Cyber Security
U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
Temu Fined $2 Million for INFORM Consumers Act Violations
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development
Dynatrace Confirms Customer Data Exposure in Salesforce Supply Chain Breach
Wealthsimple Data Breach Exposes Government IDs in Third-Party Attack
External Attack Surface Management: CISO’s Guide to Mitigating Risk Before It Strikes
Salesloft Data Breach Exposes 700 Companies Through OAuth Token Attack
U.S. Charges Ukrainian National for Administering Ransomware
Doctors Outraged After NSW Health Department Leaks Personal and Professional Data
Salt Typhoon Breach Exposes U.S. Telecom Wiretap Systems
China Is Blurring the Lines Between Civilian AI and Military Power
Rose Acre Farms Targeted in Alleged Lynx Ransomware Attack
Lovesac Confirms Data Breach Following Ransomware Attack
GhostAction Supply Chain Attack on GitHub Exposes 3,325 Secrets
Qantas Airways Reduces CEO’s Bonus Following July Data Breach
This Week In Cybersecurity: September 1–5, 2025
Czech Cybersecurity Agency Warns Against Chinese Technology in Critical Infrastructure
Social Engineering Breach Opens Door to Google Salesforce Data Leak
Cybersecurity Leadership: An Expert Talks Executive Risk
Hack on In-Flight Connectivity Provider Anuvu Exposes Starlink User Data
Wealthsimple Data Breach Leaked Client Information Online
Jaguar Land Rover Cyberattack Severely Disrupts Production, Systems Taken Offline
GPS Jamming Attack Forces Ursula Von Der Leyen’s Plane to Land Without Navigation
Santa Fe County Website “Hack” Likely Based on Old Source Code
Salesforce Supply Chain Breach Hits Palo Alto Networks Customers
Evertec Confirms $130M Fraud Attempt in Sinqia Pix Cyberattack
Cloudflare Confirms Salesforce Breach in Growing Supply Chain Attack
Exploring Ransomware EDR-Killer Tools: How New Tactics Undermine Endpoint Security
Agentic AI Steals Spotlight at Black Hat 2025 with Real-Time Threat Response
Hackers Leak Sensitive Healthcare Data of 433,000 U.S. Doctors
Cybersecurity
Hackers Leak Sensitive Healthcare Data of 433,000 U.S. Doctors
Hackers leaked data on 433,000 U.S. doctors, exposing names, addresses, and emails. Experts warn of phishing, identity theft, and ransomware risks targeting healthcare professionals and ...
Tea App Data Breach Exposes Sensitive Images
Cybersecurity
Tea App Data Breach Exposes Sensitive Images
Tea Dating Advice confirmed a July 2025 breach affecting 4,244 users, exposing sensitive PII, identity documents, and private images, raising concerns over larger-scale data exposure.
NCSC Warns of Malware Campaign Using Fake PDF Editors
Application Security
NCSC Warns of Malware Campaign Using Fake PDF Editors
The NCSC uncovered a malware campaign using fake PDF editors and manual finder tools to turn devices into residential proxies, enabling criminals to mask their ...
TransUnion Data Breach Exposes Personal Information of 4.4 Million
Cybersecurity
TransUnion Data Breach Exposes Personal Information of 4.4 Million
TransUnion confirmed a cyberattack exposing data of over 4.4 million U.S. consumers, tied to Salesforce breaches attributed to ShinyHunters and UNC6395 extortion groups.
Brokewell Android Malware Spread Through Fake TradingView Ads
Application Security
Brokewell Android Malware Spread Through Fake TradingView Ads
Cybercriminals are exploiting Meta’s ad network to push fake TradingView Premium apps that secretly install Brokewell malware on Android devices, stealing data and hijacking user ...
SentinelOne Q3 Revenue Jumps 22 Amid Cybersecurity Surge
Cybersecurity
SentinelOne Q3 Revenue Jumps 22% Amid Cybersecurity Surge
SentinelOne has raised its annual revenue forecast amid surging demand for AI-driven cybersecurity. With its Singularity platform and growing ARR surpassing $1 billion, the company ...
U.S. and Allies Expose Salt Typhoon Cyber Espionage Network
Cybersecurity
U.S. and Allies Expose Salt Typhoon Cyber Espionage Network
A sweeping international advisory accuses Chinese tech firms of fueling cyber espionage campaigns tied to Salt Typhoon and related groups. The attacks span telecom networks, ...
Senator Wyden Demands Independent Cybersecurity Review of Federal Courts
Cybersecurity
Senator Wyden Demands Independent Cybersecurity Review of Federal Courts
A wave of breaches exposing sealed court records and confidential informant data has drawn sharp criticism of the judiciary’s outdated IT. Senator Ron Wyden is ...
FEMA Fires 24 Staff After DHS Cybersecurity Audit Uncovers Major Failures
Endpoint Security
FEMA Fires 24 Staff After DHS Cybersecurity Audit Uncovers Major Failures
A DHS audit prompted FEMA to fire 24 staff, including top IT leaders, over cybersecurity failures such as weak authentication and outdated protocols, highlighting federal ...
Maryland’s Paratransit Ransomware Strike Cyberattack Disrupts Disabled Transit Services
News
Maryland’s Paratransit Ransomware Strike: Cyberattack Disrupts Disabled Transit Services
A ransomware attack on Maryland’s Mobility paratransit system has disrupted critical transportation for disabled residents, blocking new reservations and rebookings. While core transit services remain ...
Critical SharePoint Zero-Day Exploited Immediate Steps Against CVE-2025-53770 Vulnerability
Application Security
Critical SharePoint Zero-Day Exploited: Immediate Steps Against CVE-2025-53770 Vulnerability
A critical zero-day in Microsoft SharePoint, tracked as CVE-2025-53770, is being widely exploited in espionage and ransomware campaigns. Dubbed “ToolShell,” the flaw enables unauthenticated remote ...
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
Cybersecurity
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
Microsoft warns Storm-0501 now focuses on cloud-native extortion: exfiltrating data, destroying backups, and encrypting cloud storage rather than encrypting on-premises endpoints.
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Cybersecurity
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
CPAP’s systems were breached in December 2024, exposing names, SSNs, and protected health information for over 90,000 individuals including military beneficiaries.
Healthcare Services Group Data Breach Impacts 624,000 Individuals After 2024 Network Intrusion
Cybersecurity
Healthcare Services Group Data Breach Impacts 624,000 Individuals After 2024 Network Intrusion
Healthcare Services Group reports a late-2024 intrusion that exposed personal data for 624,000 people; company offers identity protection and continues forensic investigations.
PromptLock Ransomware Uses AI to Encrypt and Steal Data
Cybersecurity
PromptLock Ransomware Uses AI to Encrypt and Steal Data
Researchers uncovered PromptLock, the first AI-powered ransomware generating malicious Lua scripts via LLM prompts. Though only a proof-of-concept, it highlights risks of weaponized AI in ...
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Application Security
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Microsoft warns Storm-0501 now focuses on cloud-native extortion: exfiltrating data, destroying backups, and encrypting cloud storage rather than encrypting on-premises endpoints.
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
Cybersecurity
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
A cyberattack on Miljödata disrupted services across 200+ Swedish municipalities and may have exposed sensitive personal data; a ransom demand of 1.5 BTC was reported.
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
Cybersecurity
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
Researchers show image-scaling prompt injection can hide executable instructions that surface only after downscaling, enabling LLM-driven data exfiltration across multiple AI platforms.
Auchan Notifies Customers After Loyalty Account Data Exposure in Cyberattack
Cybersecurity
Auchan Notifies Customers After Loyalty Account Data Exposure in Cyberattack
Auchan disclosed a cyberattack exposing contact and loyalty data for several hundred thousand customers; bank details and passwords were not impacted, CNIL was notified.
Critical Docker Desktop SSRF Vulnerability Compromises Hosts Using Containers
Cybersecurity
Critical Docker Desktop SSRF Vulnerability Compromises Hosts Using Containers
A critical SSRF in Docker Desktop (CVE-2025-9074) let containers reach the Docker Engine API and bind host storage; Docker issued Docker Desktop 4.44.3 to fix ...

TOP CYBERSECURITY HEADLINES

This Week’s Security Spotlight

Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Detection Tools
Cato Networks Acquires Aim Security to Bolster AI Defense in SASE
Cato Networks, a leader in Secure Access Service Edge (SASE), has made its first acquisition, purchasing Aim Security, an AI security startup founded in 2022. ...
Tidal Cyber Secures $10M to Advance Threat-Informed Defense
Cybersecurity startup Tidal Cyber, founded in 2022 by three former MITRE experts, has raised $10 million in Series A funding, bringing its total capital to ...
Disney Fined $10M for COPPA Violations Over Mislabeling Kids’ Content on YouTube
Disney has reached a $10 million settlement with the U.S. Federal Trade Commission (FTC) after being found in violation of the Children’s Online Privacy Protection ...
Google Patches 111 Android Flaws in September 2025, Including Two Zero-Days Under Attack
Google has released its September 2025 Android security patches, addressing a staggering 111 unique vulnerabilities, including two actively exploited zero-day flaws that are already being ...
Santa Fe County Website “Hack” Likely Based on Old Source Code
Hackers claimed to leak Santa Fe County’s website source code, but researchers found the data outdated, likely from the early 2010s, raising doubts about its ...
Salesforce Supply Chain Breach Hits Palo Alto Networks Customers
Palo Alto Networks confirmed exposure of customer records in a Salesforce breach via Drift tokens, as Unit 42 warned attackers mass-exfiltrated sensitive data and credentials ...
Google Warns of Sitecore Zero-Day: ViewState Deserialization Under Fire
A critical zero-day vulnerability, CVE-2025-53690, is being actively exploited in the wild, targeting Sitecore Experience Manager (XM) and Experience Platform (XP) systems deployed with outdated ...
Evertec Confirms $130M Fraud Attempt in Sinqia Pix Cyberattack
Hackers breached Evertec’s Brazilian subsidiary Sinqia, attempting a $130 million theft via Pix. Using stolen vendor credentials, they initiated unauthorized transfers before operations were suspended ...
Cloudflare Confirms Salesforce Breach in Growing Supply Chain Attack
Cloudflare confirmed its Salesforce instance was breached through compromised SalesLoft and Drift integrations, exposing customer data in a campaign affecting 700+ companies. The company’s detailed ...
Exploring Ransomware EDR-Killer Tools: How New Tactics Undermine Endpoint Security
A new wave of EDR-killer tools is reshaping ransomware tactics, enabling groups like RansomHub, Medusa, and Blacksuit to disable endpoint defenses. By exploiting vulnerable drivers ...
Agentic AI Steals Spotlight at Black Hat 2025 with Real-Time Threat Response
Agentic AI took center stage at Black Hat USA 2025, marking a definitive pivot from conceptual discussions to real-world deployment. As the cybersecurity industry grapples ...
DHS Cuts $27M Cybersecurity Support: Impact on 19,000 Local Governments
The Department of Homeland Security (DHS) will halt $27 million in annual federal funding for the Multi-State Information Sharing and Analysis Center (MS-ISAC) by the ...
TamperedChef Infostealer Delivered Through Fraudulent PDF Editor Ads
Cybercriminals used fraudulent Google Ads to spread a fake PDF Editor app delivering TamperedChef infostealer, leveraging code-signing certificates, residential proxy enrollment
Amazon Disrupts Midnight Blizzard Campaign Targeting Microsoft 365
Amazon disrupted a Midnight Blizzard campaign where Russian hackers used compromised websites, fake Cloudflare pages, and Microsoft device code abuse to target enterprise Microsoft 365 ...
Zscaler Data Breach Exposes Customer Information After Salesloft Drift Compromise
Zscaler confirmed a Salesforce data breach linked to the Salesloft Drift compromise, exposing customer information but not its core services. The incident highlights escalating OAuth ...
Hackers Threaten Google with Data Leak Unless it Fires Threat Intelligence Employees
Hackers calling themselves Scattered LapSus Hunters threatened to leak Google databases unless two employees are dismissed, linking their demand to recent Salesforce-driven phishing attacks.
SK Telecom Hit with Record US$96.9 Million Fine After Data Breach Exposes 23 Million Users
SK Telecom has been fined $96.9 million after a breach exposed 23 million users’ data, marking the largest privacy penalty ever imposed on a South ...
Hackers Leak Sensitive Healthcare Data of 433,000 U.S. Doctors
Hackers leaked data on 433,000 U.S. doctors, exposing names, addresses, and emails. Experts warn of phishing, identity theft, and ransomware risks targeting healthcare professionals and ...
Brokewell Malware Targets Android Users via Fake TradingView Ads on Meta
A new and highly sophisticated Android malware campaign, dubbed Brokewell, has emerged as one of the most dangerous mobile threats of 2024–2025. First spotted in ...
Von der Leyen and Shapps Flights Hit by Suspected Russian Electronic Warfare
Aviation safety and geopolitics collided when multiple flights carrying high-ranking European and UK officials were hit by suspected Russian GPS jamming. European Commission President Ursula ...