Main Menu
Cyber Security
PromptLock Ransomware Uses AI to Encrypt and Steal Data
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
Auchan Notifies Customers After Loyalty Account Data Exposure in Cyberattack
Critical Docker Desktop SSRF Vulnerability Compromises Hosts Using Containers
CISA Warns of Actively Exploited Git Arbitrary Code Execution Vulnerability
Coordinated Scans Surged Targeting Microsoft RDP Auth Servers
Citrix Fixes NetScaler RCE Flaw Exploited in Zero-Day Attacks
MathWorks Data Breach Exposes 10,000 Users in a Ransomware Attack
Thousands of Grok AI Chats Leaked, Transcripts Indexed Publicly
Murky Panda Exploits Cloud Trust to Breach Customers in Supply Chain Attacks
Salesloft Breach Exposes OAuth Tokens Used in Salesforce Data-Theft Campaign
Discord Message-Scraping Service Claims Access to 1.8 Billion Messages
Silk Typhoon Hackers Hijack Captive Portals to Deliver PlugX Backdoor
Farmers Insurance Data Breach Impacts 1.1 Million Customers in Salesforce Cyberattack
AI Summary Injection Turns Summaries into Malware Delivery
Nissan Confirms Data Breach at Creative Box After Qilin Ransomware Attack
Australia Faces Rising Wave of AI-Driven Cyber Threats in 2025
Arizona Seeks $10M to Bolster Election Cybersecurity: Post-Attack Response Plan
Microsoft Patches Teams Vulnerability: Critical Fix Against Remote Code Risks
Apple Patches Zero-Day Exploit: Immediate Fix for CVE-2025-43300 Threat
Google to Verify Android Developers: A New Era in App Security Emerges
Okta Raises Annual Forecasts Amid Surging Demand for Cybersecurity Tools
The Dual Role of AI in Cybersecurity: Weapon and Shield
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
Nevada State Offices Shut Down Amid Major Network Security Incident
Android Malware Masquerades as FSB Antivirus To Spy on Russian Business Executives
Orange Suffers Data Breach Affecting 850k Customers
Michigan Health System Hack Exposes Patients’ Lab Results in Healthcare Data Breach
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
News
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
Andrew Doyle May 19, 2025
A cyberattack on the UK’s Legal Aid Agency exposed personal, financial, and criminal data of applicants dating back to 2010, prompting a full shutdown of ...
Ransomware Gangs Exploit SAP NetWeaver Vulnerability in Ongoing Global Attacks
News
Ransomware Gangs Exploit SAP NetWeaver Vulnerability in Ongoing Global Attacks
Mitchell Langley May 16, 2025
Ransomware groups RansomEXX and BianLian have joined global threat actors exploiting a critical SAP NetWeaver vulnerability, risking full remote system compromise for unpatched servers.
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
News
OpenAI Testing Model Context Protocol Integration for ChatGPT
Andrew Doyle May 16, 2025
OpenAI is testing Model Context Protocol support in ChatGPT, allowing secure access to third-party tools and enterprise platforms for more powerful, contextual task handling.
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
News
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
Mitchell Langley May 16, 2025
Russian-linked hackers exploited XSS flaws in Roundcube, Zimbra, and others to steal government emails globally through a no-click attack dubbed the RoundPress campaign.
North Korean Hackers TA406 Target Ukraine to Gauge Russia's Military Demands
News
North Korean Hackers TA406 Target Ukraine to Gauge Russia’s Military Demands
Mitchell Langley May 15, 2025
North Korean hackers TA406 target Ukrainian government entities to assess Russia’s war demands, using phishing, PowerShell malware, and credential theft to inform DPRK military strategy. ...
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
News
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
Mitchell Langley May 15, 2025
Bank Street College of Education exposed 500,000+ personal files via a misconfigured AWS bucket, including resumes and contact details. Risk of phishing and ID fraud ...
Dior Confirms Data Breach Exposing Chinese Customer Information
News
Dior Confirms Data Breach Exposing Chinese Customer Information
Mitchell Langley May 15, 2025
Christian Dior confirms a customer data breach affecting Chinese users. Names, contacts, and shopping data were leaked; no financial details were compromised. Investigation ongoing.
Nucor Shuts Down Production Lines Following Cybersecurity Incident
News
Nucor Shuts Down Production Lines Following Cybersecurity Incident
Mitchell Langley May 15, 2025
Nucor Corporation has shut down select production operations following a cybersecurity incident that compromised internal systems. The company is investigating and restoring operations.
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
News
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
Mitchell Langley May 15, 2025
Hackers are selling 89 million Steam user records in an apparent supply chain breach involving vendor access. Valve denies a direct Steam breach but continues ...
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
News
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
Andrew Doyle May 15, 2025
HireClick leaked over 5.7 million resume files after leaving an AWS bucket unsecured. The data exposure poses significant risks of fraud, phishing, and identity theft. ...
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
News
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
Andrew Doyle May 15, 2025
Valve denies claims of a Steam data breach, stating leaked data consists of expired SMS codes with no account credentials, passwords, or personal information.
Memphis-Shelby County Schools Joins Growing Lawsuit Against PowerSchool After Data Breach
News
Memphis-Shelby County Schools Joins Growing Lawsuit Against PowerSchool After Data Breach
Andrew Doyle May 15, 2025
Tennessee’s largest school district has filed a federal lawsuit against PowerSchool, citing breach of contract and security failures linked to a December 2023 data breach. ...
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
News
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
Andrew Doyle May 14, 2025
Russian-aligned ransomware group DragonForce hit UK retailer Co-op, exposing customer data and disrupting operations, in a hybrid cyberattack blending financial and geopolitical motives.
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
News
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
Andrew Doyle May 14, 2025
The EU launches its own vulnerability database (EUVD) to strengthen cybersecurity, reduce reliance on CVE, and ensure greater digital sovereignty across European infrastructure.
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
News
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
Mitchell Langley May 14, 2025
Twilio denies breach after leaked Steam 2FA codes appear online. Experts suspect a third-party SMS provider may be the source of the data exposure.
M&S Confirms Customer Data Breach Following Cyberattack
News
M&S Confirms Customer Data Breach Following Cyberattack
Mitchell Langley May 13, 2025
M&S confirms a customer data breach exposing contact details and order history after a cyberattack, but reassures no payment data or passwords were compromised.
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
News
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Mitchell Langley May 13, 2025
Broadcom patches a critical VMware Tools vulnerability that allows attackers with limited VM access to tamper with files. Affects Windows, Linux, and open-vm-tools versions.
Thousands of Node Developers Compromised by Malware in Popular npm Packages
News
Thousands of Node Developers Compromised by Malware in Popular npm Packages
Andrew Doyle May 13, 2025
A sophisticated supply chain attack on npm injected malware into widely used packages, exposing thousands of developers to remote access trojans, data theft, and backdoors. ...
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
News
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Mitchell Langley May 13, 2025
A Türkiye-linked cyberespionage group exploited a zero-day in Output Messenger, enabling access to sensitive data and communications in targeted attacks on Kurdish-aligned users.
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
News
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
Andrew Doyle May 13, 2025
A Moldovan suspect has been arrested for a 2021 DoppelPaymer ransomware attack that crippled Dutch research systems and caused €4.5 million in damages.
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
Cybersecurity
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
Gabby Lee August 28, 2025
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Cybersecurity
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Andrew Doyle August 28, 2025
Inotiv Ransomware Attack Disrupts Operations After Qilin Claims 176GB Data Theft
News
Inotiv Ransomware Attack Disrupts Operations After Qilin Claims 176GB Data Theft
Gabby Lee August 19, 2025
U.S. Seizes 1M in Cryptocurrency from BlackSuit Ransomware Gang
News
U.S. Seizes $1M in Cryptocurrency from BlackSuit Ransomware Gang
Gabby Lee August 18, 2025

TOP CYBERSECURITY HEADLINES

PromptLock Ransomware Uses AI to Encrypt and Steal Data
Cybersecurity
PromptLock Ransomware Uses AI to Encrypt and Steal Data
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Application Security
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
Cybersecurity
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
Cybersecurity
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems

This Week’s Security Spotlight

PromptLock Ransomware Uses AI to Encrypt and Steal Data
Cybersecurity
PromptLock Ransomware Uses AI to Encrypt and Steal Data
Gabby Lee August 28, 2025
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
Cybersecurity
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
Mitchell Langley August 26, 2025
Gmail Breach Exposes 2.5 Billion Accounts in Social Engineering Attack
Cybersecurity
Gmail Breach Exposes 2.5 Billion Accounts in Social Engineering Attack
Andrew Doyle August 25, 2025
Researcher Harvests 270k Employee Records Exploiting Intel Flaw
Cybersecurity
Researcher Harvests 270k Employee Records Exploiting Intel Flaw
Mitchell Langley August 19, 2025
More In News
Trending
Darcula PhaaS 3.0 Auto-Generates Phishing Kits for Any Brand
Sophisticated Gmail Attacks Target Users: FBI Issues “Do Not Click” Alert
This Facebook Phishing Attack Could Steal EVERYTHING!
What is a Whaling Phishing Attack?

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Promptfoo Secures $18.4M to Combat AI Security Threats in Generative AI
July 30, 2025
Podcasts
1.1 Million Private Messages Leaked: Inside the Tea App Privacy Disaster
July 29, 2025
Podcasts
Job Scams, Corporate Espionage, and Digital Deception: Inside the Deepfake Crisis
July 29, 2025

Cyber Security News

Outsourcing Cybersecurity Could Save Your Company Millions – Here's How-
Blog
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
March 6, 2025
CISA Warns of Craft CMS Code Injection Flaw
Cybersecurity
CISA Warns of Craft CMS Code Injection Flaw
February 24, 2025
Top Cyber Threats Facing Enterprise Businesses in 2025 A Comprehensive Guide
Blog
Top Cyber Threats Facing Enterprise Businesses in 2025: A Comprehensive Guide
February 13, 2025
State-Sponsored Hackers Abuse Google's Gemini AI for Attacks
Cybersecurity
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
February 4, 2025
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
Cybersecurity
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
January 29, 2025
List of 15 Networking Certifications by Security Vendors to Supercharge Your Career in 2025
Blog
Top 15 Networking Certifications to Supercharge Your Career in 2025
January 22, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Detection Tools
Two Healthcare Data Breaches Expose Over 220,000 Records at Mainline Health and Select Medical
June 25, 2025
Mainline Health and Select Medical Holdings have disclosed separate data breaches impacting more than 220,000 individuals, with ransomware and third-party compromise behind the incidents.
New Spear Phishing Campaign Targets Financial Executives Using Legitimate Remote Access Tools
June 25, 2025
A sophisticated spear phishing campaign is targeting CFOs and finance leaders worldwide, using legitimate tools like NetBird and OpenSSH to quietly breach enterprise networks.
The Siemens-Microsoft Antivirus Dilemma Threatening OT Security
June 25, 2025
This episode examines a serious conflict between Siemens’ Simatic PCS industrial control systems and Microsoft Defender Antivirus. The absence of an “alert only” mode in ...
Prometei Botnet’s Global Surge: A Threat to Linux and Windows Systems Alike
June 25, 2025
Prometei is one of the most persistent and sophisticated botnet threats in circulation today. First identified in 2020—and active since at least 2016—this modular malware ...
UK Government Warns of £1.6 Million in Ticket Scams Ahead of Glastonbury Festival
June 25, 2025
Concertgoers in the UK have lost over £1.6 million to ticket fraud in 2024, prompting urgent warnings from the government as festival season begins.
Patient Trust on the Line: The Fallout from McLaren Health Care’s 2024 Breach
June 24, 2025
In this episode, we dive into the 2024 McLaren Health Care data breach that compromised the sensitive information of over 743,000 individuals—just one year after ...
170K-Record Database Exposes Unencrypted PII from Real Estate Sector
June 24, 2025
A misconfigured database tied to a U.S. real estate firm exposed 170,000 records of sensitive personal and internal data, including Social Security numbers and employment ...
NeuralTrust’s Echo Chamber: The AI Jailbreak That Slipped Through the Cracks
June 24, 2025
This podcast dives deep into one of the most pressing vulnerabilities in modern AI — the rise of sophisticated “jailbreaking” attacks against large language models ...
AT&T, Verizon, and Beyond: How Salt Typhoon Targets Global Telcos
June 24, 2025
In this episode, we dive deep into the alarming revelations about Salt Typhoon—a Chinese state-sponsored advanced persistent threat (APT) actor, also known as RedMike, Earth ...
Anubis Ransomware: A Destructive, Cross-Platform Threat
June 24, 2025
Anubis ransomware combines encryption and file-wiping capabilities, targeting Windows, Linux, and NAS systems with stealthy command-line execution and affiliate-driven campaigns across multiple industries.
Fake Microsoft, Netflix, & Apple Support: The Scam Lurking in Google Search
June 24, 2025
In this eye-opening episode, we break down a sophisticated new trend in tech support scams (TSS) that’s catching even the most cautious users off guard. ...
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
June 24, 2025
Nucor, North America’s largest steel producer, has confirmed data theft following a cybersecurity breach that temporarily disrupted operations and forced system shutdowns.
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
June 24, 2025
Canada confirms a state-sponsored breach in its telecom sector, where Salt Typhoon exploited an unpatched Cisco vulnerability to compromise devices and reroute sensitive network traffic. ...
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
June 24, 2025
Russian state-sponsored hackers targeted a critic of the Kremlin using a novel social engineering tactic that tricked the victim into bypassing multi-factor authentication protections.
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
June 24, 2025
A massive breach has exposed 16 billion login credentials, potentially affecting services like Facebook, Google, and Apple. This fresh infostealer data opens the door to ...
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
June 24, 2025
Russian threat group APT28 is using Signal messages to deliver new malware—BeardShell and SlimAgent—targeting Ukrainian government entities through sophisticated phishing and loader tactics.
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
June 24, 2025
Anubis ransomware group claims to hold 64GB of Disneyland Paris data, including engineering plans and behind-the-scenes content, though the source and sensitivity remain unclear.
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
June 24, 2025
Oxford City Council has confirmed a cybersecurity breach involving legacy systems, exposing election worker data from 2001 to 2022 after detecting unauthorized access to its ...
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
June 24, 2025
McLaren Health Care has suffered a major data breach, exposing sensitive personal and medical data of 743,000 individuals, following a history of ransomware incidents.
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
June 24, 2025
Insurance giant Aflac has confirmed a breach involving sensitive personal and health data, part of a broader wave of attacks linked to the Scattered Spider ...
AI-Powered Polymorphic Phishing: The New Era of Social Engineering
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Healthcare Services Group Data Breach Impacts 624,000 Individuals After 2024 Network Intrusion
PromptLock Ransomware Uses AI to Encrypt and Steal Data
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
Salesforce Breach: How OAuth Token Theft Exposed Hundreds of Organizations
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
Auchan Notifies Customers After Loyalty Account Data Exposure in Cyberattack
Critical Docker Desktop SSRF Vulnerability Compromises Hosts Using Containers
CISA Warns of Actively Exploited Git Arbitrary Code Execution Vulnerability
Coordinated Scans Surged Targeting Microsoft RDP Auth Servers
Citrix Fixes NetScaler RCE Flaw Exploited in Zero-Day Attacks
MathWorks Data Breach Exposes 10,000 Users in a Ransomware Attack
Thousands of Grok AI Chats Leaked, Transcripts Indexed Publicly
Murky Panda Exploits Cloud Trust to Breach Customers in Supply Chain Attacks
Salesloft Breach Exposes OAuth Tokens Used in Salesforce Data-Theft Campaign
Discord Message-Scraping Service Claims Access to 1.8 Billion Messages
Silk Typhoon Hackers Hijack Captive Portals to Deliver PlugX Backdoor