Main Menu
Cyber Security
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026: What Day 1 Revealed
QualDerm Partners Data Breach Hits Over 3.1 Million People
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Gartner Publishes Its First Market Guide for Guardian Agents
Software Supply Chains Are the New Frontline for Cyber Risk
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Tech Giants Invest $12.5 Million in Open Source Software Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Stryker’s Internal Microsoft Environment Was Breached Last Week
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
How AI Is Making Financial Fraud 4.5 Times More Profitable
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
FBI Seeks Gamer Help in Steam Malware Investigation
Shadow AI Is Quietly Spreading Across SaaS Environments
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
Trust Wallet Compromise Results in $7 Million Loss from Crypto Accounts
Data Security
Trust Wallet Compromise Results in $7 Million Loss from Crypto Accounts
Mitchell Langley December 29, 2025
Trust Wallet users suffer a $7M loss after a targeted attack on the browser extension impacts 3,000 crypto addresses just before Christmas.
Ex-Coinbase Support Agent in India Arrested for Involvement in Data Theft
Data Security
Ex-Coinbase Support Agent in India Arrested for Involvement in Data Theft
Gabby Lee December 29, 2025
A former Coinbase agent in India was detained for aiding hackers to infiltrate company databases, allowing unlawful access to sensitive client data.
Spotify Disables User Accounts to Combat Massive Data Scraping
Data Security
Spotify Disables User Accounts to Combat Massive Data Scraping
Andrew Doyle December 29, 2025
Spotify took action against data scraping by deactivating accounts after Anna’s Archive released data on 86 million songs from its platform.
Ubisoft's Rainbow Six Siege Breach Enables Hackers to Exploit Internal Systems
Application Security
Ubisoft’s Rainbow Six Siege Breach Enables Hackers to Exploit Internal Systems
Mitchell Langley December 28, 2025
Rainbow Six Siege faces a security breach allowing hackers to manipulate in-game systems, impacting player bans and economic balance, compromising integrity.
Hackers Breach Condé Nast Systems, Exposing WIRED Subscriber Data
Cybersecurity
Hackers Breach Condé Nast Systems, Exposing WIRED Subscriber Data
Gabby Lee December 28, 2025
A hacker claims responsibility for a breach at Condé Nast, exposing over 2.3 million WIRED subscriber records. The attacker threatens to release up to 40 ...
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
Application Security
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
Gabby Lee December 28, 2025
The malicious NPM package ‘Lotusbail’ covertly stole WhatsApp credentials through a backdoor. With more than 56,000 downloads over a six-month period, it emphasized the need ...
LangChain Core Critical Vulnerability Risks for Data Security and LLM Integrity
Application Security
LangChain Core Critical Vulnerability: Risks for Data Security and LLM Integrity
Andrew Doyle December 28, 2025
Critical LangChain Core flaw may enable data theft and LLM response manipulation, impacting system security and integrity.
Cyber Espionage Campaign Involving a China-Linked APT Utilizing DNS Poisoning (1)
Cybersecurity
Cyber Espionage Campaign Involving a China-Linked APT Utilizing DNS Poisoning
Mitchell Langley December 28, 2025
Kaspersky has attributed a China-linked advanced persistent threat group with a DNS poisoning technique to deploy the MgBot backdoor for cyber espionage in Türkiye, China, ...
Aflac Confirms Data Breach Impacting Over 22 Million Customers
Data Security
Aflac Confirms Data Breach Impacting Over 22 Million Customers
Gabby Lee December 28, 2025
A data breach at Aflac has exposed sensitive personal information of over 22 million customers. The company confirmed detecting unusual activities on its systems in ...
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
News
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
Mitchell Langley December 28, 2025
Grubhub customers received deceptive messages, seemingly from a company email, promising tenfold bitcoin returns. This scam misled users into transferring cryptocurrency to a specific wallet.
Trust Wallet Urges Users to Update Chrome Extension Due to Security Incident
Application Security
Trust Wallet Urges Users to Update Chrome Extension Due to Security Incident
Gabby Lee December 28, 2025
Trust Wallet experienced a critical security breach affecting its Google Chrome extension, leading to losses of approximately $7 million. Users are urged to update to ...
Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812 Noted
CVE Vulnerability Alerts
Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812
Andrew Doyle December 28, 2025
Fortinet has identified ongoing exploitation of the five-year-old FortiOS SSL VPN flaw CVE-2020-12812, revealing it poses significant risks in specific configurations.
Ripple Effects of the 2022 LastPass Data Breach Cryptocurrency at Stake
Cybersecurity
Ripple Effects of the 2022 LastPass Data Breach: Cryptocurrency at Stake
Gabby Lee December 28, 2025
Weak master passwords from 2022's LastPass breach are being exploited to compromise cryptocurrency assets, implicating Russian cybercriminal involvement, according to TRM Labs.
CISA Issues Urgent Advisory on Digiever NVRs Due to Known Exploited Vulnerability
CVE Vulnerability Alerts
CISA Issues Urgent Advisory on Digiever NVRs Due to Known Exploited Vulnerability
Andrew Doyle December 28, 2025
CISA has highlighted CVE-2023-52163, a vulnerability in Digiever NVRs, for active exploitation, advising immediate update and security precautions.
U.S. Government Seizes Web3 Ads Panel Domain Linked To Cybercrime
Cybersecurity
U.S. Government Seizes Web3 Ads Panel Domain Linked to Cybercrime
Mitchell Langley December 28, 2025
Federal authorities confiscated the 'web3adspanels.org' domain, a crucial tool for cybercriminals in hosting and distributing stolen banking login credentials. This move represents a significant intervention ...
Fraudulent Investment Scheme Nomani Expands Beyond Facebook
Cybersecurity
Fraudulent Investment Scheme Nomani Expands Beyond Facebook
Gabby Lee December 28, 2025
The fraudulent Nomani scheme has increased 62%, spreading from Facebook to YouTube. ESET's data indicates a block of 64,000 URLs in 2023.
Microsoft Enhances Codebase Security by Transitioning to Rust with AI Assistance
Application Security
Microsoft Enhances Codebase Security by Transitioning to Rust with AI Assistance
Andrew Doyle December 28, 2025
Microsoft's integration of Rust aims to improve security and performance in software. With AI assistance, this significant codebase migration targets safety vulnerabilities in existing programming ...
U.S. SEC Accuses Firms of Orchestrating Cryptocurrency Fraud Worth Over $14 Million
Cybersecurity
U.S. SEC Accuses Firms of Orchestrating Cryptocurrency Fraud Worth Over $14 Million
Mitchell Langley December 28, 2025
The SEC has filed charges against Morocoin Tech Corp. and others, accusing them of a $14 million cryptocurrency scam. The companies allegedly misled investors with ...
AI Vulnerabilities Identified by Researchers in Eurostar's Chatbot
Cybersecurity
AI Vulnerabilities Identified by Researchers in Eurostar’s Chatbot
Gabby Lee December 28, 2025
Researchers revealed security weaknesses in Eurostar’s AI chatbot, uncovering four flaws, including HTML injections. Eurostar's reaction raised eyebrows within cybersecurity circles.
Critical Patch Alert MongoDB Urges Immediate Update to Prevent RCE Attack
Application Security
Critical Patch Alert: MongoDB Urges Immediate Update to Prevent RCE Attacks
Andrew Doyle December 28, 2025
MongoDB has issued an urgent advisory for IT admins to rapidly patch a high-severity vulnerability allowing potential remote code execution (RCE) attacks on susceptible servers. ...
Firefox 149 Launches with a Built-In VPN for Better Privacy
Application Security
Firefox 149 Launches with a Built-In VPN for Better Privacy
Andrew Doyle March 25, 2026
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Cybersecurity
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Mitchell Langley March 25, 2026
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
News
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Andrew Doyle March 18, 2026
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Cybersecurity
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Mitchell Langley March 18, 2026

TOP CYBERSECURITY HEADLINES

Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Cybersecurity
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Cybersecurity
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Cybersecurity
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026 What Day 1 Revealed
Cybersecurity
Major Announcements from RSAC 2026: What Day 1 Revealed

This Week’s Security Spotlight

Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Cybersecurity
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Andrew Doyle March 13, 2026
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Andrew Doyle March 12, 2026
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Mitchell Langley March 12, 2026
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
More In News
Trending
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Targeted Phishing Attack Breaches Security Firm Executive
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Lakera’s Gandalf Network Joins Check Point in $300M AI Security Deal
September 17, 2025
Podcasts
Shai-Hulud Exposes Fragility of the Open-Source Software Supply Chain
September 17, 2025
Podcasts
ChatGPT Calendar Vulnerability Exposes User Emails in New AI Attack
September 17, 2025

Cyber Security News

Lema AI Secures $24 Million to Bolster Supply Chain Security
Cybersecurity
Lema AI Secures $24 Million to Bolster Supply Chain Security
February 17, 2026
Warlock Ransomware Gang Breach at SmarterTools Email System Compromised
Cybersecurity
Warlock Ransomware Gang Breach at SmarterTools: Email System Compromised
February 17, 2026
Outtake's $40 Million Infusion to Battle AI-Powered Cyber Threats
Cybersecurity
Outtake’s $40 Million Infusion to Battle AI-Powered Cyber Threats
February 17, 2026
Exploitation of SolarWinds Web Help Desk Instances Raises Serious Security Concerns
Cybersecurity
Exploitation of SolarWinds Web Help Desk Instances Raises Serious Security Concerns
February 17, 2026
7-Zip Targeted by Malicious Website Users Turned Into Unwitting Proxy Nodes
Application Security
7-Zip Targeted by Malicious Website: Users Turned Into Unwitting Proxy Nodes
February 17, 2026
Data Exposure Risks with Zero-Click Prompt Injection in AI Chat Apps
Cybersecurity
Data Exposure Risks with Zero-Click Prompt Injection in AI Chat Apps
February 17, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Ubisoft’s Rainbow Six Siege Breach Enables Hackers to Exploit Internal Systems
December 28, 2025
Rainbow Six Siege faces a security breach allowing hackers to manipulate in-game systems, impacting player bans and economic balance, compromising integrity.
Hackers Breach Condé Nast Systems, Exposing WIRED Subscriber Data
December 28, 2025
A hacker claims responsibility for a breach at Condé Nast, exposing over 2.3 million WIRED subscriber records. The attacker threatens to release up to 40 ...
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
December 28, 2025
The malicious NPM package ‘Lotusbail’ covertly stole WhatsApp credentials through a backdoor. With more than 56,000 downloads over a six-month period, it emphasized the need ...
LangChain Core Critical Vulnerability: Risks for Data Security and LLM Integrity
December 28, 2025
Critical LangChain Core flaw may enable data theft and LLM response manipulation, impacting system security and integrity.
Cyber Espionage Campaign Involving a China-Linked APT Utilizing DNS Poisoning
December 28, 2025
Kaspersky has attributed a China-linked advanced persistent threat group with a DNS poisoning technique to deploy the MgBot backdoor for cyber espionage in Türkiye, China, ...
Aflac Confirms Data Breach Impacting Over 22 Million Customers
December 28, 2025
A data breach at Aflac has exposed sensitive personal information of over 22 million customers. The company confirmed detecting unusual activities on its systems in ...
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
December 28, 2025
Grubhub customers received deceptive messages, seemingly from a company email, promising tenfold bitcoin returns. This scam misled users into transferring cryptocurrency to a specific wallet.
Trust Wallet Urges Users to Update Chrome Extension Due to Security Incident
December 28, 2025
Trust Wallet experienced a critical security breach affecting its Google Chrome extension, leading to losses of approximately $7 million. Users are urged to update to ...
Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812
December 28, 2025
Fortinet has identified ongoing exploitation of the five-year-old FortiOS SSL VPN flaw CVE-2020-12812, revealing it poses significant risks in specific configurations.
Ripple Effects of the 2022 LastPass Data Breach: Cryptocurrency at Stake
December 28, 2025
Weak master passwords from 2022's LastPass breach are being exploited to compromise cryptocurrency assets, implicating Russian cybercriminal involvement, according to TRM Labs.
CISA Issues Urgent Advisory on Digiever NVRs Due to Known Exploited Vulnerability
December 28, 2025
CISA has highlighted CVE-2023-52163, a vulnerability in Digiever NVRs, for active exploitation, advising immediate update and security precautions.
U.S. Government Seizes Web3 Ads Panel Domain Linked to Cybercrime
December 28, 2025
Federal authorities confiscated the 'web3adspanels.org' domain, a crucial tool for cybercriminals in hosting and distributing stolen banking login credentials. This move represents a significant intervention ...
Fraudulent Investment Scheme Nomani Expands Beyond Facebook
December 28, 2025
The fraudulent Nomani scheme has increased 62%, spreading from Facebook to YouTube. ESET's data indicates a block of 64,000 URLs in 2023.
Microsoft Enhances Codebase Security by Transitioning to Rust with AI Assistance
December 28, 2025
Microsoft's integration of Rust aims to improve security and performance in software. With AI assistance, this significant codebase migration targets safety vulnerabilities in existing programming ...
U.S. SEC Accuses Firms of Orchestrating Cryptocurrency Fraud Worth Over $14 Million
December 28, 2025
The SEC has filed charges against Morocoin Tech Corp. and others, accusing them of a $14 million cryptocurrency scam. The companies allegedly misled investors with ...
AI Vulnerabilities Identified by Researchers in Eurostar’s Chatbot
December 28, 2025
Researchers revealed security weaknesses in Eurostar’s AI chatbot, uncovering four flaws, including HTML injections. Eurostar's reaction raised eyebrows within cybersecurity circles.
Critical Patch Alert: MongoDB Urges Immediate Update to Prevent RCE Attacks
December 28, 2025
MongoDB has issued an urgent advisory for IT admins to rapidly patch a high-severity vulnerability allowing potential remote code execution (RCE) attacks on susceptible servers. ...
Italy’s AGCM Fines Apple €98.6 Million Over Alleged App Tracking Transparency Misuse
December 24, 2025
Italy's competition authority, AGCM, has fined Apple €98.6 million for allegedly abusing its dominant market position with the App Tracking Transparency framework.
Passwd Offers Secure Credential Management for Google Workspace Users
December 24, 2025
Passwd provides a secure credential management platform designed exclusively for businesses using Google Workspace, emphasizing integration, controlled sharing, and practicality.
Operation Sentinel: INTERPOL’s Comprehensive Cybercrime Crackdown Across Africa
December 24, 2025
INTERPOL's Operation Sentinel culminated in the arrest of 574 suspects and the recovery of $3 million. The operation involved collaboration with 19 countries to target ...
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026: What Day 1 Revealed
QualDerm Partners Data Breach Hits Over 3.1 Million People
Cryptocurrency Threats via Phishing Campaign Targeting French-Speaking Corporations
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Gartner Publishes Its First Market Guide for Guardian Agents
TeamPCP Strikes Again, This Time Targeting the Python Package litellm
Software Supply Chains Are the New Frontline for Cyber Risk
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud