Main Menu
Cyber Security
Telegram’s Proxy Link Vulnerability Exposes IP Addresses
Endesa Cyberattack Results in Customer Data Exposure
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
Meta Addresses Security Vulnerability in Instagram Password Resets
AI and Security: Block’s CISO Discusses AI Agents’ Potential
Apex Legends Players Face Unprecedented Character Hijacking Over Weekend
Target’s Source Code Allegedly Exposed in Cyber Breach
Drones Are Now Critical Infrastructure—and Their Networks are the New Attack Surface
California Privacy Protection Agency Takes Action Against Datamasters for Unauthorized Data Sales
Instagram Data Breach Affects 17.5 Million Users: Security Implications Explored
U.S. Immigration and Customs Enforcement’s Surveillance Tactics Scrutinized
UK Government Faces Rising Cybersecurity Concerns Amid Legal Aid and Foreign Office Attacks
Ireland Recalls Thousands of Passports Due to Software-Induced Printing Defect
BreachForums Re-emerges Only to Fall Victim to Data Breach
Anthropic Responds to Viral Allegations of Account Bans
CISA Streamlines Security Measures With Vulnerability Catalog Adoption
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Email Security’s True Challenge: Evaluating Post-access Threats
APT28 Intensifies Credential Harvesting on Nuclear and Energy Sectors
NSA Announces Tim Kosiba as New Deputy Director
Threat Actors Target Vulnerable Proxy Servers in the Hunt for LLM Services
Illinois Department’s Database Error Leads to Massive Data Exposure
Trend Micro Addresses Vulnerabilities in Apex Central, Mitigates Security Risks
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
Vibe Hacking: How AI is Transforming Cybercrime’s Landscape
Logitech’s macOS Applications Disrupted by Expired Code-Signing Certificate
Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
Navigating the Challenges of Fileless Malware in Cybersecurity
Microsoft Acknowledges Issues With Outlook Encryption Feature
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack
Cybersecurity
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack
Gabby Lee November 6, 2025
The U.S. Congressional Budget Office has confirmed a cybersecurity incident involving unauthorized access to its network, with early evidence pointing to a foreign threat actor. ...
Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
Application Security
Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
Mitchell Langley November 6, 2025
Researchers at Tenable uncovered seven security flaws in OpenAI’s ChatGPT, including critical vulnerabilities in the GPT-4o model that exposed memory-stored user data and allowed web ...
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Cybersecurity
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Gabby Lee November 6, 2025
Executive Russian hacking group Sandworm has hit Ukraine’s grain sector with destructive wiper malware, targeting economic infrastructure in attacks now reaching beyond government and energy ...
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
Cybersecurity
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
Andrew Doyle November 6, 2025
Hackers allegedly breached Russia’s Radon nuclear waste plant, stealing testing data, user information, and employee details, raising national security concerns over access to sensitive nuclear ...
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
Cybersecurity
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
Mitchell Langley November 6, 2025
A misconfigured third-party database exposed over 50,000 Stanford Health Care and Hillsboro Medical Center staff records, including payroll data, emails, and hashed passwords, increasing phishing ...
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
Cybersecurity
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
Gabby Lee November 6, 2025
The Qilin ransomware gang claims to have stolen data from Habib Bank AG Zurich, exposing sensitive customer details and internal source code.
Cybersecurity
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
Andrew Doyle November 6, 2025
A global survey found 82 percent of large financial-services organisations reported a data breach or leak in the past year, signalling pervasive cyber-risk across the ...
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
News
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
Mitchell Langley November 6, 2025
The U.S. Treasury has sanctioned eight North Korea-linked individuals and entities accused of laundering funds from cyberattacks to finance Pyongyang’s weapons programs. The move targets ...
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Application Security
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Gabby Lee November 6, 2025
Microsoft has added a new web-based feature to the Microsoft Store that lets users create a single installer for multiple apps. The enhancement simplifies deployments, ...
Malware Learns to Think Google Warns of AI-Powered Evasive Techniques
Cybersecurity
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
Andrew Doyle November 6, 2025
Google has uncovered AI-driven malware capable of mutating its code during execution, evading traditional detection tools. By embedding machine learning models directly into payloads, attackers ...
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
News
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
Mitchell Langley November 6, 2025
The Gootloader malware gang has resurfaced after months of inactivity, reviving its signature SEO poisoning attacks. By manipulating search results to distribute malicious downloads through ...
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Data Security
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Gabby Lee November 6, 2025
Hyundai AutoEver America is now investigating a data breach that led to unauthorized access to sensitive personal information belonging to ...
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
Application Security
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
Gabby Lee November 6, 2025
SonicWall has attributed its 2023 security breach to a suspected state-sponsored APT group that accessed firewall configuration backups. While no personal data was exposed, the ...
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
CVE Vulnerability Alerts
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
Mitchell Langley November 6, 2025
CISA has warned of active exploitation of a critical flaw (CVE-2022-44877) in CentOS Web Panel, allowing unauthenticated remote code execution. Administrators are urged to patch ...
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
Information Security
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
Gabby Lee November 6, 2025
The U.K. is launching a nationwide crackdown on phone scams as major mobile carriers partner with GCHQ to deploy anti-spoofing technology that blocks fake U.K. ...
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
Cybersecurity
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
Gabby Lee November 6, 2025
ALT5 Sigma Corp has sued a former consultant for unauthorized data access, citing potential operational harm and reinforcing insider threat management as a key governance ...
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
Cybersecurity
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
Andrew Doyle November 6, 2025
Il Manifesto exposed millions of user logs and subscriber emails through an unsecured database, revealing politically sensitive reader data and analytics without password protection or ...
SquareX Named SINET16 Innovator for Browser Detection and Response
News
SquareX Named SINET16 Innovator for Browser Detection and Response
Gabby Lee November 5, 2025
PALO ALTO, Calif., November 5, SquareX, a pioneer in the Browser Detection and Response (BDR) space, announced it has been ...
Rhysida Ransomware Gang Exploits Bing Ads to Spread Malware
News
Rhysida Ransomware Gang Exploits Bing Ads to Spread Malware
Gabby Lee November 5, 2025
Rhysida ransomware is spreading malware via malicious Bing ads targeting Microsoft Teams, Zoom, and PuTTY users while abusing code-signing certificates to evade detection and appear ...
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
Cybersecurity
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
Andrew Doyle November 5, 2025
Russian hackers used Hyper-V to deploy a hidden Linux VM hosting custom malware, bypassing typical endpoint detection and enabling stealthy long-term access in target networks.
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
Cybersecurity
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
Mitchell Langley January 13, 2026
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
Cybersecurity
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
Mitchell Langley January 13, 2026
Diplomatic Exchange Between Nations Highlights Tensions in Cybercrime Prosecutions
News
Diplomatic Exchange Between Nations Highlights Tensions in Cybercrime Prosecutions
Mitchell Langley January 11, 2026
Ledger Breach Due to Global-e Attack Compromises Customer Data
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Andrew Doyle January 6, 2026

TOP CYBERSECURITY HEADLINES

Endesa Cyberattack Results in Customer Data Exposure
Data Security
Endesa Cyberattack Results in Customer Data Exposure
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
Application Security
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
Meta Addresses Security Vulnerability in Instagram Password Resets
Application Security
Meta Addresses Security Vulnerability in Instagram Password Resets
AI and Security Block's CISO Discusses AI Agents' Potential
Cybersecurity
AI and Security: Block’s CISO Discusses AI Agents’ Potential

This Week’s Security Spotlight

Telegram's Proxy Link Vulnerability Exposes IP Addresses
Application Security
Telegram’s Proxy Link Vulnerability Exposes IP Addresses
Andrew Doyle January 13, 2026
Apex Legends Players Face Unprecedented Character Hijacking Over Weekend
Application Security
Apex Legends Players Face Unprecedented Character Hijacking Over Weekend
Mitchell Langley January 13, 2026
BreachForums Re-emerges Only to Fall Victim to Data Breach
Application Security
BreachForums Re-emerges Only to Fall Victim to Data Breach
Mitchell Langley January 12, 2026
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Application Security
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Gabby Lee January 11, 2026
More In News
Trending
Phishers Pose as Booking.com to Compromise European Hotels
Phishing Campaign Targets Users with Google Cloud Application Exploitation
Silver Fox Exploits Tax Lures in India to Spread ValleyRAT
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Lakera’s Gandalf Network Joins Check Point in $300M AI Security Deal
September 17, 2025
Podcasts
Shai-Hulud Exposes Fragility of the Open-Source Software Supply Chain
September 17, 2025
Podcasts
ChatGPT Calendar Vulnerability Exposes User Emails in New AI Attack
September 17, 2025

Cyber Security News

CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
Cybersecurity
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
December 17, 2025
PDVSA's Recent Cyberattack Reveals Vulnerabilities in Export Operations
Cybersecurity
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
December 17, 2025
Amazon's Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
Cybersecurity
Amazon’s Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
December 17, 2025
From Open Source to OpenAI Navigating the Evolution of Third-Party Risks
Blog
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
December 17, 2025
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Identity and Access Management
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
December 17, 2025
All I Want for Christmas is All of Your Data SantaStealer Malware Spreads for the Holidays
Cybersecurity
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
December 17, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
November 6, 2025
Executive Russian hacking group Sandworm has hit Ukraine’s grain sector with destructive wiper malware, targeting economic infrastructure in attacks now reaching beyond government and energy ...
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
November 6, 2025
Hackers allegedly breached Russia’s Radon nuclear waste plant, stealing testing data, user information, and employee details, raising national security concerns over access to sensitive nuclear ...
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
November 6, 2025
A misconfigured third-party database exposed over 50,000 Stanford Health Care and Hillsboro Medical Center staff records, including payroll data, emails, and hashed passwords, increasing phishing ...
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
November 6, 2025
The Qilin ransomware gang claims to have stolen data from Habib Bank AG Zurich, exposing sensitive customer details and internal source code.
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
November 6, 2025
A global survey found 82 percent of large financial-services organisations reported a data breach or leak in the past year, signalling pervasive cyber-risk across the ...
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
November 6, 2025
The U.S. Treasury has sanctioned eight North Korea-linked individuals and entities accused of laundering funds from cyberattacks to finance Pyongyang’s weapons programs. The move targets ...
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
November 6, 2025
Microsoft has added a new web-based feature to the Microsoft Store that lets users create a single installer for multiple apps. The enhancement simplifies deployments, ...
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
November 6, 2025
Google has uncovered AI-driven malware capable of mutating its code during execution, evading traditional detection tools. By embedding machine learning models directly into payloads, attackers ...
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
November 6, 2025
The Gootloader malware gang has resurfaced after months of inactivity, reviving its signature SEO poisoning attacks. By manipulating search results to distribute malicious downloads through ...
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
November 6, 2025
Hyundai AutoEver America is now investigating a data breach that led to unauthorized access to sensitive personal information belonging to employees and contractors. The automotive ...
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
November 6, 2025
SonicWall has attributed its 2023 security breach to a suspected state-sponsored APT group that accessed firewall configuration backups. While no personal data was exposed, the ...
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
November 6, 2025
CISA has warned of active exploitation of a critical flaw (CVE-2022-44877) in CentOS Web Panel, allowing unauthenticated remote code execution. Administrators are urged to patch ...
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
November 6, 2025
The U.K. is launching a nationwide crackdown on phone scams as major mobile carriers partner with GCHQ to deploy anti-spoofing technology that blocks fake U.K. ...
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
November 6, 2025
ALT5 Sigma Corp has sued a former consultant for unauthorized data access, citing potential operational harm and reinforcing insider threat management as a key governance ...
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
November 6, 2025
Il Manifesto exposed millions of user logs and subscriber emails through an unsecured database, revealing politically sensitive reader data and analytics without password protection or ...
SquareX Named SINET16 Innovator for Browser Detection and Response
November 5, 2025
PALO ALTO, Calif., November 5, SquareX, a pioneer in the Browser Detection and Response (BDR) space, announced it has been named a SINET16 Innovator for ...
Rhysida Ransomware Gang Exploits Bing Ads to Spread Malware
November 5, 2025
Rhysida ransomware is spreading malware via malicious Bing ads targeting Microsoft Teams, Zoom, and PuTTY users while abusing code-signing certificates to evade detection and appear ...
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
November 5, 2025
Russian hackers used Hyper-V to deploy a hidden Linux VM hosting custom malware, bypassing typical endpoint detection and enabling stealthy long-term access in target networks.
Attackers Exploit Critical Plugin Flaw to Hijack Admin Access on 400,000+ WordPress Sites
November 5, 2025
A zero-day flaw in the Post SMTP WordPress plugin—installed on over 400,000 sites—is under active exploitation, allowing attackers to hijack admin accounts via a misconfigured ...
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
November 4, 2025
Zscaler has uncovered a massive Android malware campaign distributing malicious apps through Google Play, amassing over 40 million downloads. The apps, posing as legitimate tools, ...
Telegram’s Proxy Link Vulnerability Exposes IP Addresses
Endesa Cyberattack Results in Customer Data Exposure
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
Meta Addresses Security Vulnerability in Instagram Password Resets
AI and Security: Block’s CISO Discusses AI Agents’ Potential
Apex Legends Players Face Unprecedented Character Hijacking Over Weekend
Target’s Source Code Allegedly Exposed in Cyber Breach
Drones Are Now Critical Infrastructure—and Their Networks are the New Attack Surface
California Privacy Protection Agency Takes Action Against Datamasters for Unauthorized Data Sales
Instagram Data Breach Affects 17.5 Million Users: Security Implications Explored
U.S. Immigration and Customs Enforcement’s Surveillance Tactics Scrutinized
UK Government Faces Rising Cybersecurity Concerns Amid Legal Aid and Foreign Office Attacks
Authorities in Spain Dismantle Cyber Fraud Network Tied to Black Axe Group
Ireland Recalls Thousands of Passports Due to Software-Induced Printing Defect
BreachForums Re-emerges Only to Fall Victim to Data Breach
Anthropic Responds to Viral Allegations of Account Bans
Iranian APT Group MuddyWater Launches Sophisticated Spear-Phishing Campaign
CISA Streamlines Security Measures With Vulnerability Catalog Adoption
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Illinois Man Charged for Snapchat Phishing Scheme