Main Menu
Cyber Security
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies
RoguePlanet Zero-Day Gives Attackers SYSTEM on Patched Windows
Ivanti Sentry CVE-2026-10520 Actively Exploited, Devices Backdoored
Langflow CVE-2026-5027: Path Traversal Becomes Unauthenticated RCE
WorldLeaks Claims Apple Supplier Tata Electronics and Two More Firms
What is Cloud Detection and Response (CDR) and How Does it Work
Google Patches 5th Chrome Zero-Day; V8 Flaw Chains for OS Access
LiteLLM CVE-2026-42271 Added to CISA KEV: AI API Keys at Risk
France’s Tchap Messaging App Breached, 643K Messages Exposed
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Exploit Published for Linux Kernel nf_tables CVE-2026-23111
Global Arrests Made in a Social Media Scam Targeting Thousands
Cybersecurity
Global Arrests Made in a Social Media Scam Targeting Thousands
Gabby Lee March 12, 2026
Authorities dismantle a major social media scam ring, arresting suspects and affecting thousands.
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
Application Security
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
Andrew Doyle March 12, 2026
An SQL injection flaw in the Ally WordPress plugin poses data breach risks on over 400,000 websites.
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
Cybersecurity
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
Gabby Lee March 12, 2026
WhatsApp rolls out a feature for parent-managed accounts, enhancing safety for pre-teen users.
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Andrew Doyle March 12, 2026
The Senate has confirmed Joshua Rudd to head both the NSA and US Cyber Command, continuing the "dual-hat" arrangement.
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
Cybersecurity
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
Mitchell Langley March 12, 2026
Police Scotland faces a £66,000 fine due to mishandling sensitive data.
'PhantomRaven' Supply-Chain Campaign Floods npm Registry with Malicious Packages
Application Security
‘PhantomRaven’ Supply-Chain Campaign Floods npm Registry with Malicious Packages
Andrew Doyle March 12, 2026
'PhantomRaven' attacks are affecting JavaScript developers by targeting the npm registry with dozens of malicious packages designed to steal sensitive...
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
Cybersecurity
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
Gabby Lee March 12, 2026
Stryker, a medical tech leader, attacked by pro-Palestinian hacktivist group Handala, using impactful wiper malware.
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Mitchell Langley March 12, 2026
Two critical security vulnerabilities in n8n automation platform have been patched.
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
Cybersecurity
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
Andrew Doyle March 12, 2026
Google completes $32 billion acquisition of cloud security leader Wiz, expanding its cybersecurity capabilities.
Fake Starlink Android Apps Spread BeatBanker Malware
Cybersecurity
Fake Starlink Android Apps Spread BeatBanker Malware
Gabby Lee March 12, 2026
BeatBanker Android malware targets users through fake apps.
ELECQ Data Breach May Have Exposed EV Charger Users' Private Information
Cybersecurity
ELECQ Data Breach May Have Exposed EV Charger Users’ Private Information
Mitchell Langley March 11, 2026
ELECQ warns of potential data theft after ransomware attack on its cloud systems.
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
Cybersecurity
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
Andrew Doyle March 11, 2026
Ericsson Inc. reports data theft affecting employees and customers due to a service provider breach.
Malicious npm Package Disguises as OpenClaw Installer for Data Theft
Application Security
Malicious npm Package Disguises as OpenClaw Installer for Data Theft
Andrew Doyle March 11, 2026
New npm threat involves package posing as OpenClaw installer deploying RAT to steal sensitive data.
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant's Own Tool
Application Security
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
Mitchell Langley March 11, 2026
ShinyHunters claims responsibility for a high-profile data breach affecting Salesforce and other major companies, utilizing an open-source tool develo...
Salesforce's Experience Cloud Platform Faces Vulnerability Challenges
Application Security
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
Andrew Doyle March 11, 2026
Salesforce's Experience Cloud under scrutiny as vulnerabilities expose extensive data risks.
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
News
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
Mitchell Langley March 11, 2026
Russian hackers are targeting Signal and WhatsApp accounts of officials globally, posing cyber risks.
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
Cybersecurity
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
Gabby Lee March 11, 2026
North Korean state-sponsored threat actors are suspected of a 2025 cryptocurrency cloud heist.
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
Cybersecurity
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
Andrew Doyle March 11, 2026
Microsoft is still working to resolve a bright white flash issue in Windows 11's File Explorer that continues to affect users on certain systems.
Dutch Police Give Suspected Scammers a Two-Week Deadline to Surrender
News
Dutch Police Give Suspected Scammers a Two-Week Deadline to Surrender
Mitchell Langley March 11, 2026
Dutch police give 100 alleged scammers two weeks to surrender, or their images could be displayed nationwide.
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
Cybersecurity
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
Gabby Lee March 11, 2026
New ClickFix technique utilizes Windows Terminal instead of the Run dialog to bypass security measures.
Application Security
Chrome 149 Patches 28 Flaws, Including 12 Use-After-Free Bugs
Gabby Lee June 12, 2026
Cybersecurity
Kyushu Electric Loses Drive With Data on 10.9M Customers
Mitchell Langley June 12, 2026
Blog
Triple Extortion Ransomware: How It Works and How to Stop It
Andrew Doyle June 12, 2026
Cybersecurity
Europol Dismantles AudiA6 Crypto Laundering Service
Gabby Lee June 12, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Application Security
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
Application Security
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers

This Week’s Security Spotlight

Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Andrew Doyle June 12, 2026
Application Security
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Andrew Doyle June 10, 2026
Application Security
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Gabby Lee June 10, 2026
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
More In News
Trending
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
FinWise Bank Data Breach Exposes 700K Customers Amid Predatory Lending Allegations
September 16, 2025
Podcasts
The “s1ngularity” Attack: How Hackers Hijacked Nx and Leaked Thousands of Repositories
September 8, 2025
Podcasts
Canadian Investment Giant Wealthsimple Hit by Vendor Compromise
September 8, 2025

Cyber Security News

Cybersecurity
NC Man Gets 121 Months for Selling Elderly Americans’ Data to Scammers
June 1, 2026
Application Security
Microsoft: 14 npm Packages Linked to Single Actor Stealing AWS Keys
June 1, 2026
Cybersecurity
Play Ransomware Lists MyPillow, US Telecom in Six-Victim Batch
June 1, 2026
Cybersecurity
Incransom Hits Illinois Health Center and Manufacturer
June 1, 2026
Cybersecurity
Nova Ransomware Lists Russian Oil Firm Eriell in May 26 Batch
June 1, 2026
Cybersecurity
Incransom Claims Meirc Breach, Threatens to Leak 1TB of Client Data
May 26, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
March 12, 2026
The Senate has confirmed Joshua Rudd to head both the NSA and US Cyber Command, continuing the "dual-hat" arrangement.
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
March 12, 2026
Police Scotland faces a £66,000 fine due to mishandling sensitive data.
‘PhantomRaven’ Supply-Chain Campaign Floods npm Registry with Malicious Packages
March 12, 2026
'PhantomRaven' attacks are affecting JavaScript developers by targeting the npm registry with dozens of malicious packages designed to steal sensitive...
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
March 12, 2026
Stryker, a medical tech leader, attacked by pro-Palestinian hacktivist group Handala, using impactful wiper malware.
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
March 12, 2026
Two critical security vulnerabilities in n8n automation platform have been patched.
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
March 12, 2026
Google completes $32 billion acquisition of cloud security leader Wiz, expanding its cybersecurity capabilities.
Fake Starlink Android Apps Spread BeatBanker Malware
March 12, 2026
BeatBanker Android malware targets users through fake apps.
ELECQ Data Breach May Have Exposed EV Charger Users’ Private Information
March 11, 2026
ELECQ warns of potential data theft after ransomware attack on its cloud systems.
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
March 11, 2026
Ericsson Inc. reports data theft affecting employees and customers due to a service provider breach.
Malicious npm Package Disguises as OpenClaw Installer for Data Theft
March 11, 2026
New npm threat involves package posing as OpenClaw installer deploying RAT to steal sensitive data.
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
March 11, 2026
ShinyHunters claims responsibility for a high-profile data breach affecting Salesforce and other major companies, utilizing an open-source tool develo...
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
March 11, 2026
Salesforce's Experience Cloud under scrutiny as vulnerabilities expose extensive data risks.
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
March 11, 2026
Russian hackers are targeting Signal and WhatsApp accounts of officials globally, posing cyber risks.
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
March 11, 2026
North Korean state-sponsored threat actors are suspected of a 2025 cryptocurrency cloud heist.
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
March 11, 2026
Microsoft is still working to resolve a bright white flash issue in Windows 11's File Explorer that continues to affect users on certain systems.
Dutch Police Give Suspected Scammers a Two-Week Deadline to Surrender
March 11, 2026
Dutch police give 100 alleged scammers two weeks to surrender, or their images could be displayed nationwide.
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
March 11, 2026
New ClickFix technique utilizes Windows Terminal instead of the Run dialog to bypass security measures.
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
March 6, 2026
A vulnerability in Perplexity's Comet browser exposed local files to potential theft via calendar events.
Tier 1 SOC Analysts Are Carrying More Weight Than They Should
March 6, 2026
Tier 1 SOC analysts face unique challenges in threat detection due to their inexperience, affecting overall security operations center performance.
Joint Operation Dismantles Criminal Syndicate Exploiting Ukrainian War Refugees
March 6, 2026
Investigation dismantles online gambling criminal syndicate exploiting war-displaced women, highlights international collaboration in cybersecurity.
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies