Main Menu
Cyber Security
Gentlemen Ransomware Group’s Internal Data Leaked Publicly
Sri Lanka Arrests 628 in Colombo Crypto Fraud Compound Bust
SAP S/4HANA SQL Injection CVE-2026-34260 Rated CVSS 9.6
Nitrogen Ransomware Hits Foxconn Wisconsin, Claims 8TB Theft
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
ShinyHunters Sets HMH Extortion Deadline, Student Data at Risk
Public PoC Drops for CVSS 9.8 Android Zero-Click CVE-2026-0073
Dell DSA-2026-047: CVSS 9.8 Hard-Coded Credentials in ECS Storage
PHP SOAP Extension RCE CVE-2026-6722 Patched Across All Branches
GhostLock Abuses Windows API to Lock 500K Files, Bypassing EDR
WEF: 94% of Organizations Name AI as Top Cybersecurity Change Driver
Dirty Frag CVE-2026-43284 Exploited in Wild, Linux Patches Out
FCC Extends Foreign Router Update Window to 2029 Amid Volt Typhoon
Skoda Online Shop Breach Exposes Customer Data and Password Hashes
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
Checkmarx Jenkins Plugin Backdoored in TeamPCP Supply Chain
University Student’s TETRA Replay Attack Halts Taiwan Bullet Train
Five Malicious NuGet Packages Target Chinese .NET Developers
QLNX Fileless Linux RAT Combines eBPF Rootkit, PAM Backdoor
ShinyHunters Leaks 50GB After Vishing Breach at Cushman & Wakefield
Google GTIG Documents First AI-Generated Zero-Day Exploit
Apache CVE-2026-23918: HTTP/2 Double-Free Enables RCE on Debian
SailPoint GitHub Repositories Breached via Third-Party App Flaw
TrickMo Android Banker Routes C2 Traffic Through TON Blockchain
CVE-2026-7482 in Ollama Exposes 300,000 AI Servers to Memory Leaks
JDownloader Website Hacked to Serve Python RAT Malware
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
RansomHouse Breaches Trellix; Source Code Repositories Accessed
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
LastPass Users Targeted by Deceptive Phishing Campaign
News
LastPass Users Targeted by Deceptive Phishing Campaign
Mitchell Langley January 22, 2026
LastPass issues an alert about a phishing scheme cloaked as a maintenance notice, coercing users into a counterfeit data vault backup. Threat actors exploit trust, ...
Cybercriminals Exploit Social Media Messages for Malicious Payloads
News
Cybercriminals Exploit Social Media Messages for Malicious Payloads
Gabby Lee January 22, 2026
A novel phishing campaign leverages private messages on social media platforms to deliver payloads, aided by Dynamic Link Library sideloading.
Critical Vulnerabilities Identified in Git Model Context Protocol Server by Anthropic
Application Security
Critical Vulnerabilities Identified in Git Model Context Protocol Server by Anthropic
Andrew Doyle January 22, 2026
Three significant vulnerabilities have emerged in mcp-server-git, enabling potential exploitation through prompt injection. Attackers could manipulate an AI assistant to access or delete files and ...
Serious Bugs in Chainlit Could Expose Sensitive Credentials
Cybersecurity
Serious Bugs in Chainlit Could Expose Sensitive Credentials
Mitchell Langley January 22, 2026
Security flaws in Chainlit software can risk unauthorized exposure of sensitive information. Experts signal that misuse can lead to leaked credentials and databases.
Google Gemini's Vulnerability to Prompt Injection Accessing Sensitive Calendar Information
Cybersecurity
Google Gemini’s Vulnerability to Prompt Injection: Accessing Sensitive Calendar Information
Gabby Lee January 22, 2026
Researchers demonstrated how Google's AI, Gemini, could be tricked into revealing confidential Calendar data through prompt injection. This technique involves manipulating the AI into bypassing ...
SolyxImmortal An Info-Stealer Abusing Trusted APIs and Discord Webhooks
Cybersecurity
SolyxImmortal An Info-Stealer Abusing Trusted APIs and Discord Webhooks
Mitchell Langley January 20, 2026
Learn about the SolyxImmortal information stealer, which exploits legitimate APIs to siphon data to Discord. This novel threat is targeting secure communications, leveraging trusted channels ...
Google Gemini Security Vulnerability Exposes Google Calendar to Data Exploitation
Application Security
Google Gemini Security Vulnerability Exposes Google Calendar to Data Exploitation
Gabby Lee January 20, 2026
Cybersecurity experts have identified a flaw in Google Gemini that exploits indirect prompt injection to manipulate Google Calendar for unauthorized data access.
Jordanian Hacker Pleads Guilty to Selling Network Access in the United States
Cybersecurity
Jordanian Hacker Pleads Guilty to Selling Network Access in the United States
Andrew Doyle January 20, 2026
The defendant in a US court admitted selling unauthorized access to compromised enterprise networks. This operation involved an undercover agent, revealing how access brokers monetize ...
Ingram Micro Faces Data Breach Impacting 42,000 Individuals’ Personal Information
News
Ingram Micro Faces Data Breach Impacting 42,000 Individuals’ Personal Information
Andrew Doyle January 20, 2026
In a ransomware attack, Ingram Micro revealed a significant data breach impacting approximately 42,000 individuals. Compromised information includes names, birth dates, Social Security Numbers, and ...
U.K. Authorities Alerted to Russian-aligned Hacktivist DDoS Threats
Cybersecurity
U.K. Authorities Alerted to Russian-Aligned Hacktivist DDoS Threats
Mitchell Langley January 20, 2026
U.K. authorities caution against Russian-aligned hacktivists launching disruptive DDoS attacks. The focus is on critical infrastructure and local government services. This has raised significant cybersecurity ...
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
A critical security flaw in TP-Link’s VIGI cameras has been patched, following discovery by a researcher of over 2,500 vulnerable, internet-exposed devices. The flaw allowed ...
Google Chrome Introduces Option to Delete Local AI Models
Cybersecurity
Google Chrome Introduces Option to Delete Local AI Models
Andrew Doyle January 19, 2026
Google's Chrome browser introduces a new feature enabling users to delete local AI models linked to its Enhanced Protection feature. This change offers users greater ...
Tennessee Hacker Admits Guilt in Supreme Court Filing System Breach
Cybersecurity
Tennessee Hacker Admits Guilt in Supreme Court Filing System Breach
Mitchell Langley January 19, 2026
Nicholas Moore, a Tennessee man, confessed to hacking the U.S. Supreme Court’s filing system. His illegal activities also impacted other federal agencies, including AmeriCorps and ...
Monnai Secures $12 Million to Bolster Identity and Risk Data Services
Identity and Access Management
Monnai Secures $12 Million to Bolster Identity and Risk Data Services
Mitchell Langley January 19, 2026
The recent funding will enable Monnai to enhance its identity verification and risk management services, targeting financial institutions and digital firms.
New Chrome Extensions Disguised as HR Tools Pose Security Threat
Cybersecurity
New Chrome Extensions Disguised as HR Tools Pose Security Threat
Mitchell Langley January 19, 2026
Researchers have identified five Chrome extensions disguising themselves as HR and ERP tools. These malicious extensions aim to steal authentication tokens, obstruct incident response, and ...
GootLoader Employs Malformed ZIP Files to Evade Detection
News
GootLoader Employs Malformed ZIP Files to Evade Detection
Gabby Lee January 19, 2026
Cybersecurity analysts have discovered that GootLoader is using malformed ZIP archives in a bid to circumvent detection. By concatenating 500 to 1,000 archives, it employs ...
Verizon Offers Compensation after Nationwide Wireless Service Outage
Network Security
Verizon Offers Compensation after Nationwide Wireless Service Outage
Andrew Doyle January 19, 2026
Verizon Wireless addresses last week's widespread outage by informing affected customers about a $20 account credit. Customers are receiving text messages with precise steps on ...
Microsoft Patch Tuesday Update Sparks Unrest in PCs
Cybersecurity
Microsoft Patch Tuesday Update Sparks Unrest in PCs
Mitchell Langley January 19, 2026
Microsoft’s recent Patch Tuesday update introduced a peculiar bug affecting some PCs, preventing them from shutting down or entering hibernation. The issue, tied to Secure ...
Law Enforcement Identifies Black Basta Ransomware Leader
News
Law Enforcement Identifies Black Basta Ransomware Leader
Gabby Lee January 19, 2026
Ukraine and Germany confirm the identity of the Black Basta ransomware leader, now on the Europol and Interpol wanted lists. Law enforcement's collaboration highlights global ...
HPE OneView Mass Vulnerability Exploitation Threatens Government Agencies
Application Security
HPE OneView Mass Vulnerability Exploitation Threatens Government Agencies
Andrew Doyle January 18, 2026
Over 40,000 cyberattacks in four hours exploited a critical HPE OneView vulnerability. The attacks primarily targeted government agencies, utilizing the RondoDox botnet to execute mass, ...
Cybersecurity
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
Andrew Doyle May 13, 2026
Cybersecurity
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
Andrew Doyle May 13, 2026
Cybersecurity
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
Andrew Doyle May 13, 2026
Cybersecurity
ICO Fines South Staffordshire Water £963,900 Over Cl0p Breach
Mitchell Langley May 13, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Gentlemen Ransomware Group’s Internal Data Leaked Publicly
Cybersecurity
Sri Lanka Arrests 628 in Colombo Crypto Fraud Compound Bust
Application Security
SAP S/4HANA SQL Injection CVE-2026-34260 Rated CVSS 9.6
Cybersecurity
Nitrogen Ransomware Hits Foxconn Wisconsin, Claims 8TB Theft

This Week’s Security Spotlight

Application Security
SAP S/4HANA SQL Injection CVE-2026-34260 Rated CVSS 9.6
Gabby Lee May 13, 2026
CVE Vulnerability Alerts
Dell DSA-2026-047: CVSS 9.8 Hard-Coded Credentials in ECS Storage
Mitchell Langley May 13, 2026
Cybersecurity
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
Andrew Doyle May 11, 2026
Application Security
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
Andrew Doyle May 11, 2026
More In News
Trending
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks
Fake Claude AI Site Delivers New Beagle Windows Backdoor
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Microsoft: AiTM Phishing Hit 35,000 Users in 26 Countries

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
FireCompass Raises $20M to Scale AI-Powered Offensive Security
September 8, 2025
Podcasts
CVE-2025-42957: Active Exploits Target SAP S/4HANA Systems
September 8, 2025
Podcasts
Fake Job Interviews, Real Hacks: How North Korean Spies Steal Billions in Crypto
September 8, 2025

Cyber Security News

Critical ShareFile Flaws Open the Door to Unauthenticated RCE
Application Security
Critical ShareFile Flaws Open the Door to Unauthenticated RCE
April 7, 2026
Strapi CMS Plugins Face Exploitation by Malicious npm Packages
Application Security
Strapi CMS Plugins Face Exploitation by Malicious npm Packages
April 7, 2026
Analysis Reveals .cmd Malware Escalating Privileges and Bypassing Antivirus
Cybersecurity
Analysis Reveals .cmd Malware Escalating Privileges and Bypassing Antivirus
April 7, 2026
Fortinet Acts Quickly on Zero-Day Vulnerability Impacting FortiClient EMS Users
CVE Vulnerability Alerts
Fortinet Acts Quickly on Zero-Day Vulnerability Impacting FortiClient EMS Users
April 7, 2026
North Korean Cyber Operatives Drain $285 Million from Drift Exchange
Cybersecurity
North Korean Cyber Operatives Drain $285 Million from Drift Exchange
April 7, 2026
Axios HTTP Client Developer Targeted in North Korean Social Engineering Campaign
Application Security
Axios HTTP Client Developer Targeted in North Korean Social Engineering Campaign
April 7, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Serious Bugs in Chainlit Could Expose Sensitive Credentials
January 22, 2026
Security flaws in Chainlit software can risk unauthorized exposure of sensitive information. Experts signal that misuse can lead to leaked credentials and databases.
Google Gemini’s Vulnerability to Prompt Injection: Accessing Sensitive Calendar Information
January 22, 2026
Researchers demonstrated how Google's AI, Gemini, could be tricked into revealing confidential Calendar data through prompt injection. This technique involves manipulating the AI into bypassing ...
SolyxImmortal An Info-Stealer Abusing Trusted APIs and Discord Webhooks
January 20, 2026
Learn about the SolyxImmortal information stealer, which exploits legitimate APIs to siphon data to Discord. This novel threat is targeting secure communications, leveraging trusted channels ...
Google Gemini Security Vulnerability Exposes Google Calendar to Data Exploitation
January 20, 2026
Cybersecurity experts have identified a flaw in Google Gemini that exploits indirect prompt injection to manipulate Google Calendar for unauthorized data access.
Jordanian Hacker Pleads Guilty to Selling Network Access in the United States
January 20, 2026
The defendant in a US court admitted selling unauthorized access to compromised enterprise networks. This operation involved an undercover agent, revealing how access brokers monetize ...
Ingram Micro Faces Data Breach Impacting 42,000 Individuals’ Personal Information
January 20, 2026
In a ransomware attack, Ingram Micro revealed a significant data breach impacting approximately 42,000 individuals. Compromised information includes names, birth dates, Social Security Numbers, and ...
U.K. Authorities Alerted to Russian-Aligned Hacktivist DDoS Threats
January 20, 2026
U.K. authorities caution against Russian-aligned hacktivists launching disruptive DDoS attacks. The focus is on critical infrastructure and local government services. This has raised significant cybersecurity ...
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
January 20, 2026
A critical security flaw in TP-Link’s VIGI cameras has been patched, following discovery by a researcher of over 2,500 vulnerable, internet-exposed devices. The flaw allowed ...
Google Chrome Introduces Option to Delete Local AI Models
January 19, 2026
Google's Chrome browser introduces a new feature enabling users to delete local AI models linked to its Enhanced Protection feature. This change offers users greater ...
Tennessee Hacker Admits Guilt in Supreme Court Filing System Breach
January 19, 2026
Nicholas Moore, a Tennessee man, confessed to hacking the U.S. Supreme Court’s filing system. His illegal activities also impacted other federal agencies, including AmeriCorps and ...
Monnai Secures $12 Million to Bolster Identity and Risk Data Services
January 19, 2026
The recent funding will enable Monnai to enhance its identity verification and risk management services, targeting financial institutions and digital firms.
New Chrome Extensions Disguised as HR Tools Pose Security Threat
January 19, 2026
Researchers have identified five Chrome extensions disguising themselves as HR and ERP tools. These malicious extensions aim to steal authentication tokens, obstruct incident response, and ...
GootLoader Employs Malformed ZIP Files to Evade Detection
January 19, 2026
Cybersecurity analysts have discovered that GootLoader is using malformed ZIP archives in a bid to circumvent detection. By concatenating 500 to 1,000 archives, it employs ...
Verizon Offers Compensation after Nationwide Wireless Service Outage
January 19, 2026
Verizon Wireless addresses last week's widespread outage by informing affected customers about a $20 account credit. Customers are receiving text messages with precise steps on ...
Microsoft Patch Tuesday Update Sparks Unrest in PCs
January 19, 2026
Microsoft’s recent Patch Tuesday update introduced a peculiar bug affecting some PCs, preventing them from shutting down or entering hibernation. The issue, tied to Secure ...
Law Enforcement Identifies Black Basta Ransomware Leader
January 19, 2026
Ukraine and Germany confirm the identity of the Black Basta ransomware leader, now on the Europol and Interpol wanted lists. Law enforcement's collaboration highlights global ...
HPE OneView Mass Vulnerability Exploitation Threatens Government Agencies
January 18, 2026
Over 40,000 cyberattacks in four hours exploited a critical HPE OneView vulnerability. The attacks primarily targeted government agencies, utilizing the RondoDox botnet to execute mass, ...
Project Eleven Secures $20 Million Funding to Propel Post-Quantum Security
January 18, 2026
Project Eleven has successfully raised $20 million in funding to develop infrastructure and tools essential for organizations transitioning to post-quantum computing. With this substantial investment, ...
UAT-8837 Threat Actor Linked to China Targeting North American Infrastructure
January 18, 2026
The cyber threat actor UAT-8837, associated with China, targets North American critical infrastructure through the exploitation of known and zero-day vulnerabilities. This sophisticated adversary demonstrates ...
Canada’s Investment Watchdog Suffers Massive Data Breach: 750,000 Impacted by CIRO Security Incident
January 18, 2026
The Canadian Investment Regulatory Organization (CIRO), responsible for regulating investment dealers, reported a significant data breach. Threat actors stole personal information from 750,000 people, highlighting ...
Gentlemen Ransomware Group’s Internal Data Leaked Publicly
Sri Lanka Arrests 628 in Colombo Crypto Fraud Compound Bust
SAP S/4HANA SQL Injection CVE-2026-34260 Rated CVSS 9.6
Nitrogen Ransomware Hits Foxconn Wisconsin, Claims 8TB Theft
InterLock Claims Park Dental Research in 24-Hour Healthcare Blitz
ShinyHunters Sets HMH Extortion Deadline, Student Data at Risk
Public PoC Drops for CVSS 9.8 Android Zero-Click CVE-2026-0073
Dell DSA-2026-047: CVSS 9.8 Hard-Coded Credentials in ECS Storage
PHP SOAP Extension RCE CVE-2026-6722 Patched Across All Branches
GhostLock Abuses Windows API to Lock 500K Files, Bypassing EDR
WEF: 94% of Organizations Name AI as Top Cybersecurity Change Driver
Dirty Frag CVE-2026-43284 Exploited in Wild, Linux Patches Out
FCC Extends Foreign Router Update Window to 2029 Amid Volt Typhoon
Skoda Online Shop Breach Exposes Customer Data and Password Hashes
Operation HookedWing: 4-Year Campaign Compromises 500 Orgs
cPanel Patches Three CVEs as Sorry Ransomware Hits 44K Servers
Checkmarx Jenkins Plugin Backdoored in TeamPCP Supply Chain
University Student’s TETRA Replay Attack Halts Taiwan Bullet Train
Five Malicious NuGet Packages Target Chinese .NET Developers
QLNX Fileless Linux RAT Combines eBPF Rootkit, PAM Backdoor