Main Menu
Cyber Security
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies
RoguePlanet Zero-Day Gives Attackers SYSTEM on Patched Windows
Ivanti Sentry CVE-2026-10520 Actively Exploited, Devices Backdoored
Langflow CVE-2026-5027: Path Traversal Becomes Unauthenticated RCE
WorldLeaks Claims Apple Supplier Tata Electronics and Two More Firms
What is Cloud Detection and Response (CDR) and How Does it Work
Google Patches 5th Chrome Zero-Day; V8 Flaw Chains for OS Access
LiteLLM CVE-2026-42271 Added to CISA KEV: AI API Keys at Risk
France’s Tchap Messaging App Breached, 643K Messages Exposed
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Exploit Published for Linux Kernel nf_tables CVE-2026-23111
Perplexity's Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Application Security
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Andrew Doyle March 6, 2026
A vulnerability in Perplexity's Comet browser exposed local files to potential theft via calendar events.
Tier 1 SOC Analysts Are Carrying More Weight Than They Should
Cybersecurity
Tier 1 SOC Analysts Are Carrying More Weight Than They Should
Mitchell Langley March 6, 2026
Tier 1 SOC analysts face unique challenges in threat detection due to their inexperience, affecting overall security operations center performance.
Joint Operation Dismantles Criminal Syndicate Exploiting Ukrainian War Refugees
Cybersecurity
Joint Operation Dismantles Criminal Syndicate Exploiting Ukrainian War Refugees
Gabby Lee March 6, 2026
Investigation dismantles online gambling criminal syndicate exploiting war-displaced women, highlights international collaboration in cybersecurity.
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
Cybersecurity
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
Mitchell Langley March 6, 2026
A JavaScript worm affects Wikimedia wikis, altering user scripts and pages, demanding a swift response to mitigate damage.
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
Application Security
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
Andrew Doyle March 6, 2026
A critical flaw in WordPress's User Registration & Membership plugin threatens over 60,000 sites, risking exploitation.
Cisco Catalyst SD-WAN Manager Faces Active Exploitation of New Vulnerabilities
CVE Vulnerability Alerts
Cisco Catalyst SD-WAN Manager Faces Active Exploitation of New Vulnerabilities
Gabby Lee March 6, 2026
Cisco reveals active exploitation of vulnerabilities in their Catalyst SD-WAN Manager.
US Government Contractor's Son Charged with Cryptocurrency Theft from US Marshals Service
Cybersecurity
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
Gabby Lee March 6, 2026
US contractor's son arrested for allegedly stealing $46M in digital currency from Marshals Service.
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
News
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Mitchell Langley March 6, 2026
Russian hackers target Ukrainian entities using fresh malware BadPaw and MeowMeow delivered through phishing.
Russian Ransomware Operator Admits Guilt in U.S. Court
Cybersecurity
Russian Ransomware Operator Admits Guilt in U.S. Court
Mitchell Langley March 6, 2026
Russian cybercriminal faces U.S. justice after South Korean extradition.
Meta's Smart Glasses Face Privacy Investigation in Britain
Cybersecurity
Meta’s Smart Glasses Face Privacy Investigation in Britain
Gabby Lee March 6, 2026
Britain's privacy watchdog questions Meta's AI-powered glasses after intimate footage review.
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
Cybersecurity
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
Mitchell Langley March 6, 2026
An Iranian MOIS-linked cybercrew infiltrates U.S. firms with a sophisticated implant.
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure
News
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure
Mitchell Langley March 5, 2026
Flare reveals the booming underground market for hacked cPanel credentials fueling phishing schemes.
HungerRush POS Platform Targeted in Data Extortion Scheme
Cybersecurity
HungerRush POS Platform Targeted in Data Extortion Scheme
Gabby Lee March 5, 2026
HungerRush POS customers report extortion emails threatening data exposure.
Fake OpenClaw Installers on GitHub Are Stealing User Data
Cybersecurity
Fake OpenClaw Installers on GitHub Are Stealing User Data
Andrew Doyle March 5, 2026
Fake OpenClaw installers hosted on a malicious GitHub repository are targeting users with information stealers and GhostSocks malware to harvest sensi...
Coruna iOS Exploits Target Apple Devices in Espionage and Financial Attacks
Cybersecurity
Coruna iOS Exploits Target Apple Devices in Espionage and Financial Attacks
Mitchell Langley March 5, 2026
Newly discovered Coruna iOS exploits target Apple devices in espionage and financial attacks.
FBI Seizes LeakBase and Disrupts a Major Cybercrime Forum
Cybersecurity
FBI Seizes LeakBase and Disrupts a Major Cybercrime Forum
Gabby Lee March 5, 2026
A recent FBI takedown of the LeakBase cybercrime forum disrupts major online criminal activities.
Zurich Forms Cyber Insurance Powerhouse with $11 Billion Beazley Acquisition
Cybersecurity
Zurich Forms Cyber Insurance Powerhouse with $11 Billion Beazley Acquisition
Mitchell Langley March 5, 2026
Zurich's acquisition of Beazley, valued at $11 billion, is set to reshape the cyberinsurance landscape by the second half of 2026.
Retaliatory Hacktivism Escalates Amid Epic Fury and Roaring Lion Military Operations
Cybersecurity
Retaliatory Hacktivism Escalates Amid Epic Fury and Roaring Lion Military Operations
Gabby Lee March 5, 2026
Hacktivist activities rise sharply following the U.S.-Israel military campaign against Iran.
University of Mississippi Medical Center Resumes Operations After Nine-Day Ransomware Attack
Cybersecurity
University of Mississippi Medical Center Resumes Operations After Nine-Day Ransomware Attack
Andrew Doyle March 5, 2026
UMMC restores IT systems and electronic medical records access after a ransomware attack caused nine days of operational interruptions.
Phishing Warnings as LastPass Users Get Targeted by Fake Alerts
News
Phishing Warnings as LastPass Users Get Targeted by Fake Alerts
Mitchell Langley March 5, 2026
LastPass alerts users of phishing emails posing as security warnings to obtain master passwords.
Application Security
Chrome 149 Patches 28 Flaws, Including 12 Use-After-Free Bugs
Gabby Lee June 12, 2026
Cybersecurity
Kyushu Electric Loses Drive With Data on 10.9M Customers
Mitchell Langley June 12, 2026
Blog
Triple Extortion Ransomware: How It Works and How to Stop It
Andrew Doyle June 12, 2026
Cybersecurity
Europol Dismantles AudiA6 Crypto Laundering Service
Gabby Lee June 12, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Application Security
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
Application Security
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers

This Week’s Security Spotlight

Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Andrew Doyle June 12, 2026
Application Security
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Andrew Doyle June 10, 2026
Application Security
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Gabby Lee June 10, 2026
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
More In News
Trending
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
FireCompass Raises $20M to Scale AI-Powered Offensive Security
September 8, 2025
Podcasts
CVE-2025-42957: Active Exploits Target SAP S/4HANA Systems
September 8, 2025
Podcasts
Fake Job Interviews, Real Hacks: How North Korean Spies Steal Billions in Crypto
September 8, 2025

Cyber Security News

Cybersecurity
DragonForce Lists Indiana Greenhouse Firm Heartland Growers
May 26, 2026
Nova Ransomware Hits Brazilian Government Agency and Turkish Tech Firm
Cybersecurity
Nova Ransomware Hits Brazilian Government Agency and Turkish Tech Firm
May 26, 2026
Cybersecurity
Qilin Ransomware Batch-Lists 7 Victims Across Five Countries
May 26, 2026
Cybersecurity
Nightspire Ransomware Hits US Healthcare in Nine-Victim Batch
May 26, 2026
Application Security
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
May 25, 2026
Application Security
Laravel Lang Supply Chain Attack Hijacks 700 Package Versions
May 25, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
March 6, 2026
A JavaScript worm affects Wikimedia wikis, altering user scripts and pages, demanding a swift response to mitigate damage.
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
March 6, 2026
A critical flaw in WordPress's User Registration & Membership plugin threatens over 60,000 sites, risking exploitation.
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
March 6, 2026
US contractor's son arrested for allegedly stealing $46M in digital currency from Marshals Service.
Cisco Catalyst SD-WAN Manager Faces Active Exploitation of New Vulnerabilities
March 6, 2026
Cisco reveals active exploitation of vulnerabilities in their Catalyst SD-WAN Manager.
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
March 6, 2026
Russian hackers target Ukrainian entities using fresh malware BadPaw and MeowMeow delivered through phishing.
Russian Ransomware Operator Admits Guilt in U.S. Court
March 6, 2026
Russian cybercriminal faces U.S. justice after South Korean extradition.
Meta’s Smart Glasses Face Privacy Investigation in Britain
March 6, 2026
Britain's privacy watchdog questions Meta's AI-powered glasses after intimate footage review.
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
March 6, 2026
An Iranian MOIS-linked cybercrew infiltrates U.S. firms with a sophisticated implant.
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure
March 5, 2026
Flare reveals the booming underground market for hacked cPanel credentials fueling phishing schemes.
HungerRush POS Platform Targeted in Data Extortion Scheme
March 5, 2026
HungerRush POS customers report extortion emails threatening data exposure.
Fake OpenClaw Installers on GitHub Are Stealing User Data
March 5, 2026
Fake OpenClaw installers hosted on a malicious GitHub repository are targeting users with information stealers and GhostSocks malware to harvest sensi...
Coruna iOS Exploits Target Apple Devices in Espionage and Financial Attacks
March 5, 2026
Newly discovered Coruna iOS exploits target Apple devices in espionage and financial attacks.
FBI Seizes LeakBase and Disrupts a Major Cybercrime Forum
March 5, 2026
A recent FBI takedown of the LeakBase cybercrime forum disrupts major online criminal activities.
Zurich Forms Cyber Insurance Powerhouse with $11 Billion Beazley Acquisition
March 5, 2026
Zurich's acquisition of Beazley, valued at $11 billion, is set to reshape the cyberinsurance landscape by the second half of 2026.
Retaliatory Hacktivism Escalates Amid Epic Fury and Roaring Lion Military Operations
March 5, 2026
Hacktivist activities rise sharply following the U.S.-Israel military campaign against Iran.
University of Mississippi Medical Center Resumes Operations After Nine-Day Ransomware Attack
March 5, 2026
UMMC restores IT systems and electronic medical records access after a ransomware attack caused nine days of operational interruptions.
Phishing Warnings as LastPass Users Get Targeted by Fake Alerts
March 5, 2026
LastPass alerts users of phishing emails posing as security warnings to obtain master passwords.
Law Enforcement Dismantles Tycoon2FA Phishing-as-a-Service Platform
March 5, 2026
Europol disables Tycoon2FA, a PhaaS platform responsible for tens of millions of phishing messages monthly.
LexisNexis Data Breach Claimed by Fulcrumsec Group
March 5, 2026
LexisNexis confirms a breach in its Legal & Professional division using React2Shell, claiming 2 GB of stolen data.
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX
March 3, 2026
Hundreds of Sangoma FreePBX systems compromised with web shells due to command injection flaw.
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies