Main Menu
Cyber Security
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
What Is Dropper Malware and How Does It Evade Detection
TVING Data Breach Triggers South Korean Government Probe
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
Six Ransomware Groups Post Cross-Sector Victims in Single Day
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
DNS Tunneling: How Attacks Work, Detection, and Prevention
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
Play Ransomware Hits Law Firm, Food Tech, Church, and Factory
Akira Threatens to Publish 53 GB from US Parts Maker and Ohio MLS
Qilin Ransomware Hits Avcon Jet, Slovenian Food Group, and Trican
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
WorldLeaks Targets Thai Infrastructure Giant CH Karnchang
Supreme Court Upholds $200M FCC Fines on AT&T and Verizon
FTC Seeks Public Comment on X Corp Bid to Void Twitter Settlement
CISA Orders Patch for Linux Container Escape CVE-2022-0492
Arkanix Stealer Malware Quickly Vanishes After Its Initial Launch
Cybersecurity
Arkanix Stealer Malware Quickly Vanishes After Its Initial Launch
Mitchell Langley February 25, 2026
The newly launched Arkanix Stealer malware vanished shortly after targeting sensitive system and browser data.
Microsoft Investigates Vanishing Mouse Pointer Bug in Classic Outlook
Application Security
Microsoft Investigates Vanishing Mouse Pointer Bug in Classic Outlook
Mitchell Langley February 25, 2026
Microsoft investigates an issue causing Outlook's mouse pointer to disappear for some users.
GitHub's Dependabot is Under Fire for Alert Accuracy Issues
Application Security
GitHub’s Dependabot is Under Fire for Alert Accuracy Issues
Gabby Lee February 25, 2026
A Go library maintainer questions the effectiveness of GitHub's Dependabot due to alert fatigue from inaccurate dependency-scanning alerts.
BeyondTrust RS and PRA Vulnerability Is Being Actively Exploited by Threat Actors
Cybersecurity
BeyondTrust RS and PRA Vulnerability Is Being Actively Exploited by Threat Actors
Gabby Lee February 25, 2026
Attackers exploit CVE-2026-1731 in BeyondTrust RS and PRA, leveraging VShell for persistence, lateral movement, and system control.
Microsoft Expands Data Loss Prevention Controls for Microsoft 365 Copilot
Cybersecurity
Microsoft Expands Data Loss Prevention Controls for Microsoft 365 Copilot
Andrew Doyle February 25, 2026
Microsoft expands data loss prevention (DLP) controls to block Microsoft 365 Copilot from accessing and processing confidential Word, Excel, and Power...
New Security Concerns Arise with the Proliferation of Internal LLMs
Cybersecurity
New Security Concerns Arise with the Proliferation of Internal LLMs
Mitchell Langley February 25, 2026
As organizations implement LLMs, security concerns shift to the infrastructure.
Cybercriminal Group Exploits Hundreds of FortiGate Firewalls Using Off-the-Shelf AI Tools
Application Security
Cybercriminal Group Exploits Hundreds of FortiGate Firewalls Using Off-the-Shelf AI Tools
Gabby Lee February 24, 2026
A cybercrime group used off-the-shelf AI tools to target FortiGate firewalls in 55 countries.
Ring Bets $10,000 That Nobody Can Hack Its Local Streaming Feature
Cybersecurity
Ring Bets $10,000 That Nobody Can Hack Its Local Streaming Feature
Andrew Doyle February 24, 2026
Ring offers $10,000 for finding security flaws in its new local streaming feature. The company's goal is to limit video access to device owners' trust...
Romanian Hacker Admits to Selling Oregon State Network Access in Court
Cybersecurity
Romanian Hacker Admits to Selling Oregon State Network Access in Court
Mitchell Langley February 23, 2026
A Romanian hacker pleads guilty to selling digital access to a US state office network.
Privacy Groups Demand Compliance From Generative AI Image Creators
Cybersecurity
Privacy Groups Demand Compliance From Generative AI Image Creators
Gabby Lee February 23, 2026
Privacy watchdogs insist generative AI makers adhere to data protection laws.
Spanish Hacker Arrested for Booking Luxury Hotel Rooms for One Cent
Cybersecurity
Spanish Hacker Arrested for Booking Luxury Hotel Rooms for One Cent
Andrew Doyle February 23, 2026
Spanish police apprehended a hacker for booking luxury rooms for €0.01 each through an exploited payment system.
Anthropic Introduces Claude Code Security for Vulnerability Detection
Application Security
Anthropic Introduces Claude Code Security for Vulnerability Detection
Mitchell Langley February 23, 2026
Anthropic's new feature scans code for vulnerabilities, suggesting targeted patches.
PayPal Data Breach Exposed User Data for Six Months Due to Software Bug
Cybersecurity
PayPal Data Breach Exposed User Data for Six Months Due to Software Bug
Mitchell Langley February 23, 2026
A six-month data breach at PayPal exposed sensitive user information due to a software flaw in its Working Capital app.
Critical Grandstream Phone Vulnerability Allows for Eavesdropping Opportunities
CVE Vulnerability Alerts
Critical Grandstream Phone Vulnerability Allows for Eavesdropping Opportunities
Gabby Lee February 23, 2026
A critical flaw in Grandstream phones enables remote code execution without authentication.
Ukrainian National Sentenced in US Federal Court for Aiding North Korean IT Fraud
Cybersecurity
Ukrainian National Sentenced in US Federal Court for Aiding North Korean IT Fraud
Andrew Doyle February 23, 2026
Ukrainian Oleksandr Didenko sentenced to 5 years for aiding North Korean IT workers in employment fraud.
Deutsche Bahn Hit by a Large-Scale DDoS Attack Disrupting Rail Services
Cybersecurity
Deutsche Bahn Hit by a Large-Scale DDoS Attack Disrupting Rail Services
Mitchell Langley February 20, 2026
Deutsche Bahn's services were disrupted by a DDoS attack, leading to significant travel complications across Germany's national rail network.
Snyk CEO Steps Down to Make Way for AI-Focused Leadership
Cybersecurity
Snyk CEO Steps Down to Make Way for AI-Focused Leadership
Andrew Doyle February 20, 2026
Snyk's CEO announces departure to align leadership with AI advancements in code review.
Advantest Cyberattack Sparks Fears of Employee and Client Data Exposure
Cybersecurity
Advantest Cyberattack Sparks Fears of Employee and Client Data Exposure
Mitchell Langley February 20, 2026
Advantest faces a ransomware attack, investigating potential data breach impact.
PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence
Cybersecurity
PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence
Mitchell Langley February 20, 2026
Discover how PromptSpy malware uses Gemini AI at runtime to analyze on-screen elements and maintain persistence on Android devices even after a reboot...
Ukrainian National Gets Five Years for Helping North Korean IT Workers Infiltrate U.S. Companies
News
Ukrainian National Gets Five Years for Helping North Korean IT Workers Infiltrate U.S. Companies
Mitchell Langley February 20, 2026
A Ukrainian hacker aided North Korea in infiltrating U.S. companies by providing stolen identities, resulting in a five-year prison sentence.
Application Security
Microsoft Patches Exploited Exchange XSS as Secure Boot Deadline Looms
Andrew Doyle June 9, 2026
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Mitchell Langley June 9, 2026
CVE Vulnerability Alerts
Check Point VPN CVE-2026-50751 Exploited by Qilin Before Patch Release
Andrew Doyle June 9, 2026
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Mitchell Langley June 9, 2026

TOP CYBERSECURITY HEADLINES

TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Application Security
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Cybersecurity
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
Cybersecurity
TVING Data Breach Triggers South Korean Government Probe

This Week’s Security Spotlight

Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
CVE Vulnerability Alerts
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
Andrew Doyle June 8, 2026
CVE Vulnerability Alerts
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Gabby Lee June 5, 2026
Cybersecurity
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
Gabby Lee June 5, 2026
More In News
Trending
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
FireCompass Raises $20M to Scale AI-Powered Offensive Security
September 8, 2025
Podcasts
CVE-2025-42957: Active Exploits Target SAP S/4HANA Systems
September 8, 2025
Podcasts
Fake Job Interviews, Real Hacks: How North Korean Spies Steal Billions in Crypto
September 8, 2025

Cyber Security News

Application Security
CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
May 21, 2026
Application Security
Single-Letter Go Typosquat Backdoors Financial and Crypto Developers
May 21, 2026
Application Security
CVE-2026-46376: FreePBX Hard-Coded Credentials Open VoIP Portals
May 21, 2026
Cybersecurity
Pardus Linux CVSS 9.3 Flaw Exposes Turkish Government Systems to Root
May 21, 2026
CVE Vulnerability Alerts
CVE-2026-46333: Linux Kernel Flaw Grants Root via ssh-keysign
May 21, 2026
CVE Vulnerability Alerts
CISA Adds Two Exploited Microsoft Defender Zero-Days to KEV
May 21, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
BeyondTrust RS and PRA Vulnerability Is Being Actively Exploited by Threat Actors
February 25, 2026
Attackers exploit CVE-2026-1731 in BeyondTrust RS and PRA, leveraging VShell for persistence, lateral movement, and system control.
Microsoft Expands Data Loss Prevention Controls for Microsoft 365 Copilot
February 25, 2026
Microsoft expands data loss prevention (DLP) controls to block Microsoft 365 Copilot from accessing and processing confidential Word, Excel, and Power...
New Security Concerns Arise with the Proliferation of Internal LLMs
February 25, 2026
As organizations implement LLMs, security concerns shift to the infrastructure.
Cybercriminal Group Exploits Hundreds of FortiGate Firewalls Using Off-the-Shelf AI Tools
February 24, 2026
A cybercrime group used off-the-shelf AI tools to target FortiGate firewalls in 55 countries.
Ring Bets $10,000 That Nobody Can Hack Its Local Streaming Feature
February 24, 2026
Ring offers $10,000 for finding security flaws in its new local streaming feature. The company's goal is to limit video access to device owners' trust...
Romanian Hacker Admits to Selling Oregon State Network Access in Court
February 23, 2026
A Romanian hacker pleads guilty to selling digital access to a US state office network.
Privacy Groups Demand Compliance From Generative AI Image Creators
February 23, 2026
Privacy watchdogs insist generative AI makers adhere to data protection laws.
Spanish Hacker Arrested for Booking Luxury Hotel Rooms for One Cent
February 23, 2026
Spanish police apprehended a hacker for booking luxury rooms for €0.01 each through an exploited payment system.
Anthropic Introduces Claude Code Security for Vulnerability Detection
February 23, 2026
Anthropic's new feature scans code for vulnerabilities, suggesting targeted patches.
PayPal Data Breach Exposed User Data for Six Months Due to Software Bug
February 23, 2026
A six-month data breach at PayPal exposed sensitive user information due to a software flaw in its Working Capital app.
Critical Grandstream Phone Vulnerability Allows for Eavesdropping Opportunities
February 23, 2026
A critical flaw in Grandstream phones enables remote code execution without authentication.
Ukrainian National Sentenced in US Federal Court for Aiding North Korean IT Fraud
February 23, 2026
Ukrainian Oleksandr Didenko sentenced to 5 years for aiding North Korean IT workers in employment fraud.
Deutsche Bahn Hit by a Large-Scale DDoS Attack Disrupting Rail Services
February 20, 2026
Deutsche Bahn's services were disrupted by a DDoS attack, leading to significant travel complications across Germany's national rail network.
Snyk CEO Steps Down to Make Way for AI-Focused Leadership
February 20, 2026
Snyk's CEO announces departure to align leadership with AI advancements in code review.
Advantest Cyberattack Sparks Fears of Employee and Client Data Exposure
February 20, 2026
Advantest faces a ransomware attack, investigating potential data breach impact.
PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence
February 20, 2026
Discover how PromptSpy malware uses Gemini AI at runtime to analyze on-screen elements and maintain persistence on Android devices even after a reboot...
Ukrainian National Gets Five Years for Helping North Korean IT Workers Infiltrate U.S. Companies
February 20, 2026
A Ukrainian hacker aided North Korea in infiltrating U.S. companies by providing stolen identities, resulting in a five-year prison sentence.
Former Google Engineers Indicted for Alleged Trade Secret Theft Linked to Iran
February 20, 2026
Former Google engineers indicted for allegedly stealing trade secrets and transferring sensitive data to unauthorized locations, including Iran.
Operation Red Card 2.0 Dismantles Online Scam Networks Across Africa
February 20, 2026
Operation Red Card 2.0 led to 651 arrests and disrupted online scam networks in Africa.
MIT CSAIL’s 2025 AI Agent Index Puts System Transparency Under the Microscope
February 20, 2026
Academic researchers spotlighted the growing role and impact of AI agents across industries, raising critical questions about transparency, accountabi...
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
What Is Dropper Malware and How Does It Evade Detection
TVING Data Breach Triggers South Korean Government Probe
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
Six Ransomware Groups Post Cross-Sector Victims in Single Day
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
DNS Tunneling: How Attacks Work, Detection, and Prevention
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack