Main Menu
Cyber Security
11 Million Downloads, One Poisoned Version: PyTorch’s Close Call
Hacking the Hackers: What a Security Vendor Breach Really Means
Signed, Sealed, Stolen: Hackers Used DigiCert to Certify Malware
Five Intelligence Agencies Agree: Slow Down Your AI Agents
275 Million Students’ Records Allegedly Stolen in Canvas Breach
Tax Season Never Really Ends for Hackers
When Amazon Sends the Phishing Email
WhatsApp Patches Flaws That Let Hackers Hide Malware in Plain Sight
North Korea Turned a Gaming App Into a Spyware Platform
Debug Mode Left Open: Enterprise Platform Hit With Unauthenticated RCE
One Zero-Day, 40,000 Servers: The cPanel Mass-Compromise
Confident Posture: Navigating Ransomware Incidents with Expert Guidance
Threat Actors Are Ramping Up Microsoft Teams Exploitation for Network Access
Cybercriminals Are Bending Trust, Not Breaking Systems
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Instagram Data Breach Affects 17.5 Million Users Security Implications Explored
Application Security
Instagram Data Breach Affects 17.5 Million Users: Security Implications Explored
Mitchell Langley January 12, 2026
A significant data breach has compromised the personal details of approximately 17.5 million Instagram users. This breach, as reported by Malwarebytes Labs researchers, has exposed ...
U.S. Immigration and Customs Enforcement's Surveillance Tactics Scrutinized
Information Security
U.S. Immigration and Customs Enforcement’s Surveillance Tactics Scrutinized
Gabby Lee January 12, 2026
The U.S. Immigration and Customs Enforcement (ICE) is under scrutiny for its substantial investment in surveillance technology, drawing criticism for privacy implications and its role ...
UK Government Faces Rising Cybersecurity Concerns Amid Legal Aid and Foreign Office Attacks
Cybersecurity
UK Government Faces Rising Cybersecurity Concerns Amid Legal Aid and Foreign Office Attacks
Andrew Doyle January 12, 2026
The UK's cybersecurity standards are in question after breaches at the Legal Aid Agency and Foreign Office. Without legal obligations to meet previous EU standards, ...
Authorities in Spain Dismantle Cyber Fraud Network Tied to Black Axe Group
News
Authorities in Spain Dismantle Cyber Fraud Network Tied to Black Axe Group
Andrew Doyle January 12, 2026
Officials in Spain apprehended 34 individuals linked to a sophisticated cyber fraud organization. Suspected of affiliations with the notorious Black Axe group, these arrests are ...
Ireland Recalls Thousands of Passports Due to Software-Induced Printing Defect
Data Security
Ireland Recalls Thousands of Passports Due to Software-Induced Printing Defect
Andrew Doyle January 12, 2026
Ireland's Foreign Affairs Department has recalled 13,000 passports after a software update led to a printing issue, rendering them non-compliant with international standards and potentially ...
BreachForums Re-emerges Only to Fall Victim to Data Breach
Application Security
BreachForums Re-emerges Only to Fall Victim to Data Breach
Mitchell Langley January 12, 2026
The latest iteration of BreachForums, a well-known hacking community, has suffered a data breach with its user database leaked online. The breach occurred despite recent ...
Anthropic Responds to Viral Allegations of Account Bans
Cybersecurity
Anthropic Responds to Viral Allegations of Account Bans
Gabby Lee January 12, 2026
Anthropic, the company behind Claude AI, addresses allegations of unauthorized account bans. The viral post on X stirred significant discussion among users.
Iranian APT Group MuddyWater Launches Sophisticated Spear-Phishing Campaign
News
Iranian APT Group MuddyWater Launches Sophisticated Spear-Phishing Campaign
Mitchell Langley January 12, 2026
MuddyWater, an Iranian threat actor, is running a spear-phishing campaign targeting multiple sectors in the Middle East using Rust-based implants. The attack leverages icon spoofing ...
CISA Streamlines Security Measures With Vulnerability Catalog Adoption
Cybersecurity
CISA Streamlines Security Measures With Vulnerability Catalog Adoption
Gabby Lee January 11, 2026
The Cybersecurity and Infrastructure Security Agency (CISA) officially retired 10 emergency directives, transferring security focus toward the Known Exploited Vulnerabilities catalog, which offers a more ...
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Application Security
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Gabby Lee January 11, 2026
Using a compromised SonicWall VPN device, Chinese-speaking hackers allegedly targeted a VMware ESXi system with a potential exploit dating back to February 2024. The cybersecurity ...
Illinois Man Charged for Snapchat Phishing Scheme
News
Illinois Man Charged for Snapchat Phishing Scheme
Andrew Doyle January 11, 2026
An Illinois individual faces charges for a phishing scam that compromised approximately 600 Snapchat accounts. The scheme involved stealing private photos of women.
Email Security's True Challenge Evaluating Post-access Threats
Blog
Email Security’s True Challenge: Evaluating Post-access Threats
Mitchell Langley January 11, 2026
While click rates often dominate phishing discussions, real threats emerge post-compromise. Material Security advocates prioritizing containment strategies and examining post-access activities to enhance email security ...
APT28 Intensifies Credential Harvesting on Nuclear and Energy Sectors
Cybersecurity
APT28 Intensifies Credential Harvesting on Nuclear and Energy Sectors
Gabby Lee January 11, 2026
Russian threat actors APT28 target Turkish energy sectors and European think tanks with credential-stealing attacks, focusing on nuclear research. North Macedonia and Uzbekistan agencies also ...
Diplomatic Exchange Between Nations Highlights Tensions in Cybercrime Prosecutions
News
Diplomatic Exchange Between Nations Highlights Tensions in Cybercrime Prosecutions
Mitchell Langley January 11, 2026
A geopolitical exchange took place involving France, the US, and Russia, resulting in the release of an alleged ransomware figure in return for a Swiss ...
NSA Announces Tim Kosiba as New Deputy Director
Cybersecurity
NSA Announces Tim Kosiba as New Deputy Director
Gabby Lee January 11, 2026
Tim Kosiba, with over three decades in the Intelligence Community, has been appointed as the NSA's Deputy Director. His extensive background in federal service makes ...
Threat Actors Target Vulnerable Proxy Servers in the Hunt for LLM Services
Endpoint Security
Threat Actors Target Vulnerable Proxy Servers in the Hunt for LLM Services
Andrew Doyle January 11, 2026
Cybercriminals are exploiting vulnerabilities in proxy servers, seeking unauthorized access to commercial large language models, posing significant cybersecurity concerns.
North Korean Hackers Exploit QR Codes to Breach Enterprise Cloud Security
News
North Korean Hackers Exploit QR Codes to Breach Enterprise Cloud Security
Mitchell Langley January 11, 2026
North Korean state-sponsored cyber actors leverage QR codes to bypass enterprise security systems, gaining unauthorized access to cloud platforms. The FBI highlights these tactics in ...
Illinois Department's Database Error Leads to Massive Data Exposure
Data Security
Illinois Department’s Database Error Leads to Massive Data Exposure
Gabby Lee January 11, 2026
The Illinois Department of Human Services recently disclosed a significant data breach affecting approximately 700,000 residents. A misconfigured privacy setting was identified as the cause, ...
Trend Micro Addresses Vulnerabilities in Apex Central, Mitigates Security Risks
Cybersecurity
Trend Micro Addresses Vulnerabilities in Apex Central, Mitigates Security Risks
Andrew Doyle January 11, 2026
Security company Trend Micro has resolved three critical vulnerabilities in its Apex Central management console, disclosed by Tenable. These issues, identified as CVE-2025-69258, CVE-2025-69259, and ...
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
Endpoint Security
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
Mitchell Langley January 8, 2026
Totolink range extenders are at risk due to a firmware bug that leads to unauthenticated root-level Telnet service, allowing potential device takeovers. Security researchers encourage ...
MOVEit Is Back in the Crosshairs CVSS 9.8 Flaw in Automation
CVE Vulnerability Alerts
MOVEit Is Back in the Crosshairs: CVSS 9.8 Flaw in Automation
Mitchell Langley May 5, 2026
11 Million Downloads, One Poisoned Version PyTorch's Close Call
Application Security
11 Million Downloads, One Poisoned Version: PyTorch’s Close Call
Mitchell Langley May 5, 2026
News
Seiko USA Faces Ransom Threat After Website Defacement
Mitchell Langley April 21, 2026
Autovista Battles Ransomware Attack Across Europe and Australia
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
Gabby Lee April 16, 2026

TOP CYBERSECURITY HEADLINES

11 Million Downloads, One Poisoned Version PyTorch's Close Call
Application Security
11 Million Downloads, One Poisoned Version: PyTorch’s Close Call
Hacking the Hackers What a Security Vendor Breach Really Means
Cybersecurity
Hacking the Hackers: What a Security Vendor Breach Really Means
Signed, Sealed, Stolen Hackers Used DigiCert to Certify Malware
Application Security
Signed, Sealed, Stolen: Hackers Used DigiCert to Certify Malware
Five Intelligence Agencies Agree Slow Down Your AI Agents
Application Security
Five Intelligence Agencies Agree: Slow Down Your AI Agents

This Week’s Security Spotlight

Signed, Sealed, Stolen Hackers Used DigiCert to Certify Malware
Application Security
Signed, Sealed, Stolen: Hackers Used DigiCert to Certify Malware
Gabby Lee May 5, 2026
When Amazon Sends the Phishing Email
Cybersecurity
When Amazon Sends the Phishing Email
Andrew Doyle May 5, 2026
Application Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Mitchell Langley April 21, 2026
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Andrew Doyle April 16, 2026
More In News
Trending
Phishing Scams Are Now Exploiting Apple’s Trusted Email Servers
U.S. and Indonesian Authorities Dismantle the Global Phishing Platform “W3LL”
Phony Root Certificate Scheme Puts Open Source Developers at Risk
APT28 Deploys PRISMEX Malware Against Ukraine and Its Allies

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
FireCompass Raises $20M to Scale AI-Powered Offensive Security
September 8, 2025
Podcasts
CVE-2025-42957: Active Exploits Target SAP S/4HANA Systems
September 8, 2025
Podcasts
Fake Job Interviews, Real Hacks: How North Korean Spies Steal Billions in Crypto
September 8, 2025

Cyber Security News

Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Cybersecurity
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
March 18, 2026
Tech Giants Invest $12.5 Million in Open Source Software Security
Cybersecurity
Tech Giants Invest $12.5 Million in Open Source Software Security
March 18, 2026
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Application Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
March 17, 2026
Stryker's Internal Microsoft Environment Was Breached Last Week
Cybersecurity
Stryker’s Internal Microsoft Environment Was Breached Last Week
March 17, 2026
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
Cybersecurity
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
March 17, 2026
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Application Security
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
March 17, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Authorities in Spain Dismantle Cyber Fraud Network Tied to Black Axe Group
January 12, 2026
Officials in Spain apprehended 34 individuals linked to a sophisticated cyber fraud organization. Suspected of affiliations with the notorious Black Axe group, these arrests are ...
Ireland Recalls Thousands of Passports Due to Software-Induced Printing Defect
January 12, 2026
Ireland's Foreign Affairs Department has recalled 13,000 passports after a software update led to a printing issue, rendering them non-compliant with international standards and potentially ...
BreachForums Re-emerges Only to Fall Victim to Data Breach
January 12, 2026
The latest iteration of BreachForums, a well-known hacking community, has suffered a data breach with its user database leaked online. The breach occurred despite recent ...
Anthropic Responds to Viral Allegations of Account Bans
January 12, 2026
Anthropic, the company behind Claude AI, addresses allegations of unauthorized account bans. The viral post on X stirred significant discussion among users.
Iranian APT Group MuddyWater Launches Sophisticated Spear-Phishing Campaign
January 12, 2026
MuddyWater, an Iranian threat actor, is running a spear-phishing campaign targeting multiple sectors in the Middle East using Rust-based implants. The attack leverages icon spoofing ...
CISA Streamlines Security Measures With Vulnerability Catalog Adoption
January 11, 2026
The Cybersecurity and Infrastructure Security Agency (CISA) officially retired 10 emergency directives, transferring security focus toward the Known Exploited Vulnerabilities catalog, which offers a more ...
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
January 11, 2026
Using a compromised SonicWall VPN device, Chinese-speaking hackers allegedly targeted a VMware ESXi system with a potential exploit dating back to February 2024. The cybersecurity ...
Illinois Man Charged for Snapchat Phishing Scheme
January 11, 2026
An Illinois individual faces charges for a phishing scam that compromised approximately 600 Snapchat accounts. The scheme involved stealing private photos of women.
Email Security’s True Challenge: Evaluating Post-access Threats
January 11, 2026
While click rates often dominate phishing discussions, real threats emerge post-compromise. Material Security advocates prioritizing containment strategies and examining post-access activities to enhance email security ...
APT28 Intensifies Credential Harvesting on Nuclear and Energy Sectors
January 11, 2026
Russian threat actors APT28 target Turkish energy sectors and European think tanks with credential-stealing attacks, focusing on nuclear research. North Macedonia and Uzbekistan agencies also ...
Diplomatic Exchange Between Nations Highlights Tensions in Cybercrime Prosecutions
January 11, 2026
A geopolitical exchange took place involving France, the US, and Russia, resulting in the release of an alleged ransomware figure in return for a Swiss ...
NSA Announces Tim Kosiba as New Deputy Director
January 11, 2026
Tim Kosiba, with over three decades in the Intelligence Community, has been appointed as the NSA's Deputy Director. His extensive background in federal service makes ...
Threat Actors Target Vulnerable Proxy Servers in the Hunt for LLM Services
January 11, 2026
Cybercriminals are exploiting vulnerabilities in proxy servers, seeking unauthorized access to commercial large language models, posing significant cybersecurity concerns.
North Korean Hackers Exploit QR Codes to Breach Enterprise Cloud Security
January 11, 2026
North Korean state-sponsored cyber actors leverage QR codes to bypass enterprise security systems, gaining unauthorized access to cloud platforms. The FBI highlights these tactics in ...
Illinois Department’s Database Error Leads to Massive Data Exposure
January 11, 2026
The Illinois Department of Human Services recently disclosed a significant data breach affecting approximately 700,000 residents. A misconfigured privacy setting was identified as the cause, ...
Trend Micro Addresses Vulnerabilities in Apex Central, Mitigates Security Risks
January 11, 2026
Security company Trend Micro has resolved three critical vulnerabilities in its Apex Central management console, disclosed by Tenable. These issues, identified as CVE-2025-69258, CVE-2025-69259, and ...
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
January 8, 2026
Totolink range extenders are at risk due to a firmware bug that leads to unauthenticated root-level Telnet service, allowing potential device takeovers. Security researchers encourage ...
Vibe Hacking: How AI is Transforming Cybercrime’s Landscape
January 8, 2026
The evolution of cybercrime from skill-based activities to AI-driven "vibe hacking" is reshaping attack strategies. By utilizing AI tools, cybercriminals gain access to advanced capabilities ...
How Misconfigured Email Routing Opens the Door for Credential Theft
January 8, 2026
Misconfigured email routing creates an opening for attackers using Phishing-as-a-Service platforms like Tycoon2FA to steal credentials. Such tactics enable attackers to replicate legitimate internal emails, ...
Logitech’s macOS Applications Disrupted by Expired Code-Signing Certificate
January 7, 2026
Logitech's macOS applications, Options+ and G Hub, faced functionality issues after their code-signing certificate expired, preventing users from launching the apps on Apple systems. This ...
11 Million Downloads, One Poisoned Version: PyTorch’s Close Call
Hacking the Hackers: What a Security Vendor Breach Really Means
Signed, Sealed, Stolen: Hackers Used DigiCert to Certify Malware
Five Intelligence Agencies Agree: Slow Down Your AI Agents
275 Million Students’ Records Allegedly Stolen in Canvas Breach
Tax Season Never Really Ends for Hackers
When Amazon Sends the Phishing Email
WhatsApp Patches Flaws That Let Hackers Hide Malware in Plain Sight
North Korea Turned a Gaming App Into a Spyware Platform
Debug Mode Left Open: Enterprise Platform Hit With Unauthenticated RCE
One Zero-Day, 40,000 Servers: The cPanel Mass-Compromise
Confident Posture: Navigating Ransomware Incidents with Expert Guidance
Threat Actors Are Ramping Up Microsoft Teams Exploitation for Network Access
Cybercriminals Are Bending Trust, Not Breaking Systems
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Seiko USA Faces Ransom Threat After Website Defacement
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses