Main Menu
Cyber Security
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
PowerSchool Hack Exposes Sensitive Data of Students and Teachers in K-12 Districts
News
PowerSchool Hack Exposes Sensitive Data of Students and Teachers in K-12 Districts
Mitchell Langley January 8, 2025
PowerSchool hack exposed student and teacher data from K-12 districts, including SSNs and PII, prompting investigations and credit monitoring services for those affected.
Hacked Chrome Extensions Expose 2.6 Million Users to Data Leaks
News
Hacked Chrome Extensions Expose 2.6 Million Users to Data Leaks
Mitchell Langley January 7, 2025
Over 36 Hacked Chrome extensions put 2.6 million users at risk of data leaks, exposing browsing data and credentials. Security researchers urge immediate removal of ...
Westend Dental Fined $350,000 for Covering Up Ransomware Attack Data Breach
News
Westend Dental Fined $350,000 for Covering Up Ransomware Attack Data Breach
Gabby Lee January 7, 2025
Westend Dental LLC, a US dental chain, was fined $350,000 for lying about a 2020 ransomware attack that resulted in a major data breach. Their ...
Nuclei Vulnerability Allows Signature Bypass and Code Execution
Cybersecurity
Nuclei Vulnerability Allows Signature Bypass and Code Execution
Mitchell Langley January 7, 2025
Nuclei vulnerability (CVE-2024-43405) allows signature bypass and code execution due to inconsistencies in newline character handling between signature verification and YAML parsing. Update to version ...
Washington Sues T-Mobile Over Data Breach Impacting Millions
News
Washington Sues T-Mobile Over Data Breach Impacting Millions
Mitchell Langley January 7, 2025
Washington state sued T-Mobile for a massive data breach affecting millions, alleging negligence and inadequate customer notification. The T-Mobile data breach exposed sensitive personal information.
City Bank Data Breach: Client Financial Statements Sold on Underground Forums
News
City Bank Data Breach: Client Financial Statements Sold on Underground Forums
Gabby Lee January 7, 2025
City Bank data breach resulted in client financial statements being sold on underground forums. The vulnerability, involving weak multi-factor authentication and improper session handling, was ...
PLAYFULGHOST Malware: Exploiting Phishing, SEO Poisoning, and Trojanized VPNs
News
PLAYFULGHOST Malware: Exploiting Phishing, SEO Poisoning, and Trojanized VPNs
Mitchell Langley January 7, 2025
PLAYFULGHOST malware uses phishing, SEO poisoning, and trojanized VPN apps to steal data, highlighting the need for robust cybersecurity practices.
Hacker 'natohub' Claims 42,000 Records in UN Civil Aviation Agency Data Breach
News
Hacker ‘natohub’ Claims 42,000 Records in UN Civil Aviation Agency Data Breach
Mitchell Langley January 7, 2025
A hacker claims a data breach at the ICAO, a UN agency, affecting 42,000 individuals. The ICAO is investigating.
This Week In Cybersecurity: 30th December to 03rd January
Cybersecurity
This Week In Cybersecurity: 30th December to 03rd January
Mitchell Langley January 3, 2025
This week in cybersecurity, major incidents include Volkswagen's breach of 800,000 vehicle data, Japan Airlines' DDoS disruptions, and Rhode Island's RIBridges data leak affecting 650,000 ...
Japan Mobile Carrier NTT Docomo Suffers Cyberattack Causing System Glitch and Service Disruptions
News
Japan Mobile Carrier NTT Docomo Suffers Cyberattack Causing System Glitch and Service Disruptions
Gabby Lee January 3, 2025
Japan's largest mobile carrier, NTT Docomo, experienced a significant system glitch and service disruptions due to a cyberattack, impacting its website and "d payment" service. ...
Rutherford County Schools Data Breach: Student Data Compromised
News
Rutherford County Schools Data Breach: Student Data Compromised
Mitchell Langley January 3, 2025
The Rutherford County Schools data breach compromised student and employee data, including Social Security numbers. Experts urge parents to monitor credit reports and utilize FTC ...
US Treasury Hack: Escalating Cyber Warfare Between US and China
Cybersecurity
US Treasury Hack: Escalating Cyber Warfare Between US and China
Gabby Lee January 2, 2025
The recent US Treasury cyberattack highlights the escalating threat landscape. Learn how enterprise businesses can bolster their defenses against sophisticated state-sponsored attacks like the US ...
Cyber Attacks Hit French Internet Sites: Multiple Cities Targeted in Pro-Russia Hack
News
Cyber Attacks Hit French Internet Sites: Multiple Cities Targeted in Pro-Russia Hack
Mitchell Langley January 2, 2025
French cities faced widespread website outages due to cyberattacks claimed by a pro-Russian group, highlighting vulnerabilities to politically motivated digital disruptions.
This Week In Cybersecurity: 23rd December to 27th December
News
This Week In Cybersecurity: 23rd December to 27th December
Mitchell Langley January 1, 2025
This Week In Cybersecurity covers the latest incidents and trends from December 23rd to December 27th. Highlights include the Play ransomware gang's breach of Krispy ...
Rhode Island's RIBridges Hack: Data Leaked on Dark Web on New Year's Day
News
Rhode Island’s RIBridges Hack: Data Leaked on Dark Web on New Year’s Day
Gabby Lee January 1, 2025
The RIBridges data breach exposes the sensitive information of approximately 650,000 Rhode Islanders. The state is working to mitigate the damage and provide support to ...
Volkswagen Data Leak Exposes Location Data of 800,000 Electric Vehicles
News
Volkswagen Data Leak Exposes Location Data of 800,000 Electric Vehicles
Mitchell Langley January 1, 2025
Volkswagen data leak exposed the location data of 800,000 electric vehicles, along with personal details for some drivers, highlighting serious security flaws.
China Denies State-Sponsored Cyberattack on US Treasury
News
China Denies State-Sponsored Cyberattack on US Treasury
Mitchell Langley January 1, 2025
China denies US accusations of a state-sponsored cyberattack on US Treasury, calling the claims "groundless," while the US points to a compromised third-party service provider.
Pro-Russian Hackers NoName057 Launch Coordinated Cyberattacks Against Italy
News
Pro-Russian Hackers NoName057 Launch Coordinated Cyberattacks Against Italy
Mitchell Langley December 31, 2024
: Pro-Russian hackers NoName057 targeted Italian websites, including Milan airports, in a series of DDoS attacks.
Massive Healthcare Breaches Prompt Overhaul of US Cybersecurity Rules
Cybersecurity
Massive Healthcare Breaches Prompt Overhaul of US Cybersecurity Rules
Mitchell Langley December 31, 2024
The US is overhauling its cybersecurity rules following a surge in healthcare breaches. New regulations will mandate encryption, multi-factor authentication, and network segmentation to protect ...
Harley-Davidson Data Breach Exposes Thousands of Customer Records: 888 Claims Cyberattack
News
Harley-Davidson Data Breach Exposes Thousands of Customer Records: 888 Claims Cyberattack
Gabby Lee December 31, 2024
Harley-Davidson data breach has allegedly exposed the personal information of over 66,700 customers. Learn about the leaked data and the potential risks.
Stormous Ransomware: Unmasking the Pro-Russian Cyber Threat
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee July 3, 2025
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
Gabby Lee June 10, 2025
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley May 8, 2025

TOP CYBERSECURITY HEADLINES

Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
News
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
Citrix Patch for Critical NetScaler Vulnerabilities Causes Login Issues for Some Customers
News
Citrix Patch for Critical NetScaler Vulnerabilities Causes Login Issues for Some Customers
Forminator Plugin Flaw Leaves 600,000+ WordPress Sites at Risk of Full Takeover
News
Forminator Plugin Flaw Leaves 600,000+ WordPress Sites at Risk of Full Takeover
Grafana Issues Critical Security Fixes for Image Renderer Plugin and Synthetic Monitoring Agent
News
Grafana Issues Critical Security Fixes for Image Renderer Plugin and Synthetic Monitoring Agent

SECURITYWEEK INDUSTRY EXPERTS

IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
News
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
Mitchell Langley July 4, 2025
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
News
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
Andrew Doyle July 4, 2025
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
News
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
Mitchell Langley July 4, 2025
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
News
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
Mitchell Langley July 4, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers
May 30, 2025
Podcasts
ConnectWise Breach: Nation-State Exploits CVE-2025-3935 in ScreenConnect
May 30, 2025
Podcasts
Unbound Raises $4M to Secure Generative AI in the Enterprise
May 30, 2025

Cyber Security News

This Week in Cybersecurity: 22nd Jan – 25th Jan: Mother of All Breaches Exposes 26 Billion Records
Cybersecurity
This Week in Cybersecurity: 22nd Jan – 25th Jan: Mother of All Breaches Exposes 26 Billion Records
January 26, 2024
Blackwood Hackers Use AitM to Hijack WPS Office Update and Install NSPX30 Malware
Cybersecurity
Blackwood Hackers Use AitM to Hijack WPS Office Update and Install NSPX30 Malware
January 26, 2024
CISA Issues Emergency Directive on Ivanti Zero-Day, Demands Immediate Action from Federal Agencies
Cybersecurity
CISA Issues Emergency Directive on Ivanti Zero-Day, Demands Immediate Action from Federal Agencies
January 22, 2024
Bigpanzi Botnet Targets 170k Android TV Set Top Boxes with Bigpanzi's Custom Malware
Cybersecurity
Bigpanzi Botnet Targets 170k Android TV Set Top Boxes with Bigpanzis Custom Malware
January 22, 2024
Google Discreetly Changes Chrome’s Incognito Warning Amidst the Google Class Action Lawsuit
Cybersecurity
Google Discreetly Changes Chrome’s Incognito Warning Amidst the Google Class Action lawsuit
January 17, 2024
Windows SmartScreen Vulnerability Exploited: Phemedrone Stealer Malware Used for Crypto Siphoning
Cybersecurity
Windows SmartScreen Vulnerability Exploited: Phemedrone Stealer Malware Used for Crypto Siphoning
January 16, 2024
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Ransomware Victims on Dark Web – 12th March, 2025
March 20, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 3rd March, 2025
March 20, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Qilin/Agenda Ransomware: The Credential Stealers
March 20, 2025
Overview The Qilin ransomware group, also known as Agenda, is a Russia-based ransomware-as-a-service (RaaS) operation active since at least July 2022. Initially operating under the ...
MegaRAC CVE-2024-54085 Vulnerability: Critical BMC Flaw Threatening Data Centers
March 19, 2025
A newly discovered critical vulnerability (CVE-2024-54085) in AMI’s MegaRAC Baseboard Management Controller (BMC) software puts thousands of servers at risk—including those from HPE, Asus, and ...
California Cryobank Data Breach Exposes Sensitive Customer Information
March 19, 2025
California Cryobank, a major US sperm bank, suffered a data breach exposing customer names, bank details, Social Security numbers, and more. The company is offering ...
GitHub Action Hack May Cause Another Supply Chain Attack
March 19, 2025
A cascading supply chain attack, starting with a GitHub Action hack, exposed CI/CD secrets across 23,000 repositories, highlighting vulnerabilities in third-party code reliance.
Western Alliance Bank Data Breach Impacts 21,899 Customers
March 19, 2025
Western Alliance Bank suffered a data breach impacting 21,899 customers, exposing sensitive personal and financial information due to a third-party vendor's software vulnerability exploited by ...
11 State-Sponsored Hacking Groups Exploit Windows Zero-Day Exploit
March 19, 2025
A critical Windows zero-day exploit, ZDI-CAN-25373, has been exploited by 11 state-sponsored hacking groups since 2017, enabling data theft and espionage. Microsoft initially declined to ...
Microsoft Windows March Update Wipes Out Copilot
March 19, 2025
Microsoft’s latest Windows 10 and 11 updates (KB5053598 and KB5053606) have accidentally uninstalled Copilot, the AI assistant, from some users’ systems—leaving many relieved rather than ...
$6.1 Million Crypto Stolen in WEMIX Hack
March 19, 2025
WEMIX, a blockchain gaming platform, suffered a $6.1 million crypto theft. Hackers stole authentication keys, planning the attack for two months before executing 13 successful ...
The Mirai Botnet: The Infamous DDoS Weapon
March 19, 2025
The Mirai botnet, a notorious piece of malware, launched devastating DDoS attacks in 2016. This blog post delves into its origins, spread, impact, and the ...
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
March 18, 2025
Microsoft discovered StilachiRAT, a new RAT malware using sophisticated techniques to steal cryptocurrency and perform reconnaissance. Its advanced evasion capabilities make proactive defense crucial.
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
March 18, 2025
A supply chain attack on the popular tj-actions/changed-files GitHub Action exposed CI/CD secrets. Attackers compromised a PAT, impacting 23,000 repositories. GitHub has since removed the ...
Critical Apache Tomcat Flaw Actively Exploited in Attacks
March 18, 2025
Critical Apache Tomcat RCE vulnerability (CVE-2025-24813) is actively exploited, allowing attackers to take control of servers via simple PUT requests. Immediate patching is crucial.
Fake “Security Alert” on GitHub Used to Hijack OAuth App Accounts
March 18, 2025
A massive GitHub phishing campaign uses fake "Security Alert" issues and a malicious OAuth app to hijack accounts, granting attackers full control. Immediate action is ...
Lingnan University Suffers Cybersecurity Breach: Sensitive Data Exposed
March 18, 2025
Lingnan University in Hong Kong suffered a data breach exposing thousands of records, including sensitive personal data. The university is taking steps to enhance security.
Hackers Flip the Script: How a Fake Coinbase Email Could Empty Your Wallet
March 18, 2025
A new and incredibly deceptive phishing campaign is targeting Coinbase users—but this isn’t your typical scam. Instead of stealing your recovery phrase, attackers are handing ...
Florida Hospital Data Breach Impacts Over 120,000 Patients
March 17, 2025
A Florida hospital, CDH, suffered a data breach impacting over 120,000 patients. Sensitive data, including Social Security numbers and health information, was compromised. The BianLian ...
Brute-Force on Autopilot: Black Basta’s ‘BRUTED’ VPN Tool for Ransomware Expansion
March 17, 2025
Black Basta, one of the most notorious ransomware gangs, has taken brute-force attacks to the next level with BRUTED—an automated framework designed to breach VPNs, ...
GitHub Action Hijacked: The Supply Chain Attack That Exposed 23,000 Repositories
March 17, 2025
In this episode, we unpack a major supply chain attack that compromised the widely used GitHub Action ‘tj-actions/changed-files’, affecting over 23,000 repositories. Attackers injected malicious ...
CVE-2025-20309: Critical Cisco Root Access Flaw Threatens VoIP Security
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
Citrix Patch for Critical NetScaler Vulnerabilities Causes Login Issues for Some Customers
Forminator Plugin Flaw Leaves 600,000+ WordPress Sites at Risk of Full Takeover
Grafana Issues Critical Security Fixes for Image Renderer Plugin and Synthetic Monitoring Agent
Hunters International Ransomware Group Shuts Down, Offers Free Decryptors Amid Exit
Spanish Authorities Dismantle €10 Million Investment Scam Network With Fake Advisors and Crypto Portals
Cisco Removes Hardcoded Root Account from Unified CM to Prevent Remote Takeover
Fake Crypto Wallet Add-ons Flood Firefox Store in Ongoing Credential Theft Campaign
Qantas Confirms Data Breach Following Cyberattack on Third-Party Platform
macOS Under Siege: NimDoor Malware Targets Telegram, Wallets, and Keychains
Cisco Unified CM Vulnerability: Root Access Risk for Enterprise VoIP Networks
Forminator Flaw Exposes WordPress Sites to Takeover Attacks: Vulnerability Threatens 600,000+ Sites
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Kelly Benefits Breach: Over 550,000 Victims and the Rising Identity Theft Crisis
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
FileFix, HTA, and MotW Bypass—The Alarming Evolution of HTML-Based Attacks