2026

TOP CYBERSECURITY HEADLINES

JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
Cybersecurity
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
Application Security
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
Cisco Catalyst SD-WAN Manager Faces Active Exploitation of New Vulnerabilities
CVE Vulnerability Alerts
Cisco Catalyst SD-WAN Manager Faces Active Exploitation of New Vulnerabilities
US Government Contractor's Son Charged with Cryptocurrency Theft from US Marshals Service
Cybersecurity
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service

This Week’s Security Spotlight

OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
CISA Faces Challenges With Limited Resources Amid DHS Shutdown
Cybersecurity
CISA Faces Challenges With Limited Resources Amid DHS Shutdown
Andrew Doyle February 17, 2026
Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
More In News
Trending
Law Enforcement Dismantles Tycoon2FA Phishing-as-a-Service Platform
Phishing Attack Masquerades as Google Security Page to Steal Sensitive Information
Optimizely Suffers a Data Breach Through a Voice Phishing Attack
Cybercriminals Exploit OAuth 2.0 Device Authorization Flow in Vishing Campaigns

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Netskope’s IPO Raises $908M: SASE Leader Surges 18% on First Trading Day
September 22, 2025
Podcasts
SPLX Exposes AI Exploit: Prompt Injection Tricks ChatGPT Into Solving CAPTCHAs
September 22, 2025
Podcasts
Brussels, Berlin, London Hit Hard as Cyber Disruption Sparks Flight Chaos
September 22, 2025

Cyber Security News

Google Groups Exploited in Lumma Stealer Malware Campaign
Application Security
Google Groups Exploited in Lumma Stealer Malware Campaign
February 16, 2026
Malicious JavaScript Targets Cryptocurrency Users Via Pastebin
Cybersecurity
Malicious JavaScript Targets Cryptocurrency Users Via Pastebin
February 16, 2026
Social Engineering Resurfaces The ClickFix Attack Using DNS Lookups
Cybersecurity
Social Engineering Resurfaces: The ClickFix Attack Using DNS Lookups
February 16, 2026
Texas-Based Financial Services Provider Marquis Cites SonicWall Breach for Ransomware Incident
Application Security
Texas-Based Financial Services Provider Marquis Cites SonicWall Breach for Ransomware Incident
February 16, 2026
RADICL Secures $31 Million to Boost Development of Autonomous vSOC
Cybersecurity
RADICL Secures $31 Million to Boost Development of Autonomous vSOC
February 4, 2026
RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
February 4, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812
December 28, 2025
Fortinet has identified ongoing exploitation of the five-year-old FortiOS SSL VPN flaw CVE-2020-12812, revealing it poses significant risks in specific configurations.
Ripple Effects of the 2022 LastPass Data Breach: Cryptocurrency at Stake
December 28, 2025
Weak master passwords from 2022's LastPass breach are being exploited to compromise cryptocurrency assets, implicating Russian cybercriminal involvement, according to TRM Labs.
CISA Issues Urgent Advisory on Digiever NVRs Due to Known Exploited Vulnerability
December 28, 2025
CISA has highlighted CVE-2023-52163, a vulnerability in Digiever NVRs, for active exploitation, advising immediate update and security precautions.
U.S. Government Seizes Web3 Ads Panel Domain Linked to Cybercrime
December 28, 2025
Federal authorities confiscated the 'web3adspanels.org' domain, a crucial tool for cybercriminals in hosting and distributing stolen banking login credentials. This move represents a significant intervention ...
Fraudulent Investment Scheme Nomani Expands Beyond Facebook
December 28, 2025
The fraudulent Nomani scheme has increased 62%, spreading from Facebook to YouTube. ESET's data indicates a block of 64,000 URLs in 2023.
Microsoft Enhances Codebase Security by Transitioning to Rust with AI Assistance
December 28, 2025
Microsoft's integration of Rust aims to improve security and performance in software. With AI assistance, this significant codebase migration targets safety vulnerabilities in existing programming ...
U.S. SEC Accuses Firms of Orchestrating Cryptocurrency Fraud Worth Over $14 Million
December 28, 2025
The SEC has filed charges against Morocoin Tech Corp. and others, accusing them of a $14 million cryptocurrency scam. The companies allegedly misled investors with ...
AI Vulnerabilities Identified by Researchers in Eurostar’s Chatbot
December 28, 2025
Researchers revealed security weaknesses in Eurostar’s AI chatbot, uncovering four flaws, including HTML injections. Eurostar's reaction raised eyebrows within cybersecurity circles.
Critical Patch Alert: MongoDB Urges Immediate Update to Prevent RCE Attacks
December 28, 2025
MongoDB has issued an urgent advisory for IT admins to rapidly patch a high-severity vulnerability allowing potential remote code execution (RCE) attacks on susceptible servers. ...
Italy’s AGCM Fines Apple €98.6 Million Over Alleged App Tracking Transparency Misuse
December 24, 2025
Italy's competition authority, AGCM, has fined Apple €98.6 million for allegedly abusing its dominant market position with the App Tracking Transparency framework.
Passwd Offers Secure Credential Management for Google Workspace Users
December 24, 2025
Passwd provides a secure credential management platform designed exclusively for businesses using Google Workspace, emphasizing integration, controlled sharing, and practicality.
Operation Sentinel: INTERPOL’s Comprehensive Cybercrime Crackdown Across Africa
December 24, 2025
INTERPOL's Operation Sentinel culminated in the arrest of 574 suspects and the recovery of $3 million. The operation involved collaboration with 19 countries to target ...
Feds Seize Database Targeting $28 Million Bank Account Theft
December 24, 2025
Authorities took significant action by seizing a password database used in a phishing attack that attempted a $28 million bank heist. This article delves into ...
ServiceNow Acquires Armis for $7.75 Billion, Boosting Cybersecurity Capabilities
December 24, 2025
Following rumors, ServiceNow confirms its acquisition of Armis for $7.75 billion, expanding its capabilities in securing IoT and connected device environments, a crucial move post ...
WebRAT Malware Utilizing GitHub for Malicious Distribution
December 24, 2025
WebRAT malware spreads through GitHub, claiming to offer proof-of-concept exploits for recent vulnerabilities, revealing challenging implications for cybersecurity experts.
n8n Automation Platform Faces Severe Security Issue
December 24, 2025
CVE-2025-68613 vulnerability in n8n's automation platform potentially allows unauthorized code execution, demanding immediate attention from users.
Dangerous Chrome Extensions: Phantom Shuttle Targets Sensitive Data
December 24, 2025
'Phantom Shuttle' Chrome extensions mimic legitimate plugins but hijack user traffic to exfiltrate sensitive data. These malicious tools in the Web Store pose a significant ...
French National Postal Service Disruption Affects Millions of Users
December 24, 2025
La Poste, France’s national postal service, saw its online services disrupted by a major network incident, leading to outages affecting millions of users.
Nissan Cyberattack: Hackers Compromise Red Hat GitLab Instances
December 24, 2025
An attack on Red Hat's GitLab system has uncovered sensitive data of 21,000 customers linked to Nissan, creating significant security challenges and necessitating immediate remedial ...
Microsoft Focuses on Security with Its Timely Out-of-Band Update
December 24, 2025
Microsoft promptly issued an out-of-band update addressing a Message Queuing flaw from its December 2025 update, ensuring continued system security and reliability during a critical ...
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
Cisco Catalyst SD-WAN Manager Faces Active Exploitation of New Vulnerabilities
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Russian Ransomware Operator Admits Guilt in U.S. Court
Meta’s Smart Glasses Face Privacy Investigation in Britain
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure
HungerRush POS Platform Targeted in Data Extortion Scheme
Fake OpenClaw Installers on GitHub Are Stealing User Data
Coruna iOS Exploits Target Apple Devices in Espionage and Financial Attacks
FBI Seizes LeakBase and Disrupts a Major Cybercrime Forum
Zurich Forms Cyber Insurance Powerhouse with $11 Billion Beazley Acquisition
Retaliatory Hacktivism Escalates Amid Epic Fury and Roaring Lion Military Operations
University of Mississippi Medical Center Resumes Operations After Nine-Day Ransomware Attack
Phishing Warnings as LastPass Users Get Targeted by Fake Alerts
Law Enforcement Dismantles Tycoon2FA Phishing-as-a-Service Platform
LexisNexis Data Breach Claimed by Fulcrumsec Group
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX