Main Menu
Cyber Security
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Tier 1 SOC Analysts Are Carrying More Weight Than They Should
Joint Operation Dismantles Criminal Syndicate Exploiting Ukrainian War Refugees
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
Russian Ransomware Operator Admits Guilt in U.S. Court
Meta’s Smart Glasses Face Privacy Investigation in Britain
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
HungerRush POS Platform Targeted in Data Extortion Scheme
Fake OpenClaw Installers on GitHub Are Stealing User Data
Coruna iOS Exploits Target Apple Devices in Espionage and Financial Attacks
FBI Seizes LeakBase and Disrupts a Major Cybercrime Forum
Zurich Forms Cyber Insurance Powerhouse with $11 Billion Beazley Acquisition
Retaliatory Hacktivism Escalates Amid Epic Fury and Roaring Lion Military Operations
University of Mississippi Medical Center Resumes Operations After Nine-Day Ransomware Attack
LexisNexis Data Breach Claimed by Fulcrumsec Group
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX
Alabama Man Pleads Guilty to Cyberstalking and Extortion After Hijacking Hundreds of Women’s Accounts
Chrome’s Gemini Live Feature Left Users Exposed to Malicious Extensions
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
Criminals Exploit Dubai Crisis With Elaborate Fake Police Scheme
Stealthy Campaign Targets Developers With Malicious VSCode Extensions
Application Security
Stealthy Campaign Targets Developers With Malicious VSCode Extensions
Andrew Doyle December 15, 2025
A stealth campaign has targeted developers using VSCode with 19 malware-infested extensions since February. Threat actors exploit the flexibility of VSCode extensions to distribute malicious ...
CyberVolk's Return Unpacking the Pro-Russian Hacktivist's Ransomware Resurgence
News
CyberVolk’s Return: Unpacking the Pro-Russian Hacktivist’s Ransomware Resurgence
Mitchell Langley December 15, 2025
CyberVolk, a pro-Russian hacktivist group, resurfaces with new ransomware. Despite causing alarm, they inadvertently left a method for data recovery.
Cybercrime as a Service The New Era of Subscription-Based Attacks
Cybersecurity
Cybercrime as a Service: The New Era of Subscription-Based Attacks
Andrew Doyle December 15, 2025
Cybercriminals have adopted a subscription-based model akin to SaaS, granting low-skill hackers easy access to potent tools. Phishing kits, OTP bots, infostealer logs, and RATs ...
MITRE's 2025 ATT&CK Evaluations Reveal Company Performance on Detection Rates
News
MITRE’s 2025 ATT&CK Evaluations Reveal Company Performance on Detection Rates
Mitchell Langley December 15, 2025
The 2025 ATT&CK Enterprise evaluations by MITRE reveal detailed performance metrics of eleven cybersecurity companies, highlighting their detection capabilities. Several companies achieved a 100% detection ...
LastPass Suffers Major Setback as ICO Imposes Consequences Over 2022 Data Breach
Cybersecurity
LastPass Suffers Major Setback as ICO Imposes Consequences Over 2022 Data Breach
Gabby Lee December 15, 2025
LastPass has been fined £1.2 million by the UK's Information Commissioner's Office due to a severe 2022 data breach. The breach exposed sensitive information from ...
Vulnerabilities in PCIe IDE Protocol Pose Risks to Local Systems
Cybersecurity
Vulnerabilities in PCIe IDE Protocol Pose Risks to Local Systems
Andrew Doyle December 15, 2025
Security flaws in the PCIe IDE protocol in Base Specification Revision 5.0 and beyond have been discovered, which could allow local attackers to exploit systems. ...
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
Application Security
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
Andrew Doyle December 11, 2025
Google has implemented security measures to patch the GeminiJack vulnerability, a zero-click exploit that exposed enterprise data to potential threats through emails and calendar invites. ...
Spiderman Phishing Kit Poses New Threat to European Banks and Crypto Holders
News
Spiderman Phishing Kit Poses New Threat to European Banks and Crypto Holders
Gabby Lee December 11, 2025
Spiderman phishing kit uses cloned websites to deceive European bank and crypto customers. The fraudulent sites mimic legitimate brands, posing significant risks.
Why Insuring Keith Richards' Fingers Highlights Risk Management in Cybersecurity
Cybersecurity
Why Insuring Keith Richards’ Fingers Highlights Risk Management in Cybersecurity
Andrew Doyle December 11, 2025
Celebrities have insured body parts like Keith Richards' fingers, echoing the importance of protecting vital assets, much like prioritizing key elements in cybersecurity.
Docker Hub Data Exposure Puts Thousands of Containers at Risk
Data Security
Docker Hub Data Exposure Puts Thousands of Containers at Risk
Mitchell Langley December 11, 2025
More than 10,000 Docker Hub container images have been found to expose sensitive data, including live credentials for production systems and CI/CD databases. The exposure ...
React2Shell Exploit Continues to Deliver Undetected Malware Families
Cybersecurity
React2Shell Exploit Continues to Deliver Undetected Malware Families
Mitchell Langley December 11, 2025
React2Shell is exploiting a severe flaw in React Server Components to install cryptocurrency miners and introduce unseen malware families. The threats include a Linux backdoor, ...
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Application Security
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Gabby Lee December 11, 2025
Microsoft is set to bolster Teams with a new security feature that examines suspicious traffic involving external domains. This strategic enhancement is poised to assist ...
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
Application Security
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
Andrew Doyle December 11, 2025
Researchers identified a .NET security flaw impacting enterprise-grade solutions, urging a fix. Despite discovering the vulnerability, Microsoft has chosen not to address the issue, leading ...
NET Framework Vulnerability SOAPwn Impact on Enterprise Applications
Application Security
.NET Framework Vulnerability SOAPwn: Impact on Enterprise Applications
Gabby Lee December 11, 2025
A new vulnerability dubbed SOAPwn has been discovered within the .NET Framework, posing significant risks to enterprise applications by potentially enabling remote code execution. Several ...
Teen Hacker Arrested in Spain for Major Data Breach Scheme
Cybersecurity
Teen Hacker Arrested in Spain for Major Data Breach Scheme
Mitchell Langley December 11, 2025
Spanish authorities have apprehended a 19-year-old in Barcelona for allegedly stealing and attempting to sell 64 million records from nine breached companies. This significant arrest ...
Satellite Signal Interruption Causes Porsche Immobilization in Russia
Cybersecurity
Satellite Signal Interruption Causes Porsche Immobilization in Russia
Andrew Doyle December 11, 2025
Hundreds of Porsches in Russia became immobile due to satellite communication issues, sparking fears of a hack. However, Porsche asserts no breach occurred and their ...
Ivanti Urges Immediate Patch for Endpoint Manager Vulnerability
CVE Vulnerability Alerts
Ivanti Urges Immediate Patch for Endpoint Manager Vulnerability
Andrew Doyle December 11, 2025
Ivanti has issued an urgent patch for a critical vulnerability, CVE-2023-35082, in its Endpoint Manager solution. This flaw enables attackers to remotely execute code, highlighting ...
Prime Security Secures $20 Million to Advance AI-Powered Security Tools
Cybersecurity
Prime Security Secures $20 Million to Advance AI-Powered Security Tools
Gabby Lee December 11, 2025
Prime Security has secured $20 million in funding to develop its AI-powered platform that autonomously performs security design reviews and identifies design flaws. This venture ...
Microsoft Appoints New Operating CISOs to Enhance AI-Driven Cyberdefense
Cybersecurity
Microsoft Appoints New Operating CISOs to Enhance AI-Driven Cyberdefense
Mitchell Langley December 11, 2025
Microsoft's initiative to appoint new operating CISOs reflects a strategic shift towards AI defense capabilities. Underlining the importance of operational oversight, this move aligns with ...
Fortinet Releases Fixes for Critical Vulnerabilities Affecting FortiOS and Other Products
Application Security
Fortinet Releases Fixes for Critical Vulnerabilities Affecting FortiOS and Other Products
Gabby Lee December 11, 2025
Fortinet addresses critical vulnerabilities in FortiOS and associated products with new security updates. These weaknesses could allow attackers to bypass the FortiCloud Single Sign-On (SSO) ...
ELECQ Data Breach May Have Exposed EV Charger Users' Private Information
Cybersecurity
ELECQ Data Breach May Have Exposed EV Charger Users’ Private Information
Mitchell Langley March 11, 2026
Meta's Smart Glasses Face Privacy Investigation in Britain
Cybersecurity
Meta’s Smart Glasses Face Privacy Investigation in Britain
Gabby Lee March 6, 2026
Lazarus Group Expands Its Ransomware Arsenal with Medusa
News
Lazarus Group Expands Its Ransomware Arsenal with Medusa
Andrew Doyle February 25, 2026
Polish Authorities Detain Suspected Phobos Ransomware Operative
News
Polish Authorities Detain Suspected Phobos Ransomware Operative
Andrew Doyle February 18, 2026

TOP CYBERSECURITY HEADLINES

ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant's Own Tool
Application Security
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
Salesforce's Experience Cloud Platform Faces Vulnerability Challenges
Application Security
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
News
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
Cybersecurity
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025

This Week’s Security Spotlight

OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
CISA Faces Challenges With Limited Resources Amid DHS Shutdown
Cybersecurity
CISA Faces Challenges With Limited Resources Amid DHS Shutdown
Andrew Doyle February 17, 2026
Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
More In News
Trending
Law Enforcement Dismantles Tycoon2FA Phishing-as-a-Service Platform
Phishing Attack Masquerades as Google Security Page to Steal Sensitive Information
Optimizely Suffers a Data Breach Through a Voice Phishing Attack
Cybercriminals Exploit OAuth 2.0 Device Authorization Flow in Vishing Campaigns

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
FinWise Bank Data Breach Exposes 700K Customers Amid Predatory Lending Allegations
September 16, 2025
Podcasts
The “s1ngularity” Attack: How Hackers Hijacked Nx and Leaked Thousands of Repositories
September 8, 2025
Podcasts
Canadian Investment Giant Wealthsimple Hit by Vendor Compromise
September 8, 2025

Cyber Security News

Android Malware Incident Hugging Face Repository Misuse
Cybersecurity
Android Malware Incident: Hugging Face Repository Misuse
February 4, 2026
Chrome Extensions Prove Malicious with Data Hijacking Tricks
Application Security
Chrome Extensions Prove Malicious with Data Hijacking Tricks
February 4, 2026
White House Revokes Software Security Rules But Keeps Key Resources
Cybersecurity
White House Revokes Software Security Rules But Keeps Key Resources
February 4, 2026
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Application Security
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
February 4, 2026
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Cybersecurity
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
February 4, 2026
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Cybersecurity
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
February 4, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Cybercrime as a Service: The New Era of Subscription-Based Attacks
December 15, 2025
Cybercriminals have adopted a subscription-based model akin to SaaS, granting low-skill hackers easy access to potent tools. Phishing kits, OTP bots, infostealer logs, and RATs ...
MITRE’s 2025 ATT&CK Evaluations Reveal Company Performance on Detection Rates
December 15, 2025
The 2025 ATT&CK Enterprise evaluations by MITRE reveal detailed performance metrics of eleven cybersecurity companies, highlighting their detection capabilities. Several companies achieved a 100% detection ...
LastPass Suffers Major Setback as ICO Imposes Consequences Over 2022 Data Breach
December 15, 2025
LastPass has been fined £1.2 million by the UK's Information Commissioner's Office due to a severe 2022 data breach. The breach exposed sensitive information from ...
Vulnerabilities in PCIe IDE Protocol Pose Risks to Local Systems
December 15, 2025
Security flaws in the PCIe IDE protocol in Base Specification Revision 5.0 and beyond have been discovered, which could allow local attackers to exploit systems. ...
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
December 11, 2025
Google has implemented security measures to patch the GeminiJack vulnerability, a zero-click exploit that exposed enterprise data to potential threats through emails and calendar invites. ...
Spiderman Phishing Kit Poses New Threat to European Banks and Crypto Holders
December 11, 2025
Spiderman phishing kit uses cloned websites to deceive European bank and crypto customers. The fraudulent sites mimic legitimate brands, posing significant risks.
Why Insuring Keith Richards’ Fingers Highlights Risk Management in Cybersecurity
December 11, 2025
Celebrities have insured body parts like Keith Richards' fingers, echoing the importance of protecting vital assets, much like prioritizing key elements in cybersecurity.
Docker Hub Data Exposure Puts Thousands of Containers at Risk
December 11, 2025
More than 10,000 Docker Hub container images have been found to expose sensitive data, including live credentials for production systems and CI/CD databases. The exposure ...
React2Shell Exploit Continues to Deliver Undetected Malware Families
December 11, 2025
React2Shell is exploiting a severe flaw in React Server Components to install cryptocurrency miners and introduce unseen malware families. The threats include a Linux backdoor, ...
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
December 11, 2025
Microsoft is set to bolster Teams with a new security feature that examines suspicious traffic involving external domains. This strategic enhancement is poised to assist ...
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
December 11, 2025
Researchers identified a .NET security flaw impacting enterprise-grade solutions, urging a fix. Despite discovering the vulnerability, Microsoft has chosen not to address the issue, leading ...
.NET Framework Vulnerability SOAPwn: Impact on Enterprise Applications
December 11, 2025
A new vulnerability dubbed SOAPwn has been discovered within the .NET Framework, posing significant risks to enterprise applications by potentially enabling remote code execution. Several ...
Teen Hacker Arrested in Spain for Major Data Breach Scheme
December 11, 2025
Spanish authorities have apprehended a 19-year-old in Barcelona for allegedly stealing and attempting to sell 64 million records from nine breached companies. This significant arrest ...
Satellite Signal Interruption Causes Porsche Immobilization in Russia
December 11, 2025
Hundreds of Porsches in Russia became immobile due to satellite communication issues, sparking fears of a hack. However, Porsche asserts no breach occurred and their ...
Ivanti Urges Immediate Patch for Endpoint Manager Vulnerability
December 11, 2025
Ivanti has issued an urgent patch for a critical vulnerability, CVE-2023-35082, in its Endpoint Manager solution. This flaw enables attackers to remotely execute code, highlighting ...
Prime Security Secures $20 Million to Advance AI-Powered Security Tools
December 11, 2025
Prime Security has secured $20 million in funding to develop its AI-powered platform that autonomously performs security design reviews and identifies design flaws. This venture ...
Microsoft Appoints New Operating CISOs to Enhance AI-Driven Cyberdefense
December 11, 2025
Microsoft's initiative to appoint new operating CISOs reflects a strategic shift towards AI defense capabilities. Underlining the importance of operational oversight, this move aligns with ...
Fortinet Releases Fixes for Critical Vulnerabilities Affecting FortiOS and Other Products
December 11, 2025
Fortinet addresses critical vulnerabilities in FortiOS and associated products with new security updates. These weaknesses could allow attackers to bypass the FortiCloud Single Sign-On (SSO) ...
Adobe’s Comprehensive Security Update Targets Massive Vulnerabilities Array
December 11, 2025
Adobe released a security update fixing nearly 140 vulnerabilities, prominently targeting cross-site scripting (XSS) vulnerabilities in its Experience Manager. This extensive fix demonstrates the company’s ...
Microsoft Enhances PowerShell Security With Script Warning Functionality
December 11, 2025
Microsoft has integrated a new security feature into Windows PowerShell, alerting users when scripts utilizing the Invoke-WebRequest cmdlet to download web content are run. This ...
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
Dutch Police Give Suspected Scammers a Two-Week Deadline to Surrender
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Tier 1 SOC Analysts Are Carrying More Weight Than They Should
Joint Operation Dismantles Criminal Syndicate Exploiting Ukrainian War Refugees
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
Cisco Catalyst SD-WAN Manager Faces Active Exploitation of New Vulnerabilities
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Russian Ransomware Operator Admits Guilt in U.S. Court
Meta’s Smart Glasses Face Privacy Investigation in Britain
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure
HungerRush POS Platform Targeted in Data Extortion Scheme