Cyber Security
News
Major Data Breach Exposes 33,000+ Users of Flat Earth Zodiac App
Andrew Doyle
March 3, 2025
A significant data breach impacting the "Flat Earth Sun, Moon and Zodiac" mobile application has exposed the personal information of over 33,000 users. This incident ...
News
EncryptHub Ransomware and Infostealer Campaign Targets 618 Organizations Globally
Andrew Doyle
February 27, 2025
EncryptHub Breach Affects 618 Organizations Hit Using Infostealers and Ransomware
News
Genea IVF Data Breach Claimed by Termite Ransomware Gang
Mitchell Langley
February 27, 2025
Australian IVF provider Genea suffered a major data breach. The Termite ransomware gang stole 940GB of sensitive patient data. This includes medical histories, personal details, ...
News
Lazarus Group Stole $1.5 Billion in Bybit Hack by Exploiting a Safe{Wallet} Developer Machine
Mitchell Langley
February 27, 2025
Lazarus hackers stole $1.5 billion from Bybit by compromising a Safe{Wallet} developer machine. The attack involved malicious JavaScript, highlighting vulnerabilities in multisig wallet platforms.
News
Black Basta Ransomware Costs Southern Water £4.5 Million
Andrew Doyle
February 27, 2025
Southern Water reveals a £4.5 million cost from a Black Basta ransomware attack in February 2024. The attack, while not impacting operations, triggered significant expenses ...
News
Jasper Network Breach: City Investigates Cybersecurity Incident
Mitchell Langley
February 27, 2025
Jasper, Alabama, is investigating a network security breach. Experts are working to determine the extent of the unauthorized access. No personal data is believed compromised.
News
GitVenom Malware Campaign Targets Crypto Users via GitHub
Mitchell Langley
February 26, 2025
The GitVenom malware campaign uses hundreds of compromised GitHub repositories to distribute info-stealers, RATs, and clipboard hijackers, stealing cryptocurrency and credentials.
News
Auto-Color Linux Backdoor Malware Targets Governments and Universities
Andrew Doyle
February 26, 2025
A new, highly evasive Auto-Color Linux backdoor targets North American and Asian governments and universities. The malware uses custom encryption and rootkit-like features for persistence.
News
Data Breach at DISA Impacts 3.3 Million Compromising Social Security Numbers and Financial Data
Mitchell Langley
February 26, 2025
DISA Global Solutions, a US drug testing firm, suffered a data breach exposing the sensitive data of 3.3 million individuals. Social Security numbers and financial ...
News
Have You Been Pwned As Well? The Data Breach Notification Service Adds 284 Million Accounts as Stolen by Infostealer Malware
Andrew Doyle
February 26, 2025
Have I Been Pwned added 284 million accounts compromised by infostealer malware found on a Telegram channel. The breach includes emails, passwords, and website data.
News
Orange Group Confirms Data Breach, Hacker Leaks Internal Documents
Mitchell Langley
February 25, 2025
A hacker leaked thousands of Orange Group's internal documents. The breach compromised user records and employee data. Orange Group confirmed the incident.
News
Boys & Girls Clubs of Tennessee Valley Data Breach Exposes Sensitive Information
Andrew Doyle
February 25, 2025
The Boys & Girls Clubs of the Tennessee Valley experienced a data breach between November 19-23, 2024, exposing personal data including Social Security numbers and ...
News
IT Service Provider Hack in Russia Puts Financial Sector on High Alert
Mitchell Langley
February 25, 2025
Russia's financial sector faces a significant threat after a major IT service provider, LANIT, was hacked. Authorities urge password and credential changes.
News
Lucent Health Data Breach: Law Firm Investigates Legal Claims
Andrew Doyle
February 25, 2025
A data breach at Lucent Health exposed sensitive personal information, including Social Security numbers and medical records. The Murphy Law Firm is investigating legal claims ...
News
Genea IVF Clinic Data Leak: Medical Records, Addresses, and Phone Numbers at Risk
Mitchell Langley
February 24, 2025
Genea, a major Australian IVF provider, suffered a data breach on February 14th. Sensitive patient data, including medical records and contact information, was compromised. The ...
Cybersecurity
CISA Warns of Craft CMS Code Injection Flaw
Andrew Doyle
February 24, 2025
CISA warns of an actively exploited Craft CMS code injection flaw (CVE-2025-23209), urging users to upgrade to patched versions 5.5.8 and 4.13.8 or later.
News
Vivifi Data Leak: Millions of Loan Applicants’ Data Exposed
Andrew Doyle
February 24, 2025
A massive vivifi data leak exposed 36 million files containing sensitive personal data of Indian loan applicants, including passports and bank details, due to a ...
News
Bybit Hack: $1.5 Billion Ethereum Theft in Biggest Crypto Heist Ever
Mitchell Langley
February 24, 2025
Hackers stole $1.5 billion in Ethereum from Bybit, the world's second-largest crypto exchange. The heist is the largest digital theft ever recorded. Bybit is offering ...
News
Cyber Attack on Rainbow District School Board Had Personal Data Stolen in Data Leak
Mitchell Langley
February 24, 2025
Rainbow District School Board confirms a cyber attack resulting in a data breach, exposing staff and student personal data, including social insurance numbers and bank ...
News
Chinese Hackers from Salt Typhoon Deploy Custom Malware in US Telecom Cyberespionage Campaign
Mitchell Langley
February 21, 2025
Chinese state-sponsored hackers, the Salt Typhoon group, used custom malware, JumbledPath, to infiltrate US telecom networks, stealing data and monitoring communications.
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee
July 3, 2025
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
News
BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
Mitchell Langley
July 18, 2025
News
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
Andrew Doyle
July 18, 2025
News
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
Mitchell Langley
July 18, 2025
News
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
Mitchell Langley
July 18, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Detection Tools
- Uncategorized
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
April 28, 2025
Researchers uncovered a major AI vulnerability allowing attackers to bypass safeguards with a single prompt, gaining control over AI systems to generate dangerous content.
Hard-Coded Havoc: The Fatal Flaws in Planet’s Network Devices
April 28, 2025
A wave of critical vulnerabilities in Planet Technology’s industrial switches and network management systems could let attackers hijack devices, steal data, and sabotage industrial networks—with ...
Craft CMS Crisis: The 10.0-Rated RCE Flaw Every Developer Must Patch Now
April 28, 2025
A critical, actively exploited vulnerability (CVE-2025-32432) is wreaking havoc on Craft CMS—allowing attackers to execute arbitrary PHP code on unpatched servers with no authentication required. ...
Policy Puppetry: How a Single Prompt Can Trick ChatGPT, Gemini & More Into Revealing Secrets
April 28, 2025
Recent research by HiddenLayer has uncovered a shocking new AI vulnerability—dubbed the “Policy Puppetry Attack”—that can bypass safety guardrails in all major LLMs, including ChatGPT, ...
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
April 28, 2025
Cybersecurity myths are more dangerous than you think. Here are 13 common myths that are silently sabotaging your security—and what to do instead.
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
April 28, 2025
A new phishing campaign is targeting WooCommerce administrators with fake security alerts designed to hijack websites by installing hidden backdoors and persistent malware.
Marks & Spencer Halts Online Orders Following Cyberattack
April 28, 2025
Marks & Spencer suspended online orders following a cyberattack impacting digital and in-store services, while investigations continue in collaboration with external cybersecurity specialists.
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
April 28, 2025
Pro-Russian hackers NoName057(16) have intensified DDoS attacks against German organizations, targeting banks, manufacturers, and government websites in retaliation for political decisions related to Ukraine.
DragonForce Expands Ransomware Model with White-Label Branding
April 28, 2025
DragonForce expands its ransomware cartel with a white-label model, allowing affiliates to use its infrastructure under their own brand, taking a 20% cut of ransoms. ...
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
April 28, 2025
SK Telecom Reports Customer Data Breach Linked to Cyberattack SK Telecom, South Korea’s largest mobile carrier, announced that it suffered a major customer data breach ...
Lazarus Strikes Again: Inside Operation SyncHole and the 1-Day Exploitation Crisis
April 25, 2025
In this episode, we break down the most urgent cybersecurity developments from late April 2025—including the Lazarus Group’s high-profile “Operation SyncHole” targeting South Korean industries. ...
OAuth Phishing and Microsoft 365: The Hidden Threats SMBs Can’t Ignore
April 25, 2025
In this episode, we dissect the real-world challenges of securing Microsoft 365 environments—especially for small and medium-sized businesses—amid rising threats and licensing limitations. From Reddit ...
Navigating the Complex Intersection of AI and Data Privacy
April 25, 2025
The rise of artificial intelligence (AI) presents incredible opportunities, but it also introduces complex challenges regarding data privacy. This blog post delves into the crucial ...
Why Outlook Is Eating Your CPU — And What Microsoft Says About It
April 25, 2025
Microsoft has acknowledged a serious issue affecting users of classic Outlook for Windows: CPU usage spikes up to 50% just from typing emails. First appearing ...
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
April 25, 2025
Spyware hidden in a fake AlpineQuest app is stealing sensitive data from Russian soldiers, revealing operational plans via location tracking and real-time Telegram monitoring.
Frederick Health Data Breach Impacts 934,326 Patients
April 25, 2025
In January, a ransomware attack on Frederick Health Medical Group exposed sensitive data of 934,326 patients, triggering law enforcement involvement and mandatory federal breach reporting. ...
This Week In Cybersecurity: 21st – 25th April, 2025
April 25, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
April 25, 2025
The Interlock ransomware group has claimed responsibility for a cyberattack on DaVita, leaking 1.5TB of sensitive data allegedly stolen from the Fortune 500 healthcare provider.
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
April 25, 2025
MTN confirms a data breach exposing limited customer data, assures core systems are safe. Law enforcement and regulators have been notified as investigations continue.
Trojan Map App: Spyware Targets Russian Soldiers via Alpine Quest
April 24, 2025
A newly discovered Android spyware campaign is targeting Russian military personnel by weaponizing a popular mapping app. Disguised as a cracked version of Alpine Quest ...