Main Menu
Cyber Security
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026: What Day 1 Revealed
QualDerm Partners Data Breach Hits Over 3.1 Million People
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Gartner Publishes Its First Market Guide for Guardian Agents
Software Supply Chains Are the New Frontline for Cyber Risk
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Tech Giants Invest $12.5 Million in Open Source Software Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Stryker’s Internal Microsoft Environment Was Breached Last Week
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
How AI Is Making Financial Fraud 4.5 Times More Profitable
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
FBI Seeks Gamer Help in Steam Malware Investigation
Shadow AI Is Quietly Spreading Across SaaS Environments
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
PDVSA's Recent Cyberattack Reveals Vulnerabilities in Export Operations
Cybersecurity
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
Gabby Lee December 17, 2025
PDVSA, Venezuela's state-owned oil giant, faced a severe cyberattack disrupting export operations over the weekend. The attack highlights vulnerabilities in the company's cybersecurity infrastructure, casting ...
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo
News
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo
Andrew Doyle December 17, 2025
Researchers revealed a NuGet package, "Tracer.Fody.NLog," disguising as a popular .NET library, which concealed a cryptocurrency wallet stealer. Initially published in 2020, it remained undetected ...
Amazon's Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
Cybersecurity
Amazon’s Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
Mitchell Langley December 17, 2025
Amazon's Threat Intelligence team successfully disabled operations related to Russian GRU hackers, focusing on customer cloud infrastructure security and thwarting espionage attempts.
From Open Source to OpenAI Navigating the Evolution of Third-Party Risks
Blog
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
Gabby Lee December 17, 2025
Explore how speed-driven development introduces new third-party risks. Understand how threat actors exploit vulnerabilities in open source libraries and AI-driven tools.
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Identity and Access Management
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Andrew Doyle December 17, 2025
A cryptocurrency mining campaign targets AWS customers by exploiting stolen Identity and Access Management credentials. Detected by Amazon's GuardDuty, the attack uses novel persistence techniques ...
All I Want for Christmas is All of Your Data SantaStealer Malware Spreads for the Holidays
Cybersecurity
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
Mitchell Langley December 17, 2025
A cybercriminal's holiday dream, SantaStealer, a new information-stealing malware, promises undetected operation on systems of high-profile targets, advertised on Telegram for $175 monthly.
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
Data Security
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
Andrew Doyle December 16, 2025
The Texas Attorney General has taken legal action against five major television manufacturers, alleging violation of data privacy. The lawsuit accuses these companies of using ...
ECB Decision Causes Costly Delays for Bank of England's Payment System Overhaul
Cybersecurity
ECB Decision Causes Costly Delays for Bank of England’s Payment System Overhaul
Andrew Doyle December 16, 2025
The European Central Bank's (ECB) 2022 postponement of a new messaging standard forced the Bank of England to delay its payment system launch, incurring £23 ...
Cyber Raid on Jaguar Land Rover August Attack Leads to Theft of Sensitive Information
Information Security
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
Mitchell Langley December 16, 2025
The August cyber raid on Jaguar Land Rover (JLR) had a dual impact, crippling factory operations and resulting in the theft of sensitive employee payroll ...
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Application Security
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Mitchell Langley December 16, 2025
Google has reported exploitation of the React2Shell vulnerability by five Chinese threat actor groups and Iranian operatives, aiming to deliver malware. This vulnerability, is becoming ...
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
CVE Vulnerability Alerts
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
Andrew Doyle December 16, 2025
Atlassian has released security updates targeting multiple vulnerabilities, including critical-severity issues in products like Apache Tika. One major flaw is an XML External Entity (XXE) ...
FreePBX Critical Vulnerability Enables Potential Authentication Bypass
CVE Vulnerability Alerts
FreePBX Critical Vulnerability Enables Potential Authentication Bypass
Mitchell Langley December 16, 2025
FreePBX, an open-source private branch exchange (PBX) platform, has multiple security vulnerabilities. A critical flaw (CVE-2025-61675) allows authentication bypass under certain configurations.
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
Data Security
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
Andrew Doyle December 16, 2025
700Credit, a prominent fintech company, reports a significant data breach where sensitive information of 5.8 million individuals has been compromised.
Google Chrome Extension With Millions of Users May Be Compromising Privacy
Application Security
Google Chrome Extension With Millions of Users May Be Compromising Privacy
Gabby Lee December 16, 2025
The Urban VPN Proxy, trusted by over 6 million users on Google Chrome, is suspected of covertly harvesting data entered into AI chatbots. The extension ...
Militant Groups Experiment With AI, Amplifying Threats
Cybersecurity
Militant Groups Experiment With AI, Amplifying Threats
Mitchell Langley December 16, 2025
Extremist groups are leveraging AI technologies to enhance their propaganda efforts, according to recent insights. This trend points to a growing challenge in cybersecurity as ...
SoundCloud's VPN Restrictions Lead to Access Denials for Users
Cybersecurity
SoundCloud’s VPN Restrictions Lead to Access Denials for Users
Andrew Doyle December 16, 2025
Users attempting to access SoundCloud via VPN connections are encountering a 403 forbidden error, resulting in blocked access to the audio streaming platform. This issue ...
Email Scam Exploits PayPal's Subscriptions Billing Feature
News
Email Scam Exploits PayPal’s Subscriptions Billing Feature
Gabby Lee December 15, 2025
PayPal's legitimate billing feature becomes a tool for scammers sending fraudulent emails, mimicking genuine purchase notifications. This latest financial scam uses deception to its full ...
Unsecured 16TB Database Exposes 4.3 Billion Professional Records
Information Security
Unsecured 16TB Database Exposes 4.3 Billion Professional Records
Mitchell Langley December 15, 2025
A massive 16TB MongoDB database containing 4.3 billion professional records was found unsecured, raising concerns about AI-driven social engineering threats. Researchers Bob Diachenko and nexos.ai ...
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
Application Security
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
Andrew Doyle December 15, 2025
A vulnerability in Notepad++ could have let attackers hijack update traffic. This flaw stemmed from weak file authentication during updates. A report by security researcher ...
Apple Patches Critical Vulnerabilities Across Multiple Platforms
CVE Vulnerability Alerts
Apple Patches Critical Vulnerabilities Across Multiple Platforms
Gabby Lee December 15, 2025
Apple releases crucial security patches for iOS, iPadOS, macOS, watchOS, and more, targeting two actively exploited vulnerabilities. Among these is CVE-2025-43529, a significant use-after-free flaw ...
Firefox 149 Launches with a Built-In VPN for Better Privacy
Application Security
Firefox 149 Launches with a Built-In VPN for Better Privacy
Andrew Doyle March 25, 2026
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Cybersecurity
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Mitchell Langley March 25, 2026
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
News
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Andrew Doyle March 18, 2026
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Cybersecurity
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Mitchell Langley March 18, 2026

TOP CYBERSECURITY HEADLINES

Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Cybersecurity
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Cybersecurity
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Cybersecurity
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026 What Day 1 Revealed
Cybersecurity
Major Announcements from RSAC 2026: What Day 1 Revealed

This Week’s Security Spotlight

Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Cybersecurity
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Andrew Doyle March 13, 2026
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Andrew Doyle March 12, 2026
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Mitchell Langley March 12, 2026
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
More In News
Trending
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Targeted Phishing Attack Breaches Security Firm Executive
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
FireCompass Raises $20M to Scale AI-Powered Offensive Security
September 8, 2025
Podcasts
CVE-2025-42957: Active Exploits Target SAP S/4HANA Systems
September 8, 2025
Podcasts
Fake Job Interviews, Real Hacks: How North Korean Spies Steal Billions in Crypto
September 8, 2025

Cyber Security News

OpenClaw Agentic AI Attacked by Information-Stealing Malware
Application Security
OpenClaw Agentic AI Attacked by Information-Stealing Malware
February 17, 2026
ShinyHunters Strike Again Canada Goose Addresses Breach Concerns
Cybersecurity
ShinyHunters Strike Again: Canada Goose Addresses Breach Concerns
February 17, 2026
Android 17 Beta Enhances Security and Privacy for Users
Cybersecurity
Android 17 Beta Enhances Security and Privacy for Users
February 17, 2026
ApolloMD Breach Exposes Sensitive Patient Details
Cybersecurity
ApolloMD Breach Exposes Sensitive Patient Details
February 17, 2026
Cybercriminals Leverage Identity Abuse and SaaS Compromise in Supply Chain Attacks
Cybersecurity
Cybercriminals Leverage Identity Abuse and SaaS Compromise in Supply Chain Attacks
February 17, 2026
Apple Addresses Critical Zero-Day Exploit in Latest iOS Patch
Cybersecurity
Apple Addresses Critical Zero-Day Exploit in Latest iOS Patch
February 17, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
December 17, 2025
Explore how speed-driven development introduces new third-party risks. Understand how threat actors exploit vulnerabilities in open source libraries and AI-driven tools.
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
December 17, 2025
A cryptocurrency mining campaign targets AWS customers by exploiting stolen Identity and Access Management credentials. Detected by Amazon's GuardDuty, the attack uses novel persistence techniques ...
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
December 17, 2025
A cybercriminal's holiday dream, SantaStealer, a new information-stealing malware, promises undetected operation on systems of high-profile targets, advertised on Telegram for $175 monthly.
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
December 16, 2025
The Texas Attorney General has taken legal action against five major television manufacturers, alleging violation of data privacy. The lawsuit accuses these companies of using ...
ECB Decision Causes Costly Delays for Bank of England’s Payment System Overhaul
December 16, 2025
The European Central Bank's (ECB) 2022 postponement of a new messaging standard forced the Bank of England to delay its payment system launch, incurring £23 ...
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
December 16, 2025
The August cyber raid on Jaguar Land Rover (JLR) had a dual impact, crippling factory operations and resulting in the theft of sensitive employee payroll ...
Google Finds China and Iran Actors Exploiting React2Shell Flaws
December 16, 2025
Google has reported exploitation of the React2Shell vulnerability by five Chinese threat actor groups and Iranian operatives, aiming to deliver malware. This vulnerability, is becoming ...
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
December 16, 2025
Atlassian has released security updates targeting multiple vulnerabilities, including critical-severity issues in products like Apache Tika. One major flaw is an XML External Entity (XXE) ...
FreePBX Critical Vulnerability Enables Potential Authentication Bypass
December 16, 2025
FreePBX, an open-source private branch exchange (PBX) platform, has multiple security vulnerabilities. A critical flaw (CVE-2025-61675) allows authentication bypass under certain configurations.
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
December 16, 2025
700Credit, a prominent fintech company, reports a significant data breach where sensitive information of 5.8 million individuals has been compromised.
Google Chrome Extension With Millions of Users May Be Compromising Privacy
December 16, 2025
The Urban VPN Proxy, trusted by over 6 million users on Google Chrome, is suspected of covertly harvesting data entered into AI chatbots. The extension ...
Phishing Attacks in 2026: Evolution Beyond Email and Its Implications
December 16, 2025
In 2025, phishing threats evolved beyond traditional email to include social platforms, browser-based attacks, and malicious search ads. Security teams must now grapple with emerging ...
Militant Groups Experiment With AI, Amplifying Threats
December 16, 2025
Extremist groups are leveraging AI technologies to enhance their propaganda efforts, according to recent insights. This trend points to a growing challenge in cybersecurity as ...
SoundCloud’s VPN Restrictions Lead to Access Denials for Users
December 16, 2025
Users attempting to access SoundCloud via VPN connections are encountering a 403 forbidden error, resulting in blocked access to the audio streaming platform. This issue ...
Email Scam Exploits PayPal’s Subscriptions Billing Feature
December 15, 2025
PayPal's legitimate billing feature becomes a tool for scammers sending fraudulent emails, mimicking genuine purchase notifications. This latest financial scam uses deception to its full ...
Unsecured 16TB Database Exposes 4.3 Billion Professional Records
December 15, 2025
A massive 16TB MongoDB database containing 4.3 billion professional records was found unsecured, raising concerns about AI-driven social engineering threats. Researchers Bob Diachenko and nexos.ai ...
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
December 15, 2025
A vulnerability in Notepad++ could have let attackers hijack update traffic. This flaw stemmed from weak file authentication during updates. A report by security researcher ...
Apple Patches Critical Vulnerabilities Across Multiple Platforms
December 15, 2025
Apple releases crucial security patches for iOS, iPadOS, macOS, watchOS, and more, targeting two actively exploited vulnerabilities. Among these is CVE-2025-43529, a significant use-after-free flaw ...
CISA Alerts on Exploited Vulnerability in Sierra Wireless AirLink ALEOS Routers
December 15, 2025
The U.S. Cybersecurity and Infrastructure Security Agency has added a flaw in Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities catalog. This follows ...
Germany Accuses Russia of Cyberattacks on Air Traffic Control and Election Interference
December 15, 2025
Germany has called in Russia's ambassador to address grave concerns about alleged cyberattacks on its air traffic control and a concurrent disinformation campaign designed to ...
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026: What Day 1 Revealed
QualDerm Partners Data Breach Hits Over 3.1 Million People
Cryptocurrency Threats via Phishing Campaign Targeting French-Speaking Corporations
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Gartner Publishes Its First Market Guide for Guardian Agents
TeamPCP Strikes Again, This Time Targeting the Python Package litellm
Software Supply Chains Are the New Frontline for Cyber Risk
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud