Main Menu
Cyber Security
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
Russian Ransomware Operator Admits Guilt in U.S. Court
Meta’s Smart Glasses Face Privacy Investigation in Britain
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
HungerRush POS Platform Targeted in Data Extortion Scheme
Fake OpenClaw Installers on GitHub Are Stealing User Data
Coruna iOS Exploits Target Apple Devices in Espionage and Financial Attacks
FBI Seizes LeakBase and Disrupts a Major Cybercrime Forum
Zurich Forms Cyber Insurance Powerhouse with $11 Billion Beazley Acquisition
Retaliatory Hacktivism Escalates Amid Epic Fury and Roaring Lion Military Operations
University of Mississippi Medical Center Resumes Operations After Nine-Day Ransomware Attack
LexisNexis Data Breach Claimed by Fulcrumsec Group
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX
Alabama Man Pleads Guilty to Cyberstalking and Extortion After Hijacking Hundreds of Women’s Accounts
Chrome’s Gemini Live Feature Left Users Exposed to Malicious Extensions
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
Criminals Exploit Dubai Crisis With Elaborate Fake Police Scheme
Russian APT28 Allegedly Exploited MSHTML Vulnerability Before Microsoft Patch
Madison Square Garden Cyber Incident Revealed Months Later
Samsung Reaches Settlement with Texas Over Smart TV Data Collection
Hackers Used Claude Code to Steal 150GB of Mexican Government Data
Netherlands Faces Its Biggest Data Breach as ShinyHunters Leaks Odido’s Full Customer Database
‘Sandworm_Mode’ Supply Chain Attack Hits the NPM Ecosystem
ICO Fines Reddit £14.47 Million for Failing to Protect Children’s Data
ShinyHunters Leak Exposes Millions of CarGurus User Records
Arrests in Nigeria Reveal Cyberattack Links to Raccoon0365 and Microsoft 365
Cybersecurity
Arrests in Nigeria Reveal Cyberattack Links to Raccoon0365 and Microsoft 365
Andrew Doyle December 22, 2025
Three individuals in Nigeria, targeting Microsoft 365 users via Raccoon0365, have been detained. Learn about the phishing-as-a-service method they used.
Newly Disclosed Vulnerability in WatchGuard Firebox Active Exploitation Underway
Application Security
Newly Disclosed Vulnerability in WatchGuard Firebox: Active Exploitation Underway
Gabby Lee December 22, 2025
A critical remote code execution flaw in WatchGuard's Firebox firewalls has come under active exploitation. Users are urged to implement the latest security measures to ...
Microsoft Teams Outage Affects Thousands of Users Trying to Send Messages
Application Security
Microsoft Teams Outage Affects Thousands of Users Trying to Send Messages
Mitchell Langley December 22, 2025
Microsoft Teams experienced a significant outage with thousands unable to send messages. Users faced delays and disruptions in communication, impacting productivity.
Thailand Conference Launches International Initiative to Fight Online Scams
Cybersecurity
Thailand Conference Launches International Initiative to Fight Online Scams
Gabby Lee December 22, 2025
The conference in Bangkok united cybersecurity experts and ASEAN members to combat online scams, focusing on technology, regulation, and partnerships.
Latest Charges Amplify Indictments Against Alleged Tren de Aragua Members
Cybersecurity
Latest Charges Amplify Indictments Against Alleged Tren de Aragua Members
Andrew Doyle December 22, 2025
A Venezuelan gang, labeled a ruthless terrorist organization by U.S. officials, faces charges for deploying malware on ATMs. This cyber attack strategy allowed the gang ...
Vulnerabilities in SonicWall Remote-Access Appliance Threaten Security
Cybersecurity
Vulnerabilities in SonicWall Remote-Access Appliance Threaten Security
Mitchell Langley December 22, 2025
SonicWall urges users to patch a critical zero-day vulnerability in its SMA 1000 remote-access appliance. This flaw allows attackers to escalate privileges and potentially seize ...
UEFI Vulnerability Exposes Major Motherboards to Early-Boot Attacks
Endpoint Security
UEFI Vulnerability Exposes Major Motherboards to Early-Boot Attacks
Gabby Lee December 22, 2025
A critical Unified Extensible Firmware Interface (UEFI) vulnerability has been identified in major motherboard brands like ASRock, Asus, Gigabyte, and MSI. This flaw potentially opens ...
NIS2 Directive Enhances Identity and Access Control Standards
Identity and Access Management
NIS2 Directive Enhances Identity and Access Control Standards
Andrew Doyle December 22, 2025
The NIS2 Directive places heightened emphasis on identity and access controls, turning weak passwords and inadequate authentication into compliance risks. Specops Software advises on aligning ...
Phishing Attacks by Operation ForumTroll in Russia A Closer Look at October 2025 Campaign
News
Phishing Attacks by Operation ForumTroll in Russia: A Closer Look at October 2025 Campaign
Mitchell Langley December 22, 2025
In October 2025, new phishing attacks by Operation ForumTroll targeted individuals within Russia, shifting focus from organizations previously attacked in spring.
NATO's Digital Backbone Efforts Winning the Information War
Cybersecurity
NATO’s Digital Backbone Efforts: Winning the Information War
Gabby Lee December 22, 2025
NATO focuses on developing sovereign cloud-based technologies to secure its operations. The alliance is in a race to build a robust digital infrastructure that can ...
Microsoft Folder Permission Changes Lead to Queue Failures and Erroneous Error Messages
Application Security
Microsoft Folder Permission Changes Lead to Queue Failures and Erroneous Error Messages
Andrew Doyle December 22, 2025
Microsoft’s recent update to folder permissions in older Windows versions has led to unexpected queue failures caused by the misleading error messages produced. Despite organizations ...
Russian Hackers Target UKR[.]net in Credential-Stealing Campaign
Cybersecurity
Russian Hackers Target UKR[.]net in Credential-Stealing Campaign
Andrew Doyle December 22, 2025
APT28, a Russian state-sponsored threat actor, has launched a persistent credential-harvesting operation against users of UK's UKR[.]net service. The activity was tracked by Recorded Future's ...
ByBit Hack Amplifies North Korean Crypto Theft Surge
Cybersecurity
ByBit Hack Amplifies North Korean Crypto Theft Surge
Gabby Lee December 22, 2025
North Korean hackers have escalated their cryptocurrency thefts, accumulating over $2 billion in 2025 alone. Recent attacks target platforms like ByBit, showcasing sophisticated techniques and ...
Law Enforcement Shuts Down E-Note Exchange for Money Laundering
Cybersecurity
Law Enforcement Shuts Down E-Note Exchange for Money Laundering
Andrew Doyle December 22, 2025
Law enforcement successfully seized E-Note cryptocurrency exchange servers and domains, suspected of laundering over $70 million for cybercriminals. Authorities believe E-Note was a key tool ...
LongNosedGoblin A New Threat from China Targets Southeast Asia and Japan
Cybersecurity
LongNosedGoblin: A New Threat from China Targets Southeast Asia and Japan
Andrew Doyle December 22, 2025
ESET reports the emergence of LongNosedGoblin, an uncharted threat targeting governmental bodies in Southeast Asia and Japan since September 2023. The group's focus is cyber ...
Sophisticated Cybercrime Campaign Targets VPN Vulnerabilities
Application Security
Sophisticated Cybercrime Campaign Targets VPN Vulnerabilities
Mitchell Langley December 22, 2025
Cybercriminals are exploiting vulnerabilities in VPN platforms such as Palo Alto Networks GlobalProtect and Cisco SSL VPN using automated campaigns. These attacks focus on credential-based ...
Study Finds Built-in Browsers Across Gadgets Often Ship Years Out of Date
Application Security
Study Finds Built-in Browsers Across Gadgets Often Ship Years Out of Date
Gabby Lee December 22, 2025
Devices like game consoles and cars often come with embedded browsers that do not receive frequent updates. This negligence can open doors to significant security ...
Data Breach at University of Sydney Reveals Sensitive Information
Data Security
Data Breach at University of Sydney Reveals Sensitive Information
Gabby Lee December 22, 2025
Hackers infiltrated the University of Sydney's online repository, compromising the personal information of staff and students. The breach underscores prevalent cybersecurity challenges in educational institutions, ...
Cryptocurrency Thieves Exploit AWS Mining Operations in Just Ten Minutes
Application Security
Cryptocurrency Thieves Exploit AWS: Mining Operations in Just Ten Minutes
Andrew Doyle December 22, 2025
Cryptocurrency thieves are exploiting stolen Amazon Web Services (AWS) account credentials to mine coins, using victims' Elastic Container Service (ECS) and Elastic Compute Cloud (EC2) ...
Surge in Illicit Activities Criminal Use of DIG AI on Tor Network Increases in Q4 2025
Cybersecurity
Surge in Illicit Activities: Criminal Use of DIG AI on Tor Network Increases in Q4 2025
Mitchell Langley December 22, 2025
Resecurity reports reveal a Q4 2025 surge in the use of DIG AI among cybercriminals on the Tor network. This development poses significant challenges to ...
Perplexity's Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Application Security
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Andrew Doyle March 6, 2026
Meta's Smart Glasses Face Privacy Investigation in Britain
Cybersecurity
Meta’s Smart Glasses Face Privacy Investigation in Britain
Gabby Lee March 6, 2026
Lazarus Group Expands Its Ransomware Arsenal with Medusa
News
Lazarus Group Expands Its Ransomware Arsenal with Medusa
Andrew Doyle February 25, 2026
Polish Authorities Detain Suspected Phobos Ransomware Operative
News
Polish Authorities Detain Suspected Phobos Ransomware Operative
Andrew Doyle February 18, 2026

TOP CYBERSECURITY HEADLINES

JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
Cybersecurity
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
Application Security
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
Cisco Catalyst SD-WAN Manager Faces Active Exploitation of New Vulnerabilities
CVE Vulnerability Alerts
Cisco Catalyst SD-WAN Manager Faces Active Exploitation of New Vulnerabilities
US Government Contractor's Son Charged with Cryptocurrency Theft from US Marshals Service
Cybersecurity
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service

This Week’s Security Spotlight

OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
CISA Faces Challenges With Limited Resources Amid DHS Shutdown
Cybersecurity
CISA Faces Challenges With Limited Resources Amid DHS Shutdown
Andrew Doyle February 17, 2026
Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
More In News
Trending
Law Enforcement Dismantles Tycoon2FA Phishing-as-a-Service Platform
Phishing Attack Masquerades as Google Security Page to Steal Sensitive Information
Optimizely Suffers a Data Breach Through a Voice Phishing Attack
Cybercriminals Exploit OAuth 2.0 Device Authorization Flow in Vishing Campaigns

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
WatchGuard Firebox Vulnerability Could Let Hackers Take Over Networks
September 19, 2025
Podcasts
How SystemBC’s 1,500 Infected VPS Servers Fuel Ransomware and Fraud
September 19, 2025
Podcasts
Tiffany & Co. Data Breach Exposes Gift Card Details of 2,500+ Customers
September 18, 2025

Cyber Security News

Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Cybersecurity
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
February 4, 2026
Malicious VS Code Extensions Spread GlassWorm Loader
Application Security
Malicious VS Code Extensions Spread GlassWorm Loader
February 4, 2026
Surge in Fake Investment Platforms Exploiting Social Media
Cybersecurity
Surge in Fake Investment Platforms Exploiting Social Media
February 4, 2026
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Cybersecurity
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
February 4, 2026
Identity Challenges in User Data Storage and Security Maintenance
Cybersecurity
Identity Challenges in User Data Storage and Security Maintenance
February 4, 2026
Microsoft's Strategy to Eliminate NTLM in Favor of Kerberos
Application Security
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
February 4, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Thailand Conference Launches International Initiative to Fight Online Scams
December 22, 2025
The conference in Bangkok united cybersecurity experts and ASEAN members to combat online scams, focusing on technology, regulation, and partnerships.
Latest Charges Amplify Indictments Against Alleged Tren de Aragua Members
December 22, 2025
A Venezuelan gang, labeled a ruthless terrorist organization by U.S. officials, faces charges for deploying malware on ATMs. This cyber attack strategy allowed the gang ...
Vulnerabilities in SonicWall Remote-Access Appliance Threaten Security
December 22, 2025
SonicWall urges users to patch a critical zero-day vulnerability in its SMA 1000 remote-access appliance. This flaw allows attackers to escalate privileges and potentially seize ...
UEFI Vulnerability Exposes Major Motherboards to Early-Boot Attacks
December 22, 2025
A critical Unified Extensible Firmware Interface (UEFI) vulnerability has been identified in major motherboard brands like ASRock, Asus, Gigabyte, and MSI. This flaw potentially opens ...
NIS2 Directive Enhances Identity and Access Control Standards
December 22, 2025
The NIS2 Directive places heightened emphasis on identity and access controls, turning weak passwords and inadequate authentication into compliance risks. Specops Software advises on aligning ...
Phishing Attacks by Operation ForumTroll in Russia: A Closer Look at October 2025 Campaign
December 22, 2025
In October 2025, new phishing attacks by Operation ForumTroll targeted individuals within Russia, shifting focus from organizations previously attacked in spring.
NATO’s Digital Backbone Efforts: Winning the Information War
December 22, 2025
NATO focuses on developing sovereign cloud-based technologies to secure its operations. The alliance is in a race to build a robust digital infrastructure that can ...
Microsoft Folder Permission Changes Lead to Queue Failures and Erroneous Error Messages
December 22, 2025
Microsoft’s recent update to folder permissions in older Windows versions has led to unexpected queue failures caused by the misleading error messages produced. Despite organizations ...
Russian Hackers Target UKR[.]net in Credential-Stealing Campaign
December 22, 2025
APT28, a Russian state-sponsored threat actor, has launched a persistent credential-harvesting operation against users of UK's UKR[.]net service. The activity was tracked by Recorded Future's ...
ByBit Hack Amplifies North Korean Crypto Theft Surge
December 22, 2025
North Korean hackers have escalated their cryptocurrency thefts, accumulating over $2 billion in 2025 alone. Recent attacks target platforms like ByBit, showcasing sophisticated techniques and ...
Law Enforcement Shuts Down E-Note Exchange for Money Laundering
December 22, 2025
Law enforcement successfully seized E-Note cryptocurrency exchange servers and domains, suspected of laundering over $70 million for cybercriminals. Authorities believe E-Note was a key tool ...
LongNosedGoblin: A New Threat from China Targets Southeast Asia and Japan
December 22, 2025
ESET reports the emergence of LongNosedGoblin, an uncharted threat targeting governmental bodies in Southeast Asia and Japan since September 2023. The group's focus is cyber ...
Sophisticated Cybercrime Campaign Targets VPN Vulnerabilities
December 22, 2025
Cybercriminals are exploiting vulnerabilities in VPN platforms such as Palo Alto Networks GlobalProtect and Cisco SSL VPN using automated campaigns. These attacks focus on credential-based ...
Study Finds Built-in Browsers Across Gadgets Often Ship Years Out of Date
December 22, 2025
Devices like game consoles and cars often come with embedded browsers that do not receive frequent updates. This negligence can open doors to significant security ...
Data Breach at University of Sydney Reveals Sensitive Information
December 22, 2025
Hackers infiltrated the University of Sydney's online repository, compromising the personal information of staff and students. The breach underscores prevalent cybersecurity challenges in educational institutions, ...
Cryptocurrency Thieves Exploit AWS: Mining Operations in Just Ten Minutes
December 22, 2025
Cryptocurrency thieves are exploiting stolen Amazon Web Services (AWS) account credentials to mine coins, using victims' Elastic Container Service (ECS) and Elastic Compute Cloud (EC2) ...
Surge in Illicit Activities: Criminal Use of DIG AI on Tor Network Increases in Q4 2025
December 22, 2025
Resecurity reports reveal a Q4 2025 surge in the use of DIG AI among cybercriminals on the Tor network. This development poses significant challenges to ...
GhostPairing Campaign Hijacks WhatsApp Accounts via Device-Linking Feature
December 22, 2025
Cybercriminals are exploiting WhatsApp's device-linking feature to hijack accounts, a campaign known as GhostPairing. This method involves abusing pairing codes to gain control over unsuspecting ...
FTC Demands Accountability in Illusory Systems Cybersecurity Breach Case
December 22, 2025
The FTC has proposed a settlement agreement requiring Illusory Systems to repay users for funds lost in a 2022 cyberattack. This regulatory action highlights increased ...
Clop Ransomware Gang Targets Gladinet CentreStack in Data Extortion Attack
December 19, 2025
The Clop ransomware group is targeting Gladinet CentreStack file servers, focusing on systems vulnerable due to internet exposure. This campaign jeopardizes data security, emphasizing the ...
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
Cisco Catalyst SD-WAN Manager Faces Active Exploitation of New Vulnerabilities
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Russian Ransomware Operator Admits Guilt in U.S. Court
Meta’s Smart Glasses Face Privacy Investigation in Britain
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure
HungerRush POS Platform Targeted in Data Extortion Scheme
Fake OpenClaw Installers on GitHub Are Stealing User Data
Coruna iOS Exploits Target Apple Devices in Espionage and Financial Attacks
FBI Seizes LeakBase and Disrupts a Major Cybercrime Forum
Zurich Forms Cyber Insurance Powerhouse with $11 Billion Beazley Acquisition
Retaliatory Hacktivism Escalates Amid Epic Fury and Roaring Lion Military Operations
University of Mississippi Medical Center Resumes Operations After Nine-Day Ransomware Attack
Phishing Warnings as LastPass Users Get Targeted by Fake Alerts
Law Enforcement Dismantles Tycoon2FA Phishing-as-a-Service Platform
LexisNexis Data Breach Claimed by Fulcrumsec Group
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX