Main Menu
Cyber Security
The Role of a Cyber Security Specialist in Building Cyber Resilience and Modern Defense Strategies
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
Why External Attack Surface Management Belongs at the Core of Your Cybersecurity Strategy
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
New York Sues Allstate and National General Over Data Breaches
News
New York Sues Allstate and National General Over Data Breaches
Mitchell Langley March 11, 2025
New York sues Allstate and National General for failing to protect consumer data, resulting in two major data breaches exposing thousands of driver's license numbers.
Cl0p Ransomware Published Rackspace Files on Leak Site
News
Cl0p Ransomware Published Rackspace Files on Leak Site
Andrew Doyle March 11, 2025
Cl0p ransomware publishes Rackspace files after ignored demands, exposing hundreds of Cleo victims. This data breach highlights the ongoing threat to enterprise and cloud security.
WordPress Vulnerability Expolited to Hack Moroccan Data Protection Authority Website
News
WordPress Vulnerability Expolited to Hack Moroccan Data Protection Authority Website
Andrew Doyle March 11, 2025
Morocco's data protection authority website suffered a WordPress plugin vulnerability exploit, resulting in reputational damage despite no sensitive data loss.
NBA and NASCAR Accounts on X Hacked to Promote Cryptocurrency Scams
News
NBA and NASCAR Accounts on X Hacked to Promote Cryptocurrency Scams
Andrew Doyle March 10, 2025
The official NBA and NASCAR accounts on X were hacked to promote fake cryptocurrencies, raising serious concerns about cybersecurity and user safety on social media.
$5 Million Stolen from 1inch Due to Smart Contract Flaw
News
$5 Million Stolen from 1inch Due to Smart Contract Flaw
Mitchell Langley March 10, 2025
On March 5, 2025, 1inch confirmed a $5 million theft due to a smart contract flaw, affecting only resolver funds, not end-user assets.
US Cities Warn of Parking Phishing Texts Used to Steal Personal Data
News
US Cities Warn of Parking Phishing Texts Used to Steal Personal Data
Andrew Doyle March 10, 2025
US cities warn residents about a new wave of phishing texts claiming unpaid parking fees, threatening fines and attempting to steal personal information.
Chicago Public Schools Data Breach Exposes Hundreds of Thousands of Student Records
News
Chicago Public Schools Data Breach Exposes Hundreds of Thousands of Student Records
Mitchell Langley March 10, 2025
Hundreds of thousands of Chicago Public School students' data was exposed in a recent data breach, affecting names, birthdates, and student IDs. The FBI and ...
Bank of America Issues Warning on Data Breach: Millions of Accounts at Risk
News
Bank of America Issues Warning on Data Breach: Millions of Accounts at Risk
Andrew Doyle March 10, 2025
Bank of America has announced a massive data breach affecting millions, with customers' sensitive information potentially compromised due to a vendor's mishandling of documents.
Data Breach Settlement: Rite Aid Agrees to Pay $6.8 Million to Affected Customers
News
Data Breach Settlement: Rite Aid Agrees to Pay $6.8 Million to Affected Customers
Mitchell Langley March 10, 2025
Rite Aid has agreed to a $6.8 million settlement following a data breach affecting over 2 million customers, emphasizing the need for robust cybersecurity measures.
New Chirp Tool Using Audio Tones for Data Transit Between Devices
News
New Chirp Tool Using Audio Tones for Data Transit Between Devices
Andrew Doyle March 10, 2025
The new Chirp tool allows data transfer between devices using audio tones, offering a unique and engaging way to communicate.
Akira Ransomware Uses Webcam to Bypass EDR
News
Akira Ransomware Uses Webcam to Bypass EDR
Mitchell Langley March 7, 2025
The Akira ransomware gang has found a way to bypass EDR by exploiting unsecured webcams, demonstrating a new level of sophistication in cyberattacks.
Taylor Swift Ticket Scam: Cybercrime Crew Steals $635,000
News
Taylor Swift Ticket Scam: Cybercrime Crew Steals $635,000
Mitchell Langley March 7, 2025
A cybercrime crew stole $635,000 worth of concert tickets, primarily for Taylor Swift's Eras Tour, exploiting a StubHub vendor loophole. Two employees were arrested and ...
Scott County Breach: Email Account Compromises Patient Data
News
Scott County Breach: Email Account Compromises Patient Data
Andrew Doyle March 7, 2025
The Scott County breach involved unauthorized access to email accounts, compromising protected health information for thousands of individuals across Iowa.
12,000 API Keys and Passwords Found in AI Training Datasets
News
12,000 API Keys and Passwords Found in AI Training Datasets
Mitchell Langley March 6, 2025
Nearly 12,000 API keys and passwords were discovered in the Common Crawl dataset used for training AI models, highlighting significant security risks for enterprises. Many ...
Open-Source Tool Rayhunter Helps Users Detect Stingray Attacks
News
Open-Source Tool Rayhunter Helps Users Detect Stingray Attacks
Andrew Doyle March 6, 2025
The EFF has introduced Rayhunter, an open-source tool for detecting Stingray attacks, helping users safeguard their sensitive data from unauthorized access.
Fake BianLian Ransom Notes Mailed to US CEOs in Postal Mail Scam
News
Fake BianLian Ransom Notes Mailed to US CEOs in Postal Mail Scam
Mitchell Langley March 6, 2025
Scammers are impersonating the BianLian group, mailing fake ransom notes to US CEOs, threatening data leaks unless Bitcoin payments are made.
BadBox Malware Disrupted on 500K Infected Android Devices
News
BadBox Malware Disrupted on 500K Infected Android Devices
Andrew Doyle March 6, 2025
The BadBox malware disruption has impacted over 500,000 devices, revealing the urgency of addressing cybersecurity threats in low-cost Android devices.
Silk Typhoon Hackers Now Target IT Supply Chains to Breach Networks
News
Silk Typhoon Hackers Now Target IT Supply Chains to Breach Networks
Mitchell Langley March 6, 2025
The Silk Typhoon hackers have shifted tactics, now focusing on IT supply chains to infiltrate networks and exploit sensitive data across multiple industries.
YouTube Warns of AI-Generated Phishing Attacks Targeting Creators
News
YouTube Warns of AI-Generated Phishing Attacks Targeting Creators
Mitchell Langley March 6, 2025
AI-generated video of YouTube's CEO is being used in phishing attacks to steal creators' credentials. YouTube warns users to avoid suspicious private videos and links.
US Charges Chinese Hackers Targeting Critical Infrastructure Breaches
News
US Charges Chinese Hackers Targeting Critical Infrastructure Breaches
Andrew Doyle March 6, 2025
US charges Chinese state security officers and hackers from APT27 and i-Soon for global cyberattacks targeting critical infrastructure and government agencies since 2011.
Why is Activity Logging Crucial for Detecting Cyberattacks
Blog
Why is Activity Logging Crucial for Detecting Cyberattacks
Mitchell Langley July 15, 2025
Stormous Ransomware: Unmasking the Pro-Russian Cyber Threat
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee July 3, 2025
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
Gabby Lee June 10, 2025

TOP CYBERSECURITY HEADLINES

Amazon Q Developer Extension Compromised to Include Data-Wiping Commands
News
Amazon Q Developer Extension Compromised to Include Data-Wiping Commands
Philadelphia Insurance Companies Reports Personal Data Breach After June Cyber Incident
News
Philadelphia Insurance Companies Reports Personal Data Breach After June Cyber Incident
Chinese Espionage Groups Target SharePoint Servers in Large-Scale Exploitation Campaigns
News
Chinese Espionage Groups Target SharePoint Servers in Large-Scale Exploitation Campaigns
Interlock Ransomware Escalates Attacks on North America and Europe, Warns CISA
News
Interlock Ransomware Escalates Attacks on North America and Europe, Warns CISA

SECURITYWEEK INDUSTRY EXPERTS

BlackSuit Ransomware Operation Disrupted in Global Law Enforcement Seizure
News
BlackSuit Ransomware Operation Disrupted in Global Law Enforcement Seizure
Mitchell Langley July 28, 2025
Scattered Spider Ramps Up VMware ESXi Attacks Targeting U.S. Enterprise Virtual Infrastructure
News
Scattered Spider Ramps Up VMware ESXi Attacks Targeting U.S. Enterprise Virtual Infrastructure
Mitchell Langley July 28, 2025
Allianz Life Data Breach Exposes Information of Over 1 Million Customers
News
Allianz Life Data Breach Exposes Information of Over 1 Million Customers
Andrew Doyle July 28, 2025
Amazon Q Developer Extension Compromised to Include Data-Wiping Commands
News
Amazon Q Developer Extension Compromised to Include Data-Wiping Commands
Mitchell Langley July 28, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Cato Networks Secures $359M to Fuel AI-Powered SASE Expansion
July 1, 2025
Podcasts
Chrome’s Latest Zero-Day: CVE-2025-6554 and Remote Code Execution Risks
July 1, 2025
Podcasts
Russia’s 16KB Curtain: Cloudflare Throttling and the Future of the RuNet
June 30, 2025

Cyber Security News

This Week in Cybersecurity, 27th May to 31st May: City of Helsinki Data Breach
Cybersecurity
This Week in Cybersecurity, 27th May to 31st May: City of Helsinki Data Breach
May 31, 2024
This Week in Cybersecurity: 20th May - 24th May
Cybersecurity
This Week in Cybersecurity: 20th May – 24th May, American Radio Relay League Cyberattack Disrupts Services
May 24, 2024
10 Ways to Protect Your Enterprise from Phishing Attacks
Blog
10 Ways to Protect Your Enterprise from Phishing Attacks
May 23, 2024
Banking Malware Grandoreiro is Back After Police Disruption to Target Banks Globally
Cybersecurity
Banking Malware Grandoreiro is Back After Police Disruption to Target Banks Globally
May 20, 2024
This Week in Cybersecurity: 13th to 17th May, Dell Data Breached
Cybersecurity
This Week in Cybersecurity: 13th to 17th May, Dell Data Breached
May 17, 2024
Cloud Native Security in 2024: Top 6 Cloud Native Best Practices
Blog
Cloud Native Security in 2024: Top 6 Cloud Native Best Practices
May 8, 2024
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Marbled Dust’s Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
May 13, 2025
In April 2024, a sophisticated cyber espionage campaign orchestrated by the Türkiye-linked hacker group, Marbled Dust, began exploiting a previously unknown zero-day vulnerability in the ...
M&S Confirms Customer Data Breach Following Cyberattack
May 13, 2025
M&S confirms a customer data breach exposing contact details and order history after a cyberattack, but reassures no payment data or passwords were compromised.
TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP
May 13, 2025
In this episode, we dissect CVE-2025-47729, a critical vulnerability in TeleMessage, a message archiving app recently thrust into the spotlight due to its use by ...
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
May 13, 2025
Broadcom patches a critical VMware Tools vulnerability that allows attackers with limited VM access to tamper with files. Affects Windows, Linux, and open-vm-tools versions.
Thousands of Node Developers Compromised by Malware in Popular npm Packages
May 13, 2025
A sophisticated supply chain attack on npm injected malware into widely used packages, exposing thousands of developers to remote access trojans, data theft, and backdoors. ...
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
May 13, 2025
A Türkiye-linked cyberespionage group exploited a zero-day in Output Messenger, enabling access to sensitive data and communications in targeted attacks on Kurdish-aligned users.
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
May 13, 2025
A Moldovan suspect has been arrested for a 2021 DoppelPaymer ransomware attack that crippled Dutch research systems and caused €4.5 million in damages.
rand-user-agent: The NPM Package That Opened a Backdoor
May 12, 2025
In this episode, we break down the recent compromise of the rand-user-agent NPM package—an attack that quietly turned a once-trusted JavaScript library into a delivery ...
160,000 Victims Later: The Aspire USA Breach Under Valsoft’s Watch
May 12, 2025
In this episode, we break down the February 2025 data breach that hit Valsoft Corporation, operating under the name AllTrust, through its subsidiary Aspire USA. ...
Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE
May 12, 2025
A new supply chain attack has emerged—this time targeting macOS users of the Cursor AI code editor through rogue npm packages. In this episode, we ...
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
May 12, 2025
Chinese threat group Chaya_004 exploited a zero-day flaw in SAP NetWeaver servers, compromising hundreds of systems using remote code execution and web shell deployments.
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
May 12, 2025
The iClicker website was hacked between April 12–16, 2025, using a fake CAPTCHA to deploy malware via a ClickFix attack targeting students and faculty.
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
May 12, 2025
LockBit's dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a leaked MySQL database.
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
May 12, 2025
Ascension confirms a third-party data breach affecting 437,329 patients, exposing sensitive personal and medical data, including Social Security numbers and health insurance details.
PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain
May 8, 2025
A zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824, became the center of a global cybersecurity storm when it was ...
Pegasus Spyware, WhatsApp v. NSO Group, and the Global Battle for Data Privacy
May 8, 2025
In this episode, we dive deep into the legal, technical, and geopolitical implications of the U.S. court ruling in WhatsApp v. NSO Group—a landmark case ...
How CodeAnt AI is Automating Code Reviews for 50+ Dev Teams
May 8, 2025
AI tools are generating more code than ever — but who’s reviewing it? In this episode, we spotlight CodeAnt AI, the fast-growing platform built to ...
The Truth About Identity Attacks: How to Protect Your Business and Data
May 8, 2025
In today's digital landscape, identity attacks are rampant, costing businesses millions and causing irreparable damage to reputations. This comprehensive guide explores seven common identity-based attacks, ...
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
May 8, 2025
U.S. Oil and Gas Sectors Face Persistent Cyber Threats, CISA Warns The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory warning that ...
NSO Group Fined $167 Million for Pegasus Spyware Attack on WhatsApp Users
May 8, 2025
A U.S. jury has ordered NSO Group to pay over $167 million in damages for a 2019 Pegasus spyware attack that targeted 1,400 WhatsApp users. ...
Promptfoo Secures $18.4M to Combat AI Security Threats in Generative AI
1.1 Million Private Messages Leaked: Inside the Tea App Privacy Disaster
Job Scams, Corporate Espionage, and Digital Deception: Inside the Deepfake Crisis
Microsoft Exposes Major macOS Flaws in Transparency, Consent, and Control
Aeroflot in Chaos: How Hackers Crippled Russia’s Flagship Airline
Lynx Ransomware: INC Ransomware Reincarnated
How to Backup and Restore the Windows Registry
Neferpitou Claims Cyberattack on French Naval Defense Giant
Root Evidence Launches With $12.5M to Redefine Vulnerability Management
NASCAR Hit by Medusa Ransomware: 1TB of Data Stolen in April 2025 Cyberattack
Scattered Spider Strikes Again: Inside the VMware ESXi Ransomware Tactics
BlackSuit Ransomware Operation Disrupted in Global Law Enforcement Seizure
Scattered Spider Ramps Up VMware ESXi Attacks Targeting U.S. Enterprise Virtual Infrastructure
Amazon Q Developer Extension Compromised to Include Data-Wiping Commands
Allianz Life Data Breach Exposes Information of Over 1 Million Customers
Philadelphia Insurance Companies Reports Personal Data Breach After June Cyber Incident
Koske Malware Hides in Panda Images, Weaponizes AI to Target Linux
Operation Checkmate: BlackSuit Ransomware’s Dark Web Sites Seized
Coyote Malware Exploits Microsoft UI Automation in First-Ever Wild Attack
No Fix Coming: Remote Code Execution Flaw in 1,300 LG Security Cameras