Main Menu
Cyber Security
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026: What Day 1 Revealed
QualDerm Partners Data Breach Hits Over 3.1 Million People
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Gartner Publishes Its First Market Guide for Guardian Agents
Software Supply Chains Are the New Frontline for Cyber Risk
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Tech Giants Invest $12.5 Million in Open Source Software Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Stryker’s Internal Microsoft Environment Was Breached Last Week
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
How AI Is Making Financial Fraud 4.5 Times More Profitable
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
FBI Seeks Gamer Help in Steam Malware Investigation
Shadow AI Is Quietly Spreading Across SaaS Environments
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
Unleash Protocol Experiences a $3.9 Million Cryptocurrency Loss
Cybersecurity
Unleash Protocol Experiences a $3.9 Million Cryptocurrency Loss
Gabby Lee January 5, 2026
Unleash Protocol has incurred a $3.9 million loss in cryptocurrency following an unauthorized contract upgrade that enabled asset withdrawals, exposing vulnerabilities within decentralized systems.
IBM Discloses Critical Security Vulnerability in API Connect
CVE Vulnerability Alerts
IBM Discloses Critical Security Vulnerability in API Connect
Andrew Doyle January 5, 2026
IBM has identified a critical vulnerability in its API Connect software, CVE-2025-13915, which allows attackers to bypass authentication and gain remote access. With a CVSS ...
European Space Agency Confirms Breach Impacting Servers with Unclassified Engineering Data
Endpoint Security
European Space Agency Confirms Breach Impacting Servers with Unclassified Engineering Data
Gabby Lee December 31, 2025
The European Space Agency disclosed a breach affecting external servers. These systems held unclassified engineering project data, raising concerns about data security in isolated networks.
BlackCat Ransomware Campaign Culminates in Guilty Pleas from Ex-Employees
News
BlackCat Ransomware Campaign Culminates in Guilty Pleas from Ex-Employees
Mitchell Langley December 31, 2025
Ex-Sygnia and DigitalMint employees confessed to deploying BlackCat ransomware against U.S. companies in 2023, using their insider knowledge for malicious aims.
'Zoom Stealer' Puts Millions at Risk via Web Extensions on Major Browsers
Application Security
‘Zoom Stealer’ Puts Millions at Risk via Web Extensions on Major Browsers
Andrew Doyle December 31, 2025
Over 2.2 million Chrome, Firefox, and Edge users are compromised by 'Zoom Stealer', a campaign targeting online meeting data via malicious extensions.
Critical Vulnerability in SmarterTools SmarterMail Poses Severe Cybersecurity Risk
Application Security
Critical Vulnerability in SmarterTools SmarterMail Poses Severe Cybersecurity Risk
Andrew Doyle December 31, 2025
The Cyber Security Agency of Singapore warns of a dangerous remote code execution vulnerability in SmarterTools SmarterMail, CVE-2025-52691, with a CVSS score of 10.0.
CISA Orders Federal Agencies to Patch Critical MongoDB Vulnerability Called MongoBleed
Application Security
CISA Orders Federal Agencies to Patch Critical MongoDB Vulnerability Called MongoBleed
Mitchell Langley December 31, 2025
A vulnerability in MongoDB, known as MongoBleed, is actively exploited, prompting CISA to direct U.S. federal agencies to patch this critical flaw. This vulnerability could ...
Silver Fox Exploits Tax Lures in India to Spread ValleyRAT
News
Silver Fox Exploits Tax Lures in India to Spread ValleyRAT
Gabby Lee December 31, 2025
Silver Fox targets India, using tax-themed phishing to spread ValleyRAT, including DLL hijacking in attacks.
A Record Year Cybersecurity Acquisitions in 2025 Surpass $84 Billion
Cybersecurity
A Record Year: Cybersecurity Acquisitions in 2025 Surpass $84 Billion
Andrew Doyle December 31, 2025
A remarkable year in cybersecurity M&A, 2025 saw total disclosed deals exceeding $84 billion. Eight significant acquisitions surpassed the $1 billion mark, representing a notable ...
How Artificial Intelligence is Being Integrated into Security Operations
Cybersecurity
How Artificial Intelligence is Being Integrated into Security Operations
Mitchell Langley December 31, 2025
As AI becomes a fixture in Security Operations Centers (SOCs), aligning its role with operational processes remains a challenge, affecting its effective deployment and value ...
Mustang Panda’s Novel Kernel-Mode Rootkit Used in Mid-2025 Cyber Attack Analysis
Application Security
Mustang Panda’s Novel Kernel-Mode Rootkit Used in Mid-2025 Cyber Attack Analysis
Gabby Lee December 31, 2025
Mustang Panda leverages a kernel-mode rootkit and a new TONESHELL backdoor variant in a mid-2025 cyber attack on an Asian entity, as reported by Kaspersky.
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
Cybersecurity
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
Gabby Lee December 29, 2025
Coupang addresses a data breach affecting 33.7 million users by issuing $1.17 billion in vouchers, aiming to restore trust and mitigate the breach impacts.
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
CVE Vulnerability Alerts
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
Mitchell Langley December 29, 2025
Fortinet has flagged a resurgence in the exploitation of CVE-2020-12812, a vulnerability in FortiOS that allows attackers to bypass two-factor authentication. This poses significant risks ...
Lovely Extortion Group Claims Massive Data Breach at Conde Nast
News
Lovely Extortion Group Claims Massive Data Breach at Conde Nast
Gabby Lee December 29, 2025
The extortion threat to Conde Nast by the criminal group, Lovely, emphasizes the vulnerability of major publishers to cyberattacks. Lovely claims to have unauthorized access ...
Ransomware Attack Disrupts Operations at Romania's Oltenia Energy Complex During Christmas
Cybersecurity
Ransomware Attack Disrupts Operations at Romania’s Oltenia Energy Complex During Christmas
Andrew Doyle December 29, 2025
Oltenia Energy Complex, Romania's primary coal-based energy producer, faced a ransomware attack on the second day of Christmas, severely impacting its IT infrastructure and highlighting ...
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
Cybersecurity
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
Gabby Lee December 29, 2025
OWASP introduces vulnerabilities impacting AI systems, emphasizing agent tool attacks. Koi Security's assessments illustrate real incidents linked to this list.
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Data Security
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Mitchell Langley December 29, 2025
Korean Air encountered a significant data security breach affecting thousands of employees following an attack on its supplier, Korean Air Catering & Duty-Free, leading to ...
Why Cybersecurity Is Critical to Vendor Risk Management
Blog
Why Cybersecurity is Critical to Vendor Risk Management
Gabby Lee December 29, 2025
As organizations rely more on third-party vendors, cybersecurity has become central to vendor risk management. Understanding evolving supply-chain threats, assessing vendor security posture, and implementing ...
Sax Accounting Firm's Year-long Investigation Exposes Data Breach Affecting 220,000
Information Security
Sax Accounting Firm’s Year-long Investigation Exposes Data Breach Affecting 220,000
Gabby Lee December 29, 2025
Sax, a major US accounting firm, has disclosed a data breach affecting over 220,000 clients, revealing vulnerabilities in their data security systems after a protracted ...
Arrest Linked to KMSAuto Malware Campaign That Hit 2.8 Million Systems
Cybersecurity
Arrest Linked to KMSAuto Malware Campaign That Hit 2.8 Million Systems
Andrew Doyle December 29, 2025
Authorities arrest a Lithuanian individual suspected of deploying clipboard-stealer malware through KMSAuto, impacting 2.8 million computers. The tool, camouflaged as a utility for unauthorized Windows ...
Firefox 149 Launches with a Built-In VPN for Better Privacy
Application Security
Firefox 149 Launches with a Built-In VPN for Better Privacy
Andrew Doyle March 25, 2026
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Cybersecurity
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Mitchell Langley March 25, 2026
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
News
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Andrew Doyle March 18, 2026
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Cybersecurity
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Mitchell Langley March 18, 2026

TOP CYBERSECURITY HEADLINES

Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Cybersecurity
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Cybersecurity
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Cybersecurity
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026 What Day 1 Revealed
Cybersecurity
Major Announcements from RSAC 2026: What Day 1 Revealed

This Week’s Security Spotlight

Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Cybersecurity
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Andrew Doyle March 13, 2026
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Andrew Doyle March 12, 2026
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Mitchell Langley March 12, 2026
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
More In News
Trending
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Targeted Phishing Attack Breaches Security Firm Executive
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
WatchGuard Firebox Vulnerability Could Let Hackers Take Over Networks
September 19, 2025
Podcasts
How SystemBC’s 1,500 Infected VPS Servers Fuel Ransomware and Fraud
September 19, 2025
Podcasts
Tiffany & Co. Data Breach Exposes Gift Card Details of 2,500+ Customers
September 18, 2025

Cyber Security News

Millions of Eurail User Records at Stake as Hackers Threaten Sale
Cybersecurity
Millions of Eurail User Records at Stake as Hackers Threaten Sale
February 18, 2026
Rise in API Exploitation Driven by Weak Security and Enhanced AI Capabilities
Cybersecurity
Rise in API Exploitation Driven by Weak Security and Enhanced AI Capabilities
February 18, 2026
Allegations of Data Violations by Lenovo US Law Firm Raises Concerns
Cybersecurity
Allegations of Data Violations by Lenovo: US Law Firm Raises Concerns
February 18, 2026
New Android Malware Identified in Device Firmware Raising Alarms
Cybersecurity
New Android Malware Identified in Device Firmware Raising Alarms
February 18, 2026
Italian University Struggles With Disruption After Cyberattack
Cybersecurity
Italian University Struggles With Disruption After Cyberattack
February 17, 2026
DKnife Toolkit A Persistent Threat to Network Security
Cybersecurity
DKnife Toolkit: A Persistent Threat to Network Security
February 17, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
BlackCat Ransomware Campaign Culminates in Guilty Pleas from Ex-Employees
December 31, 2025
Ex-Sygnia and DigitalMint employees confessed to deploying BlackCat ransomware against U.S. companies in 2023, using their insider knowledge for malicious aims.
‘Zoom Stealer’ Puts Millions at Risk via Web Extensions on Major Browsers
December 31, 2025
Over 2.2 million Chrome, Firefox, and Edge users are compromised by 'Zoom Stealer', a campaign targeting online meeting data via malicious extensions.
Critical Vulnerability in SmarterTools SmarterMail Poses Severe Cybersecurity Risk
December 31, 2025
The Cyber Security Agency of Singapore warns of a dangerous remote code execution vulnerability in SmarterTools SmarterMail, CVE-2025-52691, with a CVSS score of 10.0.
CISA Orders Federal Agencies to Patch Critical MongoDB Vulnerability Called MongoBleed
December 31, 2025
A vulnerability in MongoDB, known as MongoBleed, is actively exploited, prompting CISA to direct U.S. federal agencies to patch this critical flaw. This vulnerability could ...
Silver Fox Exploits Tax Lures in India to Spread ValleyRAT
December 31, 2025
Silver Fox targets India, using tax-themed phishing to spread ValleyRAT, including DLL hijacking in attacks.
A Record Year: Cybersecurity Acquisitions in 2025 Surpass $84 Billion
December 31, 2025
A remarkable year in cybersecurity M&A, 2025 saw total disclosed deals exceeding $84 billion. Eight significant acquisitions surpassed the $1 billion mark, representing a notable ...
How Artificial Intelligence is Being Integrated into Security Operations
December 31, 2025
As AI becomes a fixture in Security Operations Centers (SOCs), aligning its role with operational processes remains a challenge, affecting its effective deployment and value ...
Mustang Panda’s Novel Kernel-Mode Rootkit Used in Mid-2025 Cyber Attack Analysis
December 31, 2025
Mustang Panda leverages a kernel-mode rootkit and a new TONESHELL backdoor variant in a mid-2025 cyber attack on an Asian entity, as reported by Kaspersky.
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
December 29, 2025
Coupang addresses a data breach affecting 33.7 million users by issuing $1.17 billion in vouchers, aiming to restore trust and mitigate the breach impacts.
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
December 29, 2025
Fortinet has flagged a resurgence in the exploitation of CVE-2020-12812, a vulnerability in FortiOS that allows attackers to bypass two-factor authentication. This poses significant risks ...
Lovely Extortion Group Claims Massive Data Breach at Conde Nast
December 29, 2025
The extortion threat to Conde Nast by the criminal group, Lovely, emphasizes the vulnerability of major publishers to cyberattacks. Lovely claims to have unauthorized access ...
Ransomware Attack Disrupts Operations at Romania’s Oltenia Energy Complex During Christmas
December 29, 2025
Oltenia Energy Complex, Romania's primary coal-based energy producer, faced a ransomware attack on the second day of Christmas, severely impacting its IT infrastructure and highlighting ...
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
December 29, 2025
OWASP introduces vulnerabilities impacting AI systems, emphasizing agent tool attacks. Koi Security's assessments illustrate real incidents linked to this list.
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
December 29, 2025
Korean Air encountered a significant data security breach affecting thousands of employees following an attack on its supplier, Korean Air Catering & Duty-Free, leading to ...
Why Cybersecurity is Critical to Vendor Risk Management
December 29, 2025
As organizations rely more on third-party vendors, cybersecurity has become central to vendor risk management. Understanding evolving supply-chain threats, assessing vendor security posture, and implementing ...
Sax Accounting Firm’s Year-long Investigation Exposes Data Breach Affecting 220,000
December 29, 2025
Sax, a major US accounting firm, has disclosed a data breach affecting over 220,000 clients, revealing vulnerabilities in their data security systems after a protracted ...
Arrest Linked to KMSAuto Malware Campaign That Hit 2.8 Million Systems
December 29, 2025
Authorities arrest a Lithuanian individual suspected of deploying clipboard-stealer malware through KMSAuto, impacting 2.8 million computers. The tool, camouflaged as a utility for unauthorized Windows ...
Trust Wallet Compromise Results in $7 Million Loss from Crypto Accounts
December 29, 2025
Trust Wallet users suffer a $7M loss after a targeted attack on the browser extension impacts 3,000 crypto addresses just before Christmas.
Ex-Coinbase Support Agent in India Arrested for Involvement in Data Theft
December 29, 2025
A former Coinbase agent in India was detained for aiding hackers to infiltrate company databases, allowing unlawful access to sensitive client data.
Spotify Disables User Accounts to Combat Massive Data Scraping
December 29, 2025
Spotify took action against data scraping by deactivating accounts after Anna’s Archive released data on 86 million songs from its platform.
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026: What Day 1 Revealed
QualDerm Partners Data Breach Hits Over 3.1 Million People
Cryptocurrency Threats via Phishing Campaign Targeting French-Speaking Corporations
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Gartner Publishes Its First Market Guide for Guardian Agents
TeamPCP Strikes Again, This Time Targeting the Python Package litellm
Software Supply Chains Are the New Frontline for Cyber Risk
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud