Main Menu
Cyber Security
The Role of a Cyber Security Specialist in Building Cyber Resilience and Modern Defense Strategies
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
Why External Attack Surface Management Belongs at the Core of Your Cybersecurity Strategy
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
Major Data Breach Exposes 33,000+ Users of Flat Earth Zodiac App
News
Major Data Breach Exposes 33,000+ Users of Flat Earth Zodiac App
Andrew Doyle March 3, 2025
A significant data breach impacting the "Flat Earth Sun, Moon and Zodiac" mobile application has exposed the personal information of over 33,000 users. This incident ...
EncryptHub Ransomware and Infostealer Campaign Targets 618 Organizations Globally
News
EncryptHub Ransomware and Infostealer Campaign Targets 618 Organizations Globally
Andrew Doyle February 27, 2025
EncryptHub Breach Affects 618 Organizations Hit Using Infostealers and Ransomware
Genea IVF Data Breach Claimed by Termite Ransomware Gang
News
Genea IVF Data Breach Claimed by Termite Ransomware Gang
Mitchell Langley February 27, 2025
Australian IVF provider Genea suffered a major data breach. The Termite ransomware gang stole 940GB of sensitive patient data. This includes medical histories, personal details, ...
Lazarus Group Stole $1.5 Billion in Bybit Hack by Exploiting a Safe{Wallet} Developer Machine
News
Lazarus Group Stole $1.5 Billion in Bybit Hack by Exploiting a Safe{Wallet} Developer Machine
Mitchell Langley February 27, 2025
Lazarus hackers stole $1.5 billion from Bybit by compromising a Safe{Wallet} developer machine. The attack involved malicious JavaScript, highlighting vulnerabilities in multisig wallet platforms.
Black Basta Ransomware Costs Southern Water £4.5 Million
News
Black Basta Ransomware Costs Southern Water £4.5 Million
Andrew Doyle February 27, 2025
Southern Water reveals a £4.5 million cost from a Black Basta ransomware attack in February 2024. The attack, while not impacting operations, triggered significant expenses ...
Jasper Network Breach: City Investigates Cybersecurity Incident
News
Jasper Network Breach: City Investigates Cybersecurity Incident
Mitchell Langley February 27, 2025
Jasper, Alabama, is investigating a network security breach. Experts are working to determine the extent of the unauthorized access. No personal data is believed compromised.
GitVenom Malware Campaign Targets Crypto Users via GitHub
News
GitVenom Malware Campaign Targets Crypto Users via GitHub
Mitchell Langley February 26, 2025
The GitVenom malware campaign uses hundreds of compromised GitHub repositories to distribute info-stealers, RATs, and clipboard hijackers, stealing cryptocurrency and credentials.
Auto-Color Linux Backdoor Malware Targets Governments and Universities
News
Auto-Color Linux Backdoor Malware Targets Governments and Universities
Andrew Doyle February 26, 2025
A new, highly evasive Auto-Color Linux backdoor targets North American and Asian governments and universities. The malware uses custom encryption and rootkit-like features for persistence.
Data Breach at DISA Impacts 3.3 Million Compromising Social Security Numbers and Financial Data
News
Data Breach at DISA Impacts 3.3 Million Compromising Social Security Numbers and Financial Data
Mitchell Langley February 26, 2025
DISA Global Solutions, a US drug testing firm, suffered a data breach exposing the sensitive data of 3.3 million individuals. Social Security numbers and financial ...
Have You Been Pwned As Well? The Data Breach Notification Service Adds 284 Million Accounts as Stolen by Infostealer Malware
News
Have You Been Pwned As Well? The Data Breach Notification Service Adds 284 Million Accounts as Stolen by Infostealer Malware
Andrew Doyle February 26, 2025
Have I Been Pwned added 284 million accounts compromised by infostealer malware found on a Telegram channel. The breach includes emails, passwords, and website data.
Orange Group Confirms Data Breach, Hacker Leaks Internal Documents
News
Orange Group Confirms Data Breach, Hacker Leaks Internal Documents
Mitchell Langley February 25, 2025
A hacker leaked thousands of Orange Group's internal documents. The breach compromised user records and employee data. Orange Group confirmed the incident.
Boys & Girls Clubs of Tennessee Valley Data Breach Exposes Sensitive Information
News
Boys & Girls Clubs of Tennessee Valley Data Breach Exposes Sensitive Information
Andrew Doyle February 25, 2025
The Boys & Girls Clubs of the Tennessee Valley experienced a data breach between November 19-23, 2024, exposing personal data including Social Security numbers and ...
IT Service Provider Hack in Russia Puts Financial Sector on High Alert
News
IT Service Provider Hack in Russia Puts Financial Sector on High Alert
Mitchell Langley February 25, 2025
Russia's financial sector faces a significant threat after a major IT service provider, LANIT, was hacked. Authorities urge password and credential changes.
Lucent Health Data Breach: Law Firm Investigates Legal Claims
News
Lucent Health Data Breach: Law Firm Investigates Legal Claims
Andrew Doyle February 25, 2025
A data breach at Lucent Health exposed sensitive personal information, including Social Security numbers and medical records. The Murphy Law Firm is investigating legal claims ...
News
Genea IVF Clinic Data Leak: Medical Records, Addresses, and Phone Numbers at Risk
Mitchell Langley February 24, 2025
Genea, a major Australian IVF provider, suffered a data breach on February 14th. Sensitive patient data, including medical records and contact information, was compromised. The ...
CISA Warns of Craft CMS Code Injection Flaw
Cybersecurity
CISA Warns of Craft CMS Code Injection Flaw
Andrew Doyle February 24, 2025
CISA warns of an actively exploited Craft CMS code injection flaw (CVE-2025-23209), urging users to upgrade to patched versions 5.5.8 and 4.13.8 or later.
Vivifi Data Leak: Millions of Loan Applicants' Data Exposed
News
Vivifi Data Leak: Millions of Loan Applicants’ Data Exposed
Andrew Doyle February 24, 2025
A massive vivifi data leak exposed 36 million files containing sensitive personal data of Indian loan applicants, including passports and bank details, due to a ...
Bybit Hack: $1.5 Billion Ethereum Theft in Biggest Crypto Heist Ever
News
Bybit Hack: $1.5 Billion Ethereum Theft in Biggest Crypto Heist Ever
Mitchell Langley February 24, 2025
Hackers stole $1.5 billion in Ethereum from Bybit, the world's second-largest crypto exchange. The heist is the largest digital theft ever recorded. Bybit is offering ...
Cyber Attack on Rainbow District School Board Had Personal Data Stolen in Data Leak
News
Cyber Attack on Rainbow District School Board Had Personal Data Stolen in Data Leak
Mitchell Langley February 24, 2025
Rainbow District School Board confirms a cyber attack resulting in a data breach, exposing staff and student personal data, including social insurance numbers and bank ...
Chinese Hackers from Salt Typhoon Deploy Custom Malware in US Telecom Cyberespionage Campaign
News
Chinese Hackers from Salt Typhoon Deploy Custom Malware in US Telecom Cyberespionage Campaign
Mitchell Langley February 21, 2025
Chinese state-sponsored hackers, the Salt Typhoon group, used custom malware, JumbledPath, to infiltrate US telecom networks, stealing data and monitoring communications.
Why is Activity Logging Crucial for Detecting Cyberattacks
Blog
Why is Activity Logging Crucial for Detecting Cyberattacks
Mitchell Langley July 15, 2025
Stormous Ransomware: Unmasking the Pro-Russian Cyber Threat
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee July 3, 2025
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
Gabby Lee June 10, 2025

TOP CYBERSECURITY HEADLINES

Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
News
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
Chinese APT Group Salt Typhoon Breaches U.S. National Guard Network, Steals Critical Configuration Files
News
Chinese APT Group Salt Typhoon Breaches U.S. National Guard Network, Steals Critical Configuration Files
Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
News
Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US
News
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US

SECURITYWEEK INDUSTRY EXPERTS

BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
News
BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
Mitchell Langley July 18, 2025
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
News
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
Andrew Doyle July 18, 2025
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
News
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
Mitchell Langley July 18, 2025
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
News
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
Mitchell Langley July 18, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
GerriScary: How CVE-2025-1568 Threatened Google’s Open-Source Supply Chain
June 19, 2025
Podcasts
Cisco & Atlassian Under Fire: High-Severity Flaws and What’s at Risk
June 19, 2025
Podcasts
Double Extortion, Biometric Data, and Donuts: How Play Ransomware Hit Krispy Kreme
June 19, 2025

Cyber Security News

Finland Warns of Dangerous Android Malware Attacks Breaching Bank Accounts
Cybersecurity
Finland Warns of Dangerous Android Malware Attacks Breaching Bank Accounts
May 6, 2024
JP Morgan Chase Data Breach Exposes Over 451,000 Retirement Accounts
Cybersecurity
JP Morgan Chase Data Breach Exposes Over 451,000 Retirement Accounts
May 6, 2024
How Authentication Failure Led to the Change Healthcare Ransomware Attack
Blog
When Credentials Fail: How Authentication Failure Led to the Change Healthcare Ransomware Attack
May 2, 2024
Kaiser Permanente Data Breach May Have Exposed Data of Over 13 Million Patients
Cybersecurity
Kaiser Data Breach May Have Exposed Data of Over 13 Million Patients
April 29, 2024
This Week in Cybersecurity: April 22 – April 26, UnitedHealth Group Pays Ransom
Cybersecurity
This Week in Cybersecurity: April 22 – April 26, UnitedHealth Group Pays Ransom
April 29, 2024
What are Insider Threats: Preventing Cyber Threats from Malicious Insiders
Blog
What are Insider Threats: Preventing Cyber Threats from Malicious Insiders
April 25, 2024
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
April 28, 2025
Researchers uncovered a major AI vulnerability allowing attackers to bypass safeguards with a single prompt, gaining control over AI systems to generate dangerous content.
Hard-Coded Havoc: The Fatal Flaws in Planet’s Network Devices
April 28, 2025
A wave of critical vulnerabilities in Planet Technology’s industrial switches and network management systems could let attackers hijack devices, steal data, and sabotage industrial networks—with ...
Craft CMS Crisis: The 10.0-Rated RCE Flaw Every Developer Must Patch Now
April 28, 2025
A critical, actively exploited vulnerability (CVE-2025-32432) is wreaking havoc on Craft CMS—allowing attackers to execute arbitrary PHP code on unpatched servers with no authentication required. ...
Policy Puppetry: How a Single Prompt Can Trick ChatGPT, Gemini & More Into Revealing Secrets
April 28, 2025
Recent research by HiddenLayer has uncovered a shocking new AI vulnerability—dubbed the “Policy Puppetry Attack”—that can bypass safety guardrails in all major LLMs, including ChatGPT, ...
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
April 28, 2025
Cybersecurity myths are more dangerous than you think. Here are 13 common myths that are silently sabotaging your security—and what to do instead.
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
April 28, 2025
A new phishing campaign is targeting WooCommerce administrators with fake security alerts designed to hijack websites by installing hidden backdoors and persistent malware.
Marks & Spencer Halts Online Orders Following Cyberattack
April 28, 2025
Marks & Spencer suspended online orders following a cyberattack impacting digital and in-store services, while investigations continue in collaboration with external cybersecurity specialists.
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
April 28, 2025
Pro-Russian hackers NoName057(16) have intensified DDoS attacks against German organizations, targeting banks, manufacturers, and government websites in retaliation for political decisions related to Ukraine.
DragonForce Expands Ransomware Model with White-Label Branding
April 28, 2025
DragonForce expands its ransomware cartel with a white-label model, allowing affiliates to use its infrastructure under their own brand, taking a 20% cut of ransoms. ...
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
April 28, 2025
SK Telecom Reports Customer Data Breach Linked to Cyberattack SK Telecom, South Korea’s largest mobile carrier, announced that it suffered a major customer data breach ...
Lazarus Strikes Again: Inside Operation SyncHole and the 1-Day Exploitation Crisis
April 25, 2025
In this episode, we break down the most urgent cybersecurity developments from late April 2025—including the Lazarus Group’s high-profile “Operation SyncHole” targeting South Korean industries. ...
OAuth Phishing and Microsoft 365: The Hidden Threats SMBs Can’t Ignore
April 25, 2025
In this episode, we dissect the real-world challenges of securing Microsoft 365 environments—especially for small and medium-sized businesses—amid rising threats and licensing limitations. From Reddit ...
Navigating the Complex Intersection of AI and Data Privacy
April 25, 2025
The rise of artificial intelligence (AI) presents incredible opportunities, but it also introduces complex challenges regarding data privacy. This blog post delves into the crucial ...
Why Outlook Is Eating Your CPU — And What Microsoft Says About It
April 25, 2025
Microsoft has acknowledged a serious issue affecting users of classic Outlook for Windows: CPU usage spikes up to 50% just from typing emails. First appearing ...
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
April 25, 2025
Spyware hidden in a fake AlpineQuest app is stealing sensitive data from Russian soldiers, revealing operational plans via location tracking and real-time Telegram monitoring.
Frederick Health Data Breach Impacts 934,326 Patients
April 25, 2025
In January, a ransomware attack on Frederick Health Medical Group exposed sensitive data of 934,326 patients, triggering law enforcement involvement and mandatory federal breach reporting. ...
This Week In Cybersecurity: 21st – 25th April, 2025
April 25, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
April 25, 2025
The Interlock ransomware group has claimed responsibility for a cyberattack on DaVita, leaking 1.5TB of sensitive data allegedly stolen from the Fortune 500 healthcare provider.
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
April 25, 2025
MTN confirms a data breach exposing limited customer data, assures core systems are safe. Law enforcement and regulators have been notified as investigations continue.
Trojan Map App: Spyware Targets Russian Soldiers via Alpine Quest
April 24, 2025
A newly discovered Android spyware campaign is targeting Russian military personnel by weaponizing a popular mapping app. Disguised as a cracked version of Alpine Quest ...
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
Chinese APT Group Salt Typhoon Breaches U.S. National Guard Network, Steals Critical Configuration Files
The UNFI Cyberattack: How Hackers Disrupted the U.S. Food Supply Chain
Zuckerberg on Trial: The $8 Billion Data Privacy Reckoning
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US
Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
Operation Eastwood: Inside the Takedown of NoName057(16)
Phished and Exposed: What the Co-op Hack Reveals About Retail Cybersecurity
FileFix Attacks Are Here: How Interlock’s Ransomware is Skipping Your Defenses
Ontinue Uncovers SVG-Based Phishing: Why Your Browser Could Be the Weak Link
Episource Data Breach Hits Over 5 Million Patients, Sensitive Medical and Insurance Data Potentially Exposed
Exein Raises €70M: Defending the IoT-AI Frontier with Embedded Security
Salt Typhoon Strikes Again: National Guard, Telecoms, and a Crisis in U.S. Cyber Defense
Abacus Market Disappears in Suspected Exit Scam After Handling $300 Million in Darknet Transactions
DragonForce Claims Cyberattack on US Retail Giant Belk, Leaks 156GB of Sensitive Customer and Employee Data
Diskstation Ransomware Gang Dismantled After Years of Targeting NAS Devices Across Europe