Main Menu
Cyber Security
TEE.Fail Attack Undermines Confidential Computing on Intel, AMD, and NVIDIA CPUs
Microsoft Faces Lawsuit Over Misleading Customers Into Copilot-Enhanced Microsoft 365 Subscriptions
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems
Dentsu Confirms Data Breach Exposing Employee Payroll and Personal Information
Palo Alto Networks Unveils AI Security Suite: Cortex Cloud 2.0 & Prisma AIRS 2.0 Launched
Italian Spyware Vendor Linked to Chrome Zero-Day Attacks
QNAP Warns Windows Backup Software Impacted by ASP.NET Flaw
NCX Exchange Data Leak Exposes User Wallets, Passwords, and Authentication Keys
Dublin Airport Attack Claimed by Russian Ransomware Group Everest
HSBC USA Data Breach Exposes Sensitive Customer Financial Information
Pwn2Own Ireland 2025: $1M Reward for 73 Zero-Day Exploits Uncovered
OpenAI Atlas Omnibox Vulnerability: Prompt Injection Flaw Exposes Unauthorized Access Risks
Keycard Emerges from Stealth: $38M Funding Fuels IAM Innovation for AI Agents
Massive Gmail Data Breach Exposes 183 Million User Credentials
RedTiger Toolkit Weaponized to Steal Discord Tokens and Crypto Wallets
SS7 Alarm: TCAP Tag Exploit Lets Attackers Intercept SMS and Track Users
NPC Probes GCash Data Breach As E-Wallet Denies Leakage
WhatsApp Hack Uncovers 2 Low-Risk Vulnerabilities, No Arbitrary Code Execution
TP-Link Patches Critical Omada Gateway Vulnerabilities Preventing Remote Attacks
CoPhish Exploit via Microsoft Copilot: OAuth Token Theft Exposes Trusted Domains
GutenKit, Hunk Companion, WP Ghost Exploits Drive New WordPress RCE Surge
Exploitable Bug in Rust async-tar Library — TARmageddon Gives Attackers RCE
Critical WSUS Flaw (CVE-2025-61884) Drives Elevated RCE Attacks on Windows Server
Hackers Exploit “SessionReaper” Flaw in Adobe Magento to Hijack E-Commerce Stores
Blue Cross Blue Shield of Montana Breach Exposes Data of 462,000 Members
Post-Patch ‘ToolShell’ Exploit: CVE-2025-53770 Abused in Microsoft SharePoint
CISA Warns of Lanscope Endpoint Manager Vulnerability Exploited in Attacks
Moroccan Cybercriminals Employ Advanced Deception to Steal Gift Cards
Iran-Linked APT Deploys Phoenix Backdoor Against 100+ Government Organisations
Spoofed AI Sidebars Pose New Cyber Risks for Atlas and Comet Browser Users
NightEagle APT Group Exploits Microsoft Exchange Zero-Day to Target China’s AI and Military Sectors
News
NightEagle APT Group Exploits Microsoft Exchange Zero-Day to Target China’s AI and Military Sectors
Andrew Doyle July 10, 2025
APT group NightEagle exploited a Microsoft Exchange zero-day to infiltrate Chinese AI and defense sectors, using stealthy payloads and persistent backdoors to steal sensitive data. ...
Browser Extensions Turned Trojan Overnight, Compromising 2.3 Million Users
News
Browser Extensions Turned Trojan Overnight, Compromising 2.3 Million Users
Andrew Doyle July 10, 2025
Eighteen Chrome and Edge extensions’ updates transformed them into Trojans, compromising 2.3 million users by redirecting traffic, hijacking data, and enabling persistent access.
M&S Ransomware Attack Traced to Sophisticated Social Engineering Scheme
News
M&S Ransomware Attack Traced to Sophisticated Social Engineering Scheme
Mitchell Langley July 9, 2025
M&S confirmed a major ransomware attack stemmed from social engineering, leading to data theft and system shutdowns linked to DragonForce ransomware and possible third-party compromise. ...
Public EV Chargers Pose New Cybersecurity Risks to Tesla and Other Electric Vehicles
News
Public EV Chargers Pose New Cybersecurity Risks to Tesla and Other Electric Vehicles
Mitchell Langley July 9, 2025
New research reveals how hackers can exploit EV public chargers—including Teslas—using man-in-the-middle attacks, unencrypted data links, and exposed SSH ports to disrupt charging networks.
Qantas Cyberattack Exposes Data of 5.7 Million Customers
News
Qantas Cyberattack Exposes Data of 5.7 Million Customers
Andrew Doyle July 9, 2025
The Qantas cyberattack compromised personal data of 5.7 million customers. No financial information was stolen, but names, emails, and contact details were exposed.
Android Malware ‘Anatsa’ Returns to Google Play to Target Banking Apps Across the U.S.
News
Android Malware ‘Anatsa’ Returns to Google Play to Target Banking Apps Across the U.S.
Andrew Doyle July 9, 2025
The Anatsa banking trojan resurfaced on Google Play, disguised as a PDF app, targeting U.S. users with credential theft overlays on popular mobile banking apps. ...
AI Deepfakes Used to Impersonate Secretary Rubio in Targeted Cyber Campaign
News
AI Deepfakes Used to Impersonate Secretary Rubio in Targeted Cyber Campaign
Andrew Doyle July 9, 2025
AI-generated deepfakes impersonating U.S. Secretary Rubio were used to contact foreign ministers and U.S. officials, with Russian actors suspected in the targeted social engineering campaign. ...
iOS Wingman App FlirtAI Exposes 160,000 Private Chat Screenshots in Major Privacy Breach
News
iOS Wingman App FlirtAI Exposes 160,000 Private Chat Screenshots in Major Privacy Breach
Andrew Doyle July 9, 2025
FlirtAI leaked 160,000 private chat screenshots from users seeking AI-generated responses, raising privacy concerns—especially for teenagers—due to an unprotected cloud storage bucket.
The Role of a Cyber Security Specialist in Building Cyber Resilience and Modern Defense Strategies
Blog
The Role of a Cyber Security Specialist in Building Cyber Resilience and Modern Defense Strategies
Andrew Doyle July 9, 2025
A cyber security specialist is central to cyber resilience and cyber risk management, ensuring modern defense mechanisms protect organizations from evolving digital threats.
https://app.heygen.com/videos/7e9173773f4d4621aafcd286ded3a83e
News
Bitcoin Depot Notifies Over 26,000 Customers of Year-Old Data Breach Involving Driver’s License Information
Mitchell Langley July 8, 2025
Bitcoin Depot is alerting over 26,000 users of a 2024 data breach involving driver’s license details, after federal investigators delayed public notification for nearly a ...
Qantas Faces Extortion Following Cyberattack That Exposed Millions of Customer Records
News
Qantas Faces Extortion Following Cyberattack That Exposed Millions of Customer Records
Mitchell Langley July 8, 2025
Qantas confirms it’s facing extortion following a cyberattack that exposed customer data from a third-party vendor, possibly linked to Scattered Spider’s aviation sector targeting.
'Batavia' Spyware Campaign Hits Russian Industrial Firms via Phishing Contracts
News
‘Batavia’ Spyware Campaign Hits Russian Industrial Firms via Phishing Contracts
Andrew Doyle July 8, 2025
Batavia spyware is hitting Russian industrial firms with phishing emails posing as contracts, deploying multi-part malware to steal sensitive data and monitor infected systems.
Hackers Exploit Leaked Shellter Red Team Tool to Deploy Infostealers
News
Hackers Exploit Leaked Shellter Red Team Tool to Deploy Infostealers
Mitchell Langley July 8, 2025
Hackers weaponized Shellter Elite, a legitimate red team tool, to deliver infostealers after a leaked copy enabled months-long stealth attacks across the threat landscape.
SatanLock Ransomware Group Abruptly Shuts Down, Leaks All Stolen Files
News
SatanLock Ransomware Group Abruptly Shuts Down, Leaks All Stolen Files
Andrew Doyle July 8, 2025
Ransomware gang SatanLock has ceased operations, announcing plans to leak all stolen victim data, marking an abrupt end to its brief but chaotic campaign.
Ingram Micro Hit by Global Outage, Internal Systems Remain Inaccessible Amid Cyberattack Concerns
News
Ingram Micro Hit by Global Outage, Internal Systems Remain Inaccessible Amid Cyberattack Concerns
Andrew Doyle July 7, 2025
Ingram Micro is facing a global outage affecting both external and internal systems, with growing concerns that a possible ransomware attack may be behind the ...
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
Blog
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
Gabby Lee July 7, 2025
AI cyber threats are changing the face of digital warfare. From adaptive malware to deepfake scams, learn how Cybersecurity AI fights back against AI cyber ...
BMW Financial Services Caught in Third-Party Data Breach Involving Texas Fintech Firm
News
BMW Financial Services Caught in Third-Party Data Breach Involving Texas Fintech Firm
Andrew Doyle July 7, 2025
BMW Financial Services confirms indirect exposure from a third-party breach at AIS. The incident affected over 1,950 individuals but did not compromise BMW’s own systems. ...
Ingram Micro Confirms SafePay Ransomware Attack Behind Major Outage
News
Ingram Micro Confirms SafePay Ransomware Attack Behind Major Outage
Mitchell Langley July 7, 2025
Ingram Micro confirms ransomware attack by SafePay as the cause of ongoing system outages, disrupting ordering platforms and forcing VPN shutdowns across multiple global locations. ...
Telefónica Faces New Data Leak Allegations After Hacker Publishes Sample Files
News
Telefónica Faces New Data Leak Allegations After Hacker Publishes Sample Files
Mitchell Langley July 7, 2025
A hacker linked to Hellcat ransomware claims to have stolen 106GB of Telefónica data and has started leaking files after the company denied the breach. ...
Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
News
Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
Mitchell Langley July 7, 2025
Cybercriminals are increasingly using PDFs to impersonate trusted brands like Microsoft, PayPal, and DocuSign in phishing campaigns designed to steal credentials or deploy malware.
Phoenix Contact UPS Vulnerabilities Critical Flaws May Cause Denial-of-Service
Cybersecurity
Phoenix Contact UPS Vulnerabilities: Critical Flaws May Cause Denial-of-Service
Andrew Doyle October 30, 2025
Toys “R” Us Canada Data Breach Customer Records Exposed to Cyber Threats
Data Security
Toys “R” Us Canada Data Breach: Customer Records Exposed to Cyber Threats
Gabby Lee October 27, 2025
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems
Cybersecurity
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems
Andrew Doyle October 29, 2025
Maryland Paratransit Ransomware Disrupts Mobility New Ride Requests Halted
News
Maryland Paratransit Ransomware Disrupts Mobility: New Ride Requests Halted
Andrew Doyle October 27, 2025

TOP CYBERSECURITY HEADLINES

TEE.Fail Attack Undermines Confidential Computing on Intel, AMD, and NVIDIA CPUs
Endpoint Security
TEE.Fail Attack Undermines Confidential Computing on Intel, AMD, and NVIDIA CPUs
CISA Alerts to Actively Exploited Vulnerabilities in DELMIA Apriso by Dassault Systèmes
CVE Vulnerability Alerts
CISA Alerts to Actively Exploited Vulnerabilities in DELMIA Apriso by Dassault Systèmes
Microsoft Faces Lawsuit Over Misleading Customers Into Copilot-Enhanced Microsoft 365 Subscriptions
Application Security
Microsoft Faces Lawsuit Over Misleading Customers Into Copilot-Enhanced Microsoft 365 Subscriptions
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems
Cybersecurity
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems

This Week’s Security Spotlight

OpenAI Atlas Omnibox Vulnerability Prompt Injection Flaw Exposes Unauthorized Access Risks
Application Security
OpenAI Atlas Omnibox Vulnerability: Prompt Injection Flaw Exposes Unauthorized Access Risks
Gabby Lee October 27, 2025
CoPhish Exploit via Microsoft Copilot OAuth Token Theft Exposes Trusted Domains
Application Security
CoPhish Exploit via Microsoft Copilot: OAuth Token Theft Exposes Trusted Domains
Mitchell Langley October 27, 2025
Spoofed AI Sidebars Pose New Cyber Risks for Atlas and Comet Browser Users
Application Security
Spoofed AI Sidebars Pose New Cyber Risks for Atlas and Comet Browser Users
Gabby Lee October 27, 2025
CISA Confirms Hackers Exploited Oracle E-Business Suite SSRF Vulnerability
Application Security
CISA Confirms Hackers Exploited Oracle E-Business Suite SSRF Vulnerability
Andrew Doyle October 22, 2025
More In News
Trending
Co-Op Reports $107 Million Loss After Scattered Spider Cyberattack
Embassy Breach Alert: Iranian Hackers Exploit 100+ Email Accounts via Phishing
UpCrypter Phishing Campaign Exploits Fake Emails to Deliver RAT Payloads
Deepfake Vishing Incidents Surge by 170% in Q2 2025

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
CrowdStrike Acquires Pangea to Launch AI Detection and Response (AIDR)
September 17, 2025
Podcasts
RaccoonO365: $100K Phishing-as-a-Service Scheme Taken Down
September 17, 2025
Podcasts
AI-Generated Phishing and Deepfakes Supercharge Social Engineering Attacks
September 16, 2025

Cyber Security News

Cisco ASA 5500-X Devices Under Attack U.S. CISA Issues Emergency Directive
Cybersecurity
Cisco ASA 5500-X Devices Under Attack: U.S. CISA Issues Emergency Directive
September 29, 2025
Teen Suspect in Scattered Spider Casino Hacks Allegedly Holds $1.8M Bitcoin
Cybersecurity
Teen Suspect in Scattered Spider Casino Hacks Allegedly Holds $1.8M Bitcoin
September 29, 2025
Cybersecurity
AI-Driven Zero-Day Attacks: Preparing for the Autonomous Cyber Threat Era
September 25, 2025
Black Arrow Cyber Threat Intelligence Briefing Analyzing Emerging Attack Vectors
Cybersecurity
Black Arrow Cyber Threat Intelligence Briefing: Analyzing Emerging Attack Vectors
September 25, 2025
Congress Struggles to Renew Cyber Threat Sharing Act Amid Rising Cybersecurity Concerns
Cybersecurity
Congress Struggles to Renew Cyber Threat Sharing Act Amid Rising Cybersecurity Concerns
September 25, 2025
Brickstorm Backdoor Used Espionage Campaign Against U.S. Tech
Cybersecurity
Brickstorm Backdoor Used Espionage Campaign Against U.S. Tech
September 25, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Connex Data Breach Affects 172,000 Customers
August 13, 2025
Connex Credit Union says a June network intrusion exposed personal and financial data for 172,000 customers; notification began August 7, 2025, with CyberScout monitoring offered.
Hackers Leak Allianz Life Data Stolen in Salesforce Attacks
August 13, 2025
ShinyHunters leaked 2.8 million Allianz Life records from Salesforce after the insurer disclosed a July 16 CRM breach affecting the majority of 1.4 million customers. ...
Financial Impact From Severe OT Events Could Top $300B
August 13, 2025
A Dragos and Marsh McLennan report warns severe OT disruptions could cost nearly $330 billion annually in a 1-in-250-year event, driven by business interruption.
Cybersecurity Trends 2025: AI, Digital Identity, and the Shift to Intelligent SecOps
August 13, 2025
In 2025, AI is both a weapon and a shield in cybersecurity, driving trends from intelligent SecOps to digital identity protection, zero-trust adoption, and predictive ...
Russia Said to Be Behind US Federal Court Systems Hack
August 13, 2025
Investigators say Russia is partly behind the US federal court hack, exposing sealed and sensitive records, as courts move files offline and tighten access controls. ...
Over 200,000 New Zealand Government, Health, and Banking Credentials Found on Dark Web
August 13, 2025
A dark web leak has exposed over 200,000 credentials linked to New Zealand’s government, healthcare, and banking sectors, highlighting systemic cybersecurity weaknesses and raising urgent ...
UK Proposes New Cybersecurity Law with Stricter Reporting and Governance Rules
August 13, 2025
The UK’s proposed Cyber Security and Resilience Bill expands oversight to critical suppliers, MSPs, and digital services, introducing stricter governance, 24/72-hour incident reporting, and enhanced ...
North St. Paul Municipal Data Breach Targets Police Department
August 13, 2025
A phishing email targeting a police department account triggered a cyber breach in North St. Paul. While contained quickly, the incident prompted a forensic investigation, ...
Qualys Unveils Agentic AI for Autonomous Cyber Risk Management
August 13, 2025
Qualys has unveiled Agentic AI, an autonomous security framework within its Enterprise TruRisk platform. Designed to automate risk analysis, threat prioritization, and remediation, it promises ...
Windows 11 August 2025 Security Update Introduces AI Features
August 13, 2025
The Windows 11 August 2025 update blends security patches with bold AI features, from Recall’s controversial memory function to upcoming “agentic companions,” signaling Microsoft’s long-term ...
Deepfake Vishing Incidents Surge by 170% in Q2 2025
August 13, 2025
Deepfake-enabled vishing attacks are skyrocketing, with criminals using AI-cloned voices to impersonate executives, officials, and loved ones. These scams bypass defenses, exploit trust, and are ...
August Infosec Spotlight: Elastic EASE & Black Kite ASI Advance AI Threat Detection
August 13, 2025
Two new AI-driven tools—Elastic’s AI SOC Engine and Black Kite’s Adversary Susceptibility Index—are setting a new standard in cybersecurity by automating detection, enhancing context, and ...
Cybersecurity Complexity Due to Tool Sprawl and Multi-Vendor Ecosystems
August 13, 2025
Cybersecurity teams are drowning in complexity, not threats. Multi-vendor tool sprawl inflates costs, weakens visibility, and burns out staff—proving that smarter integration, not more tools, ...
Bitdefender Launches Cybersecurity Advisory Services to Address Security Gaps
August 12, 2025
Bitdefender has launched its Cybersecurity Advisory Services to help enterprises close skills gaps, strengthen compliance, and boost resilience. The program offers tailored strategy, risk management, ...
Palo Alto Networks Acquires CyberArk in $25 Billion Deal
August 12, 2025
Palo Alto Networks is acquiring CyberArk for $25B, marking one of cybersecurity’s largest deals. The move signals a strategic pivot to identity security, addressing human ...
UK Now Third Most Targeted Nation for Malware Attacks in 2025
August 12, 2025
The UK is now the third most targeted country for malware, recording over 100 million attacks in three months. Rising ransomware, phishing, and identity fraud ...
US Becomes Ransomware Capital with 146% Increase in Attacks
August 12, 2025
The U.S. now accounts for 50% of global ransomware incidents, with attacks surging 146% year-over-year. Critical sectors like manufacturing, healthcare, and energy face escalating threats ...
Ransomware-as-a-Service (RaaS) Fuels Record Cyberattack Surge in 2025
August 12, 2025
Ransomware-as-a-Service is driving a surge in cyberattacks, making sophisticated ransomware accessible to low-skilled criminals. With incidents up 149% in early 2025, experts warn that RaaS ...
Pacific HealthWorks Hit By Everest Ransomware; Patient Data From 50+ Practices Published
August 12, 2025
Everest ransomware posted hundreds of Pacific HealthWorks files, exposing patient and billing records from 50+ medical groups; leaked samples show SSNs, claims and medical IDs. ...
Kimsuky Data Leak Exposes 8.9GB of Alleged North Korean APT Tooling and Stolen Records
August 12, 2025
Two hackers leaked an 8.9GB dump they say came from North Korea’s Kimsuky APT, exposing phishing logs, toolkits, source code and possible campaign data today. ...
TEE.Fail Attack Undermines Confidential Computing on Intel, AMD, and NVIDIA CPUs
CISA Alerts to Actively Exploited Vulnerabilities in DELMIA Apriso by Dassault Systèmes
Microsoft Faces Lawsuit Over Misleading Customers Into Copilot-Enhanced Microsoft 365 Subscriptions
Qilin Ransomware Leverages WSL to Deploy Linux Encryptors on Windows Systems
Dentsu Confirms Data Breach Exposing Employee Payroll and Personal Information
Palo Alto Networks Unveils AI Security Suite: Cortex Cloud 2.0 & Prisma AIRS 2.0 Launched
Operation ForumTroll: Chrome Zero-Day Tied to Italian Spyware Developer Memento Labs
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
Chainguard’s $3.5 Billion Valuation Signals Massive Investor Confidence in Secure-by-Default Software
Italian Spyware Vendor Linked to Chrome Zero-Day Attacks
QNAP Warns Windows Backup Software Impacted by ASP.NET Flaw
NCX Exchange Data Leak Exposes User Wallets, Passwords, and Authentication Keys
Dublin Airport Attack Claimed by Russian Ransomware Group Everest
HSBC USA Data Breach Exposes Sensitive Customer Financial Information
Pwn2Own Ireland 2025: $1M Reward for 73 Zero-Day Exploits Uncovered
OpenAI Atlas Omnibox Vulnerability: Prompt Injection Flaw Exposes Unauthorized Access Risks
Keycard Emerges from Stealth: $38M Funding Fuels IAM Innovation for AI Agents
SailPoint Identity Risk Review: Intelligent Identity Threat Detection