Main Menu
Cyber Security
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
CISA Warns of Craft CMS Code Injection Flaw
Top Cyber Threats Facing Enterprise Businesses in 2025: A Comprehensive Guide
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
Marks & Spencer Cyberattack Tied to Scattered Spider Ransomware Group
News
Marks & Spencer Cyberattack Tied to Scattered Spider Ransomware Group
Mitchell Langley April 29, 2025
Marks & Spencer is battling an ongoing outage caused by Scattered Spider ransomware attackers, who breached its systems, stole password data, and encrypted virtual machines. ...
Darcula: AI-Enhanced Phishing Platform Targets Users Worldwide
News
Darcula: AI-Enhanced Phishing Platform Targets Users Worldwide
Mitchell Langley April 29, 2025
The Darcula phishing platform has been upgraded with AI, enabling cybercriminals to quickly generate multilingual phishing scams and harvest user credentials on a global scale. ...
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
News
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
Andrew Doyle April 28, 2025
Researchers uncovered a major AI vulnerability allowing attackers to bypass safeguards with a single prompt, gaining control over AI systems to generate dangerous content.
Marks & Spencer Halts Online Orders Following Cyberattack
News
Marks & Spencer Halts Online Orders Following Cyberattack
Andrew Doyle April 28, 2025
Marks & Spencer suspended online orders following a cyberattack impacting digital and in-store services, while investigations continue in collaboration with external cybersecurity specialists.
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
News
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
Mitchell Langley April 28, 2025
A new phishing campaign is targeting WooCommerce administrators with fake security alerts designed to hijack websites by installing hidden backdoors and persistent malware.
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
News
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
Mitchell Langley April 28, 2025
Pro-Russian hackers NoName057(16) have intensified DDoS attacks against German organizations, targeting banks, manufacturers, and government websites in retaliation for political decisions related to Ukraine.
DragonForce Expands Ransomware Model with White-Label Branding
News
DragonForce Expands Ransomware Model with White-Label Branding
Andrew Doyle April 28, 2025
DragonForce expands its ransomware cartel with a white-label model, allowing affiliates to use its infrastructure under their own brand, taking a 20% cut of ransoms. ...
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
News
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
Mitchell Langley April 28, 2025
SK Telecom Reports Customer Data Breach Linked to Cyberattack SK Telecom, South Korea’s largest mobile carrier, announced that it suffered ...
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
News
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
Mitchell Langley April 25, 2025
Spyware hidden in a fake AlpineQuest app is stealing sensitive data from Russian soldiers, revealing operational plans via location tracking and real-time Telegram monitoring.
Frederick Health Data Breach Impacts 934,326 Patients
News
Frederick Health Data Breach Impacts 934,326 Patients
Mitchell Langley April 25, 2025
In January, a ransomware attack on Frederick Health Medical Group exposed sensitive data of 934,326 patients, triggering law enforcement involvement and mandatory federal breach reporting. ...
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
News
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
Andrew Doyle April 25, 2025
MTN confirms a data breach exposing limited customer data, assures core systems are safe. Law enforcement and regulators have been notified as investigations continue.
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
News
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
Andrew Doyle April 25, 2025
The Interlock ransomware group has claimed responsibility for a cyberattack on DaVita, leaking 1.5TB of sensitive data allegedly stolen from the Fortune 500 healthcare provider.
System Intrusions Surge Across EMEA, Verizon DBIR Warns
News
System Intrusions Surge Across EMEA, Verizon DBIR Warns
Andrew Doyle April 24, 2025
System intrusion breaches in EMEA doubled to 53% in one year, according to Verizon’s 2025 DBIR, as internal threats and third-party involvement surged globally.
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
News
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
Mitchell Langley April 24, 2025
Blue Shield of California disclosed a data breach impacting 4.7 million members after misconfigured Google Analytics exposed protected health information to Google Ads platforms.
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
News
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
Andrew Doyle April 24, 2025
A record-breaking 1.33 million-device botnet has driven a 110% surge in DDoS attacks in Q1 2025, targeting fintech, e-commerce, and telecom sectors.
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
News
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
Andrew Doyle April 24, 2025
A data breach at Yale New Haven Health exposed personal details of 5.5 million patients, with names, SSNs, and medical IDs among the data stolen. ...
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
News
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
Mitchell Langley April 24, 2025
Cybercrime losses in the U.S. hit $16.6 billion in 2024, with older adults and businesses suffering the most, according to new FBI complaint data.
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
News
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
Mitchell Langley April 23, 2025
Marks & Spencer confirms a cyberattack disrupting services, leading to delayed orders and affecting contactless payments, while assuring customers of ongoing efforts to resolve the ...
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Cybersecurity
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Syed Arslan April 23, 2025
Varonis researchers reveal Cookie-Bite, a proof-of-concept Chrome extension attack that steals Azure Entra ID session cookies to bypass MFA and access Microsoft 365 services.
SK Telecom Malware Incident Targets USIM Customer Data
News
SK Telecom Malware Incident Targets USIM Customer Data
Andrew Doyle April 23, 2025
SK Telecom has disclosed a malware attack that exposed sensitive USIM data, prompting swift containment, investigation, and enhanced security measures for its 34 million subscribers. ...
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Syed Arslan May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle April 21, 2025

TOP CYBERSECURITY HEADLINES

Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
News
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
News
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
Cybersecurity
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
Cybersecurity
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty

SECURITYWEEK INDUSTRY EXPERTS

M&S Confirms Customer Data Breach Following Cyberattack
News
M&S Confirms Customer Data Breach Following Cyberattack
Mitchell Langley May 13, 2025
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
News
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Mitchell Langley May 13, 2025
Thousands of Node Developers Compromised by Malware in Popular npm Packages
News
Thousands of Node Developers Compromised by Malware in Popular npm Packages
Andrew Doyle May 13, 2025
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
News
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Mitchell Langley May 13, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
160,000 Victims Later: The Aspire USA Breach Under Valsoft’s Watch
May 12, 2025
Podcasts
Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE
May 12, 2025
Podcasts
PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain
May 8, 2025

Cyber Security News

FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Cybersecurity
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
April 22, 2025
Remote Desktop Protocol (RDP) A Double-Edged Sword for IT Teams
Blog
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
April 21, 2025
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Cybersecurity
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
April 18, 2025
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Cybersecurity
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
April 16, 2025
Hacker Forum 'Cracked' Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Cybersecurity
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
April 14, 2025
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Cybersecurity
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
April 14, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
TikTok Fined €530M: GDPR Breach Over Data Transfers to China
May 5, 2025
The Irish Data Protection Commission (DPC) has fined TikTok a staggering €530 million ($601 million) for violating the GDPR by transferring European user data to ...
StealC Malware Upgraded With Advanced Data Theft and Stealth Capabilities
May 5, 2025
StealC malware receives major upgrade with advanced stealth, encryption, and data theft tools, including real-time Telegram alerts and full desktop screenshot capabilities.
Endor Labs Raises $93M to Cut AppSec Noise and Secure the Software Supply Chain
May 5, 2025
In this episode, we explore the security challenges of the AI-driven software era and how Endor Labs is reshaping application security for the modern development ...
UK Retailer Co-op Discloses Data Theft After DragonForce Ransomware Compromise
May 5, 2025
UK retailer Co-op has confirmed a data breach impacting millions, following a ransomware attack by DragonForce. Personal details were stolen, but no financial data.
U.S. Indicts Black Kingdom Ransomware Developer Behind 1,500 Microsoft Exchange Attacks
May 5, 2025
The U.S. has indicted a Yemeni national for operating Black Kingdom ransomware, targeting Microsoft Exchange servers in 1,500 global attacks demanding $10,000 in Bitcoin.
CVE-2025-3928: How One Vulnerability Breached Commvault’s Azure Stack
May 5, 2025
In this episode, we take a deep dive into CVE-2025-3928—a critical vulnerability in the Commvault Web Server that enables remote attackers to deploy and execute ...
Sodinokibi/REvil Ransomware: The Evasive Threat
May 5, 2025
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April 2019. Initially observed primarily in ...
beWanted Exposes Personal Data of 1.1 Million Job Seekers Across Europe and Latin America
May 5, 2025
Employment platform beWanted leaked over 1.1 million CVs containing names, ID numbers, contact details, and employment history.
Nova Scotia Power, a Canadian Utility, Breached: A Global Warning for Critical Infrastructure
May 2, 2025
On April 25, 2025, Nova Scotia Power, the province’s primary electricity provider, confirmed what many suspected: a cyber incident involving unauthorized access had compromised customer ...
SentinelOne Discloses Ongoing Attacks by Nation-State Hackers and Ransomware Gangs
May 2, 2025
In a rare move, SentinelOne has publicly confirmed that it is under persistent attack from nation-state threat actors and ransomware gangs. This episode breaks down ...
Nova Scotia Power Confirms Customer Data Compromised in Cyberattack
May 2, 2025
Nova Scotia Power confirms personal customer data was stolen in a cyberattack on April 25, though electricity services remain unaffected as the investigation continues.
OpenEoX and the Future of End-of-Life Standardization in IT
May 2, 2025
In this episode, we unpack the evolving landscape of Product Lifecycle Management (PLM) and why it’s become a strategic cornerstone in modern IT environments. From ...
Malicious PyPI Packages Exploit Gmail and WebSockets to Hijack Systems
May 2, 2025
Seven malicious PyPI packages exploited Gmail and WebSockets for remote command execution and data theft, with some packages downloaded over 18,000 times.
iHeartMedia Breach Exposes Personal Data Including SSNs and Passport Numbers
May 2, 2025
iHeartMedia confirmed a December data breach exposing names, Social Security, and passport numbers from local station systems. The company is offering identity theft protection.
Ascension Discloses Data Breach Affecting 5.6 Million Individuals
May 2, 2025
Ascension, a major U.S. healthcare provider, confirmed a ransomware breach affecting 5.6 million individuals, compromising medical, financial, and personal data.
Harrods Confirms Cyberattack Amid Growing Wave Targeting UK Retail Sector
May 2, 2025
Harrods joins M&S and Co-op as the latest UK retailer targeted in a cyberattack, prompting immediate security measures amid a surge in retail-focused intrusions.
LayerX Secures $45M Total to Battle Data Leaks, One Browser at a Time
April 30, 2025
LayerX just raised another $11 million — and it’s not to build another antivirus. With $45 million in total funding, the company is betting that ...
AirBorne: How a Zero-Click Bug Threatens Millions of Apple and Third-Party Devices
April 30, 2025
In this episode, we dive deep into AirBorne — a critical set of vulnerabilities in Apple’s AirPlay protocol and SDK, recently uncovered by security researchers ...
$10.5M to Fight AI-Phishing: The Rise of Pistachio’s Cybersecurity Training Platform
April 30, 2025
In this episode, we dive into the story of Pistachio, the Norwegian cybersecurity startup that just raised $7 million in new funding—bringing its total to ...
Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack
April 30, 2025
Hitachi Vantara shut down servers to contain an Akira ransomware attack that disrupted systems and led to stolen data across corporate and government-related operations.
Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations
Marbled Dust’s Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
M&S Confirms Customer Data Breach Following Cyberattack
TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Thousands of Node Developers Compromised by Malware in Popular npm Packages
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
rand-user-agent: The NPM Package That Opened a Backdoor
160,000 Victims Later: The Aspire USA Breach Under Valsoft’s Watch
Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain
Pegasus Spyware, WhatsApp v. NSO Group, and the Global Battle for Data Privacy
How CodeAnt AI is Automating Code Reviews for 50+ Dev Teams
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure