Main Menu
Cyber Security
Linux Kernel Fragnesia CVE-2026-46300 Grants Root via Page Cache
YellowKey and GreenPlasma: Unpatched Windows Zero-Days Released
Foxconn Confirms Nitrogen Ransomware Stole 8TB of Customer IP
OpenLoop Health Breach Exposes 716,000 Patient Records
Alleged Dream Market Admin Speedstepper Arrested in Germany
GemStuffer Campaign Abuses 150+ RubyGems as Data Dead Drops
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
Microsoft May 2026 Patch Tuesday: SharePoint RCE, NTLM Zero-Day
ICO Fines South Staffordshire Water £963,900 Over Cl0p Breach
Gentlemen Ransomware Group’s Internal Data Leaked Publicly
Sri Lanka Arrests 628 in Colombo Crypto Fraud Compound Bust
SAP S/4HANA SQL Injection CVE-2026-34260 Rated CVSS 9.6
Nitrogen Ransomware Hits Foxconn Wisconsin, Claims 8TB Theft
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
ShinyHunters Sets HMH Extortion Deadline, Student Data at Risk
Public PoC Drops for CVSS 9.8 Android Zero-Click CVE-2026-0073
Dell DSA-2026-047: CVSS 9.8 Hard-Coded Credentials in ECS Storage
PHP SOAP Extension RCE CVE-2026-6722 Patched Across All Branches
GhostLock Abuses Windows API to Lock 500K Files, Bypassing EDR
WEF: 94% of Organizations Name AI as Top Cybersecurity Change Driver
Dirty Frag CVE-2026-43284 Exploited in Wild, Linux Patches Out
FCC Extends Foreign Router Update Window to 2029 Amid Volt Typhoon
Skoda Online Shop Breach Exposes Customer Data and Password Hashes
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
Checkmarx Jenkins Plugin Backdoored in TeamPCP Supply Chain
University Student’s TETRA Replay Attack Halts Taiwan Bullet Train
Five Malicious NuGet Packages Target Chinese .NET Developers
QLNX Fileless Linux RAT Combines eBPF Rootkit, PAM Backdoor
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield
aiFWall Launches to Elevate AI Protection in Cyber Security
Application Security
aiFWall Launches to Elevate AI Protection in Cyber Security
Andrew Doyle January 22, 2026
aiFWall, a company that has recently come out of stealth mode, has introduced a groundbreaking AI-powered firewall technology. Designed specifically to enhance the protection of ...
Microsoft Recommends Fix for Outlook Freezing Post-Windows Updates
Application Security
Microsoft Recommends Fix for Outlook Freezing Post-Windows Updates
Gabby Lee January 22, 2026
After the recent Windows security updates, Outlook users have reported system freezes. Microsoft has now offered a workaround to mitigate this impact, allowing users to ...
Cloudflare Addresses ACME Validation Flaw Exposing Origin Servers
Cybersecurity
Cloudflare Addresses ACME Validation Flaw Exposing Origin Servers
Andrew Doyle January 22, 2026
Cloudflare patched a vulnerability in its ACME validation mechanism. The issue involved handling requests to the "/.well-known/acme-challenge/" directory, posing security risks.
CyberNut Secures $5 Million Funding to Enhance K-12 Security Awareness
Cybersecurity
CyberNut Secures $5 Million Funding to Enhance K-12 Security Awareness
Mitchell Langley January 22, 2026
CyberNut has secured $5 million in growth capital, building upon the initial $800k pre-seed funding. This investment is aimed at advancing its cybersecurity platform's capabilities, ...
Contagious Interview Campaign Targets Multiple Sectors Worldwide
News
Contagious Interview Campaign Targets Multiple Sectors Worldwide
Mitchell Langley January 22, 2026
The Contagious Interview cyber campaign targets multiple sectors worldwide, impacting IP addresses and organizations in AI, finance, and other industries.
Zoom's Critical Security Update Resolves Severe Vulnerability
CVE Vulnerability Alerts
Zoom’s Critical Security Update Resolves Severe Vulnerability
Mitchell Langley January 22, 2026
Zoom released a critical security update addressing CVE-2026-22844, a severe vulnerability that could facilitate remote code execution. With a CVSS score of 9.9, this flaw ...
Security Updates from Zoom and GitLab Address Critical Vulnerabilities
Application Security
Security Updates from Zoom and GitLab Address Critical Vulnerabilities
Andrew Doyle January 22, 2026
Zoom has fixed a critical flaw in its Node Multimedia Routers, while GitLab tackles multiple vulnerabilities, some allowing remote code execution. Security updates are essential ...
Under Armour Account Breach 72.7 Million Accounts Impacted
Data Security
Under Armour Account Breach: 72.7 Million Accounts Impacted
Gabby Lee January 22, 2026
Under Armour experiences a major security incident, with personal information of 72.7 million accounts potentially exposed due to an alleged ransomware attack.
PcComponentes Faces Credential Stuffing Attack Denies Data Breach Claims
Cybersecurity
PcComponentes Faces Credential Stuffing Attack: Denies Data Breach Claims
Gabby Lee January 22, 2026
PcComponentes, a leading technology retailer in Spain, has experienced a credential stuffing attack, refuting claims of a 16 million-user data breach. The attack highlights vulnerabilities ...
LastPass Users Targeted by Deceptive Phishing Campaign
News
LastPass Users Targeted by Deceptive Phishing Campaign
Mitchell Langley January 22, 2026
LastPass issues an alert about a phishing scheme cloaked as a maintenance notice, coercing users into a counterfeit data vault backup. Threat actors exploit trust, ...
Cybercriminals Exploit Social Media Messages for Malicious Payloads
News
Cybercriminals Exploit Social Media Messages for Malicious Payloads
Gabby Lee January 22, 2026
A novel phishing campaign leverages private messages on social media platforms to deliver payloads, aided by Dynamic Link Library sideloading.
Critical Vulnerabilities Identified in Git Model Context Protocol Server by Anthropic
Application Security
Critical Vulnerabilities Identified in Git Model Context Protocol Server by Anthropic
Andrew Doyle January 22, 2026
Three significant vulnerabilities have emerged in mcp-server-git, enabling potential exploitation through prompt injection. Attackers could manipulate an AI assistant to access or delete files and ...
Serious Bugs in Chainlit Could Expose Sensitive Credentials
Cybersecurity
Serious Bugs in Chainlit Could Expose Sensitive Credentials
Mitchell Langley January 22, 2026
Security flaws in Chainlit software can risk unauthorized exposure of sensitive information. Experts signal that misuse can lead to leaked credentials and databases.
Google Gemini's Vulnerability to Prompt Injection Accessing Sensitive Calendar Information
Cybersecurity
Google Gemini’s Vulnerability to Prompt Injection: Accessing Sensitive Calendar Information
Gabby Lee January 22, 2026
Researchers demonstrated how Google's AI, Gemini, could be tricked into revealing confidential Calendar data through prompt injection. This technique involves manipulating the AI into bypassing ...
SolyxImmortal An Info-Stealer Abusing Trusted APIs and Discord Webhooks
Cybersecurity
SolyxImmortal An Info-Stealer Abusing Trusted APIs and Discord Webhooks
Mitchell Langley January 20, 2026
Learn about the SolyxImmortal information stealer, which exploits legitimate APIs to siphon data to Discord. This novel threat is targeting secure communications, leveraging trusted channels ...
Google Gemini Security Vulnerability Exposes Google Calendar to Data Exploitation
Application Security
Google Gemini Security Vulnerability Exposes Google Calendar to Data Exploitation
Gabby Lee January 20, 2026
Cybersecurity experts have identified a flaw in Google Gemini that exploits indirect prompt injection to manipulate Google Calendar for unauthorized data access.
Jordanian Hacker Pleads Guilty to Selling Network Access in the United States
Cybersecurity
Jordanian Hacker Pleads Guilty to Selling Network Access in the United States
Andrew Doyle January 20, 2026
The defendant in a US court admitted selling unauthorized access to compromised enterprise networks. This operation involved an undercover agent, revealing how access brokers monetize ...
Ingram Micro Faces Data Breach Impacting 42,000 Individuals’ Personal Information
News
Ingram Micro Faces Data Breach Impacting 42,000 Individuals’ Personal Information
Andrew Doyle January 20, 2026
In a ransomware attack, Ingram Micro revealed a significant data breach impacting approximately 42,000 individuals. Compromised information includes names, birth dates, Social Security Numbers, and ...
U.K. Authorities Alerted to Russian-aligned Hacktivist DDoS Threats
Cybersecurity
U.K. Authorities Alerted to Russian-Aligned Hacktivist DDoS Threats
Mitchell Langley January 20, 2026
U.K. authorities caution against Russian-aligned hacktivists launching disruptive DDoS attacks. The focus is on critical infrastructure and local government services. This has raised significant cybersecurity ...
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
A critical security flaw in TP-Link’s VIGI cameras has been patched, following discovery by a researcher of over 2,500 vulnerable, internet-exposed devices. The flaw allowed ...
Application Security
18-Year NGINX Flaw CVE-2026-42945 Enables Unauthenticated RCE
Gabby Lee May 14, 2026
Cybersecurity
Foxconn Confirms Nitrogen Ransomware Stole 8TB of Customer IP
Mitchell Langley May 14, 2026
Cybersecurity
Foxconn Confirms Nitrogen Ransomware Stole 8TB of Customer IP
Mitchell Langley May 14, 2026
Cybersecurity
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
Andrew Doyle May 13, 2026

TOP CYBERSECURITY HEADLINES

CVE Vulnerability Alerts
Linux Kernel Fragnesia CVE-2026-46300 Grants Root via Page Cache
Application Security
YellowKey and GreenPlasma: Unpatched Windows Zero-Days Released
Cybersecurity
Foxconn Confirms Nitrogen Ransomware Stole 8TB of Customer IP
Cybersecurity
OpenLoop Health Breach Exposes 716,000 Patient Records

This Week’s Security Spotlight

Application Security
SAP S/4HANA SQL Injection CVE-2026-34260 Rated CVSS 9.6
Gabby Lee May 13, 2026
CVE Vulnerability Alerts
Dell DSA-2026-047: CVSS 9.8 Hard-Coded Credentials in ECS Storage
Mitchell Langley May 13, 2026
Cybersecurity
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
Andrew Doyle May 11, 2026
Application Security
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
Andrew Doyle May 11, 2026
More In News
Trending
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks
Fake Claude AI Site Delivers New Beagle Windows Backdoor
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Microsoft: AiTM Phishing Hit 35,000 Users in 26 Countries

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
FireCompass Raises $20M to Scale AI-Powered Offensive Security
September 8, 2025
Podcasts
CVE-2025-42957: Active Exploits Target SAP S/4HANA Systems
September 8, 2025
Podcasts
Fake Job Interviews, Real Hacks: How North Korean Spies Steal Billions in Crypto
September 8, 2025

Cyber Security News

Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
Cybersecurity
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
April 8, 2026
Anthropic's Claude Mythos Could Protect Critical Software — or Power the Next Wave of Cyberattacks
Cybersecurity
Anthropic’s Claude Mythos Could Protect Critical Software — or Power the Next Wave of Cyberattacks
April 8, 2026
Trent AI Emerges From Stealth With $13 Million in Funding
Cybersecurity
Trent AI Emerges From Stealth With $13 Million in Funding
April 8, 2026
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Cybersecurity
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
April 8, 2026
Automated Pentesting Tools Fall Short Past the PoC Cliff
Cybersecurity
Automated Pentesting Tools Fall Short Past the “PoC Cliff”
April 8, 2026
Critical Flowise Vulnerability Puts Systems at Risk of Code Execution
Cybersecurity
Critical Flowise Vulnerability Puts Systems at Risk of Code Execution
April 8, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
CyberNut Secures $5 Million Funding to Enhance K-12 Security Awareness
January 22, 2026
CyberNut has secured $5 million in growth capital, building upon the initial $800k pre-seed funding. This investment is aimed at advancing its cybersecurity platform's capabilities, ...
Contagious Interview Campaign Targets Multiple Sectors Worldwide
January 22, 2026
The Contagious Interview cyber campaign targets multiple sectors worldwide, impacting IP addresses and organizations in AI, finance, and other industries.
Zoom’s Critical Security Update Resolves Severe Vulnerability
January 22, 2026
Zoom released a critical security update addressing CVE-2026-22844, a severe vulnerability that could facilitate remote code execution. With a CVSS score of 9.9, this flaw ...
Security Updates from Zoom and GitLab Address Critical Vulnerabilities
January 22, 2026
Zoom has fixed a critical flaw in its Node Multimedia Routers, while GitLab tackles multiple vulnerabilities, some allowing remote code execution. Security updates are essential ...
Under Armour Account Breach: 72.7 Million Accounts Impacted
January 22, 2026
Under Armour experiences a major security incident, with personal information of 72.7 million accounts potentially exposed due to an alleged ransomware attack.
PcComponentes Faces Credential Stuffing Attack: Denies Data Breach Claims
January 22, 2026
PcComponentes, a leading technology retailer in Spain, has experienced a credential stuffing attack, refuting claims of a 16 million-user data breach. The attack highlights vulnerabilities ...
LastPass Users Targeted by Deceptive Phishing Campaign
January 22, 2026
LastPass issues an alert about a phishing scheme cloaked as a maintenance notice, coercing users into a counterfeit data vault backup. Threat actors exploit trust, ...
Cybercriminals Exploit Social Media Messages for Malicious Payloads
January 22, 2026
A novel phishing campaign leverages private messages on social media platforms to deliver payloads, aided by Dynamic Link Library sideloading.
Critical Vulnerabilities Identified in Git Model Context Protocol Server by Anthropic
January 22, 2026
Three significant vulnerabilities have emerged in mcp-server-git, enabling potential exploitation through prompt injection. Attackers could manipulate an AI assistant to access or delete files and ...
Serious Bugs in Chainlit Could Expose Sensitive Credentials
January 22, 2026
Security flaws in Chainlit software can risk unauthorized exposure of sensitive information. Experts signal that misuse can lead to leaked credentials and databases.
Google Gemini’s Vulnerability to Prompt Injection: Accessing Sensitive Calendar Information
January 22, 2026
Researchers demonstrated how Google's AI, Gemini, could be tricked into revealing confidential Calendar data through prompt injection. This technique involves manipulating the AI into bypassing ...
SolyxImmortal An Info-Stealer Abusing Trusted APIs and Discord Webhooks
January 20, 2026
Learn about the SolyxImmortal information stealer, which exploits legitimate APIs to siphon data to Discord. This novel threat is targeting secure communications, leveraging trusted channels ...
Google Gemini Security Vulnerability Exposes Google Calendar to Data Exploitation
January 20, 2026
Cybersecurity experts have identified a flaw in Google Gemini that exploits indirect prompt injection to manipulate Google Calendar for unauthorized data access.
Jordanian Hacker Pleads Guilty to Selling Network Access in the United States
January 20, 2026
The defendant in a US court admitted selling unauthorized access to compromised enterprise networks. This operation involved an undercover agent, revealing how access brokers monetize ...
Ingram Micro Faces Data Breach Impacting 42,000 Individuals’ Personal Information
January 20, 2026
In a ransomware attack, Ingram Micro revealed a significant data breach impacting approximately 42,000 individuals. Compromised information includes names, birth dates, Social Security Numbers, and ...
U.K. Authorities Alerted to Russian-Aligned Hacktivist DDoS Threats
January 20, 2026
U.K. authorities caution against Russian-aligned hacktivists launching disruptive DDoS attacks. The focus is on critical infrastructure and local government services. This has raised significant cybersecurity ...
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
January 20, 2026
A critical security flaw in TP-Link’s VIGI cameras has been patched, following discovery by a researcher of over 2,500 vulnerable, internet-exposed devices. The flaw allowed ...
Google Chrome Introduces Option to Delete Local AI Models
January 19, 2026
Google's Chrome browser introduces a new feature enabling users to delete local AI models linked to its Enhanced Protection feature. This change offers users greater ...
Tennessee Hacker Admits Guilt in Supreme Court Filing System Breach
January 19, 2026
Nicholas Moore, a Tennessee man, confessed to hacking the U.S. Supreme Court’s filing system. His illegal activities also impacted other federal agencies, including AmeriCorps and ...
Monnai Secures $12 Million to Bolster Identity and Risk Data Services
January 19, 2026
The recent funding will enable Monnai to enhance its identity verification and risk management services, targeting financial institutions and digital firms.
Linux Kernel Fragnesia CVE-2026-46300 Grants Root via Page Cache
YellowKey and GreenPlasma: Unpatched Windows Zero-Days Released
Foxconn Confirms Nitrogen Ransomware Stole 8TB of Customer IP
OpenLoop Health Breach Exposes 716,000 Patient Records
Alleged Dream Market Admin Speedstepper Arrested in Germany
GemStuffer Campaign Abuses 150+ RubyGems as Data Dead Drops
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
Microsoft May 2026 Patch Tuesday: SharePoint RCE, NTLM Zero-Day
ICO Fines South Staffordshire Water £963,900 Over Cl0p Breach
Gentlemen Ransomware Group’s Internal Data Leaked Publicly
Sri Lanka Arrests 628 in Colombo Crypto Fraud Compound Bust
SAP S/4HANA SQL Injection CVE-2026-34260 Rated CVSS 9.6
Nitrogen Ransomware Hits Foxconn Wisconsin, Claims 8TB Theft
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
ShinyHunters Sets HMH Extortion Deadline, Student Data at Risk
Public PoC Drops for CVSS 9.8 Android Zero-Click CVE-2026-0073
Dell DSA-2026-047: CVSS 9.8 Hard-Coded Credentials in ECS Storage
PHP SOAP Extension RCE CVE-2026-6722 Patched Across All Branches
GhostLock Abuses Windows API to Lock 500K Files, Bypassing EDR
WEF: 94% of Organizations Name AI as Top Cybersecurity Change Driver