Main Menu
Cyber Security
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026: What Day 1 Revealed
QualDerm Partners Data Breach Hits Over 3.1 Million People
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Gartner Publishes Its First Market Guide for Guardian Agents
Software Supply Chains Are the New Frontline for Cyber Risk
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Tech Giants Invest $12.5 Million in Open Source Software Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Stryker’s Internal Microsoft Environment Was Breached Last Week
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
How AI Is Making Financial Fraud 4.5 Times More Profitable
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
FBI Seeks Gamer Help in Steam Malware Investigation
Shadow AI Is Quietly Spreading Across SaaS Environments
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
Cybersecurity
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
Mitchell Langley January 6, 2026
A substantial data breach at Brightspeed has been claimed by the hacking group Crimson Collective. They assert responsibility for stealing personal information from over one ...
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Information Security
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Gabby Lee January 6, 2026
The Trump administration has lifted sanctions on three individuals linked to the Intellexa spyware consortium. This consortium is associated with the Predator surveillance tool, leading ...
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
Cybersecurity
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
Andrew Doyle January 5, 2026
AI agents are anticipated to become a notable insider threat by 2026, requiring firms to modify their security strategies, as a report from Palo Alto ...
ShinyHunters' Strategic Use of Decoy Accounts in Cyber Espionage
News
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
Mitchell Langley January 5, 2026
In September 2025, a significant development in the realm of cyber threats emerged with the activities of a hacker group ...
Trump Orders Emcore to Divest Chip Manufacturing Assets
Cybersecurity
Trump Orders Emcore to Divest Chip Manufacturing Assets
Andrew Doyle January 5, 2026
President Trump's recent decision mandates Emcore Corp. to divest its computer chip operation, underscoring a calculated effort to protect U.S. security interests. This article examines ...
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
Cybersecurity
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
Mitchell Langley January 5, 2026
The French authorities have launched an investigation into AI-generated sexually explicit deepfakes that altered images of hundreds of women and teenagers. Utilizing an AI tool ...
Adobe ColdFusion Cyberattacks Surge During Holiday Period
Application Security
Adobe ColdFusion Cyberattacks Surge During Holiday Period
Andrew Doyle January 5, 2026
GreyNoise detected a significant surge in attack attempts targeting Adobe ColdFusion vulnerabilities over Christmas 2025, revealing a coordinated effort exploiting multiple vulnerabilities in ColdFusion servers.
Phishing Campaign Targets Users with Google Cloud Application Exploitation
News
Phishing Campaign Targets Users with Google Cloud Application Exploitation
Mitchell Langley January 5, 2026
Recent phishing operations exploit Google Cloud Application Integration, sending fake Google emails that deceive users into trusting malicious messages.
Two US Cybersecurity Professionals Admit Guilt in Ransomware Schemes
News
Two US Cybersecurity Professionals Admit Guilt in Ransomware Schemes
Mitchell Langley January 5, 2026
Ryan Goldberg and Kevin Martin, two American cybersecurity professionals, have confessed to being affiliates of the notorious BlackCat/Alphv ransomware group. This revelation poses significant implications ...
Gavin Webb's Role in the Takedown of LockBit Ransomware
News
Gavin Webb’s Role in the Takedown of LockBit Ransomware
Gabby Lee January 5, 2026
Recognized for his exemplary public service, Gavin Webb spearheaded the strategic takedown of the notorious LockBit ransomware, marking a significant achievement in global cybersecurity efforts.
British Security Researcher Earns Australia's Prestigious Visa for Vulnerability Discovery
Cybersecurity
British Security Researcher Earns Australia’s Prestigious Visa for Vulnerability Discovery
Andrew Doyle January 5, 2026
British security analyst Jacob Riggs has achieved Australia's strictest, invite-only visa for exposure of a critical vulnerability in its government system.
Ongoing Cryptocurrency Thefts Linked to 2022 LastPass Breach
Cybersecurity
Ongoing Cryptocurrency Thefts Linked to 2022 LastPass Breach
Mitchell Langley January 5, 2026
Blockchain investigation has revealed that recent cryptocurrency thefts are tied to the 2022 LastPass breach. Attackers laundered stolen funds through Russian exchanges, exploiting vulnerabilities exposed ...
Pickett and Associates Data Breach Hacker Demands Bitcoin
News
Pickett and Associates Data Breach: Hacker Demands Bitcoin
Mitchell Langley January 5, 2026
A cybercriminal is selling stolen data from Pickett and Associates, impacting major utilities like Tampa Electric, Duke Energy, and American Electric Power.
Netflix Documentary Could Explore Crypto Crime Part 2 Potential
Cybersecurity
Netflix Documentary Could Explore Crypto Crime: Part 2 Potential
Gabby Lee January 5, 2026
Ilya Lichtenstein, linked to the 2016 Bitfinex bitcoin heist, has recently been released from prison after serving 14 months. Rumors suggest a Netflix documentary might ...
Covenant Health Ransomware Breach Impacts 478,000 Individuals Across Multiple States
News
Covenant Health Ransomware Breach Impacts 478,000 Individuals Across Multiple States
Andrew Doyle January 5, 2026
In May 2025, a ransomware attack by the Qilin group on Covenant Health compromised sensitive data of over 478,000 individuals at the healthcare organization located ...
OFAC Lifts Sanctions on Individuals Linked to Predator Spyware Consortium
Cybersecurity
OFAC Lifts Sanctions on Individuals Linked to Predator Spyware Consortium
Gabby Lee January 5, 2026
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) recently took a significant action by removing Merom Harpaz, Andrea Nicola Constantino Hermes ...
Disney Agrees to $10 Million Settlement for COPPA Violations
Data Security
Disney Agrees to $10 Million Settlement for COPPA Violations
Mitchell Langley January 5, 2026
Disney has settled COPPA violation allegations with a $10 million penalty, addressing claims about mislabeling videos and improper data use in targeted advertising. The case ...
DarkSpectre's Third Wave A New Browser Extension Threat
News
DarkSpectre’s Third Wave: A New Browser Extension Threat
Gabby Lee January 5, 2026
A new attack campaign codenamed DarkSpectre, attributed to a Chinese threat actor, has affected 2.2 million users across major web browsers. Leveraging two prior campaigns, ...
RondoDox Botnet Utilizes React2Shell Vulnerability to Infiltrate Servers
CVE Vulnerability Alerts
RondoDox Botnet Utilizes React2Shell Vulnerability to Infiltrate Servers
Andrew Doyle January 5, 2026
RondoDox is exploiting the React2Shell flaw in Next.js to gain remote code execution, deploy malware, and install cryptominers. The campaign highlights how unpatched web frameworks ...
New Variant of Shai Hulud Malware Found in npm Registry
Cybersecurity
New Variant of Shai Hulud Malware Found in npm Registry
Mitchell Langley January 5, 2026
Cybersecurity experts uncover a new Shai Hulud malware strain in the npm registry, stressing the importance of vigilant security practices within open-source ecosystems.
Firefox 149 Launches with a Built-In VPN for Better Privacy
Application Security
Firefox 149 Launches with a Built-In VPN for Better Privacy
Andrew Doyle March 25, 2026
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Cybersecurity
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Mitchell Langley March 25, 2026
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
News
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Andrew Doyle March 18, 2026
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Cybersecurity
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Mitchell Langley March 18, 2026

TOP CYBERSECURITY HEADLINES

Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Cybersecurity
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Cybersecurity
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Cybersecurity
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026 What Day 1 Revealed
Cybersecurity
Major Announcements from RSAC 2026: What Day 1 Revealed

This Week’s Security Spotlight

Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Cybersecurity
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Andrew Doyle March 13, 2026
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Andrew Doyle March 12, 2026
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Mitchell Langley March 12, 2026
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
More In News
Trending
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Targeted Phishing Attack Breaches Security Firm Executive
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Novakon Ignored Security Reports on ICS Weaknesses, Leaving 40,000+ Devices Exposed
September 19, 2025
Podcasts
RevengeHotels Cybercrime Group Adopts AI and VenomRAT in Hotel Credit Card Theft Campaign
September 19, 2025
Podcasts
ShadowLeak: Server-Side Data Theft Attack Discovered Against ChatGPT Deep Research
September 19, 2025

Cyber Security News

Cybercriminals Create Impersonated Oura MCP Server to Deploy StealC Info-Stealer
Cybersecurity
Cybercriminals Create Impersonated Oura MCP Server to Deploy StealC Info-Stealer
February 18, 2026
VulnCheck Secures $25 Million to Enhance Vulnerability Intelligence
Cybersecurity
VulnCheck Secures $25 Million to Enhance Vulnerability Intelligence
February 18, 2026
Notepad++ Bolsters Security With New Double-lock Update System
Application Security
Notepad++ Bolsters Security With New Double-lock Update System
February 18, 2026
AI Assistants as Covert C2 Tools Implications for Enterprise Security
Cybersecurity
AI Assistants as Covert C2 Tools: Implications for Enterprise Security
February 18, 2026
Unveiling the Extent of Leaked API Keys in Front-End Applications
Cybersecurity
Unveiling the Extent of Leaked API Keys in Front-End Applications
February 18, 2026
Microsoft Teams Service Outage Frustrates Users Worldwide
Application Security
Microsoft Teams Service Outage Frustrates Users Worldwide
February 18, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
January 5, 2026
In September 2025, a significant development in the realm of cyber threats emerged with the activities of a hacker group known as the “ShinyHunters” or ...
Trump Orders Emcore to Divest Chip Manufacturing Assets
January 5, 2026
President Trump's recent decision mandates Emcore Corp. to divest its computer chip operation, underscoring a calculated effort to protect U.S. security interests. This article examines ...
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
January 5, 2026
The French authorities have launched an investigation into AI-generated sexually explicit deepfakes that altered images of hundreds of women and teenagers. Utilizing an AI tool ...
Adobe ColdFusion Cyberattacks Surge During Holiday Period
January 5, 2026
GreyNoise detected a significant surge in attack attempts targeting Adobe ColdFusion vulnerabilities over Christmas 2025, revealing a coordinated effort exploiting multiple vulnerabilities in ColdFusion servers.
Phishing Campaign Targets Users with Google Cloud Application Exploitation
January 5, 2026
Recent phishing operations exploit Google Cloud Application Integration, sending fake Google emails that deceive users into trusting malicious messages.
Two US Cybersecurity Professionals Admit Guilt in Ransomware Schemes
January 5, 2026
Ryan Goldberg and Kevin Martin, two American cybersecurity professionals, have confessed to being affiliates of the notorious BlackCat/Alphv ransomware group. This revelation poses significant implications ...
Gavin Webb’s Role in the Takedown of LockBit Ransomware
January 5, 2026
Recognized for his exemplary public service, Gavin Webb spearheaded the strategic takedown of the notorious LockBit ransomware, marking a significant achievement in global cybersecurity efforts.
British Security Researcher Earns Australia’s Prestigious Visa for Vulnerability Discovery
January 5, 2026
British security analyst Jacob Riggs has achieved Australia's strictest, invite-only visa for exposure of a critical vulnerability in its government system.
Ongoing Cryptocurrency Thefts Linked to 2022 LastPass Breach
January 5, 2026
Blockchain investigation has revealed that recent cryptocurrency thefts are tied to the 2022 LastPass breach. Attackers laundered stolen funds through Russian exchanges, exploiting vulnerabilities exposed ...
Pickett and Associates Data Breach: Hacker Demands Bitcoin
January 5, 2026
A cybercriminal is selling stolen data from Pickett and Associates, impacting major utilities like Tampa Electric, Duke Energy, and American Electric Power.
Netflix Documentary Could Explore Crypto Crime: Part 2 Potential
January 5, 2026
Ilya Lichtenstein, linked to the 2016 Bitfinex bitcoin heist, has recently been released from prison after serving 14 months. Rumors suggest a Netflix documentary might ...
Covenant Health Ransomware Breach Impacts 478,000 Individuals Across Multiple States
January 5, 2026
In May 2025, a ransomware attack by the Qilin group on Covenant Health compromised sensitive data of over 478,000 individuals at the healthcare organization located ...
OFAC Lifts Sanctions on Individuals Linked to Predator Spyware Consortium
January 5, 2026
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) recently took a significant action by removing Merom Harpaz, Andrea Nicola Constantino Hermes ...
Disney Agrees to $10 Million Settlement for COPPA Violations
January 5, 2026
Disney has settled COPPA violation allegations with a $10 million penalty, addressing claims about mislabeling videos and improper data use in targeted advertising. The case ...
DarkSpectre’s Third Wave: A New Browser Extension Threat
January 5, 2026
A new attack campaign codenamed DarkSpectre, attributed to a Chinese threat actor, has affected 2.2 million users across major web browsers. Leveraging two prior campaigns, ...
RondoDox Botnet Utilizes React2Shell Vulnerability to Infiltrate Servers
January 5, 2026
RondoDox is exploiting the React2Shell flaw in Next.js to gain remote code execution, deploy malware, and install cryptominers. The campaign highlights how unpatched web frameworks ...
New Variant of Shai Hulud Malware Found in npm Registry
January 5, 2026
Cybersecurity experts uncover a new Shai Hulud malware strain in the npm registry, stressing the importance of vigilant security practices within open-source ecosystems.
Unleash Protocol Experiences a $3.9 Million Cryptocurrency Loss
January 5, 2026
Unleash Protocol has incurred a $3.9 million loss in cryptocurrency following an unauthorized contract upgrade that enabled asset withdrawals, exposing vulnerabilities within decentralized systems.
IBM Discloses Critical Security Vulnerability in API Connect
January 5, 2026
IBM has identified a critical vulnerability in its API Connect software, CVE-2025-13915, which allows attackers to bypass authentication and gain remote access. With a CVSS ...
European Space Agency Confirms Breach Impacting Servers with Unclassified Engineering Data
December 31, 2025
The European Space Agency disclosed a breach affecting external servers. These systems held unclassified engineering project data, raising concerns about data security in isolated networks.
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026: What Day 1 Revealed
QualDerm Partners Data Breach Hits Over 3.1 Million People
Cryptocurrency Threats via Phishing Campaign Targeting French-Speaking Corporations
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Gartner Publishes Its First Market Guide for Guardian Agents
TeamPCP Strikes Again, This Time Targeting the Python Package litellm
Software Supply Chains Are the New Frontline for Cyber Risk
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud