Main Menu
Cyber Security
Clickjacking Tactics Exploit SVG and CSS: Understanding the New Threat
IDEsaster: Uncovering Security Flaws in AI-Powered IDEs
FBI Warns of Social Media Images Exploited for Virtual Kidnapping Scams
GlobalProtect Logins and SonicWall APIs Come Under Fire from Hacking Campaign
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
India Reverses Decision on Mandating Preinstalled Cybersecurity App on Smartphones
Virginia Brothers Face Conspiracy Charges Over Alleged Data Theft and Database Destruction
Russia Orders Block on FaceTime and Snapchat Amid Security Concerns
Inotiv Reports Massive Data Breach Impacting Thousands
Agentic Security Fortifies Its Position with $130 Million Funding Round
Porsche Owners in Russia Face Unexpected Disruption: Satellite Security System Malfunction
Hackers Breach Marquis: A Fintech Data Nightmare
AI Used to Delete Government Databases in Breach of Cybersecurity Protocols
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware: CISA’s Critical Alert
Silver Fox Impersonates Russian Hackers in Tactical SEO Poisoning Campaign
Intellexa’s Predator Spyware Exploits Zero-click ‘Aladdin’ Mechanism in Targeted Attacks
Niobium Secures $23 Million to Advance Homomorphic Encryption
Russian Internet Authority Blocks Roblox Over Content Concerns
Leroy Merlin France Security Breach Exposes Customer Data
Google Expands Support for Android’s In-Call Scam Protection to More Financial Institutions
Microsoft Silently Patches Long-Exploited Windows Vulnerability
Major Universities Affected in Oracle E-Business Suite Hacking Campaign
Freedom Mobile Data Breach: Protecting Consumer Information in the Telecom Sector
North Korea’s Covert IT Workforce Exposed: Unmasking the Chollima Scheme
FTC Targets EdTech Giant Illuminate After Data Breach Exposes 10 Million Students
Cybersecurity Incident at Three-Council: Data Breach Adds Complexity
GlassWorm Supply Chain Attack Compromises Developer Tools
Shai-Hulud Strikes Again: Massive Data Exposure from NPM Attack
Microsoft Investigates Defender XDR Portal Access Disruptions
University of Pennsylvania Data Breach: Clop’s Zero-Day Exploit Targets Oracle’s E-Business Suite
University of Pennsylvania Data Breach Clop's Zero-Day Exploit Targets Oracle's E-Business Suite
Cybersecurity
University of Pennsylvania Data Breach: Clop’s Zero-Day Exploit Targets Oracle’s E-Business Suite
Gabby Lee December 3, 2025
The University of Pennsylvania recently disclosed a data breach affecting over 1,400 individuals. Attackers exploited a zero-day vulnerability in Oracle’s E-Business Suite, linked to the ...
Zafran Security Accelerates Global Expansion with $60 Million Series C Funding
Cybersecurity
Zafran Security Accelerates Global Expansion with $60 Million Series C Funding
Andrew Doyle December 3, 2025
Zafran Security, a cybersecurity startup, has raised $60 million in Series C funding to enhance product innovation and global reach. This development marks a significant ...
Albiriox Banking Trojan Poses New Threat to Android Devices
Cybersecurity
Albiriox Banking Trojan Poses New Threat to Android Devices
Andrew Doyle December 2, 2025
Cybersecurity experts are on high alert with the emergence of Albiriox, an Android banking trojan sold for $720 monthly. This new threat from Russian cybercriminals ...
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Cybersecurity
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Andrew Doyle December 2, 2025
Cybercriminals are increasingly using sophisticated techniques such as deepfakes, fake resumes, and stolen identities to penetrate corporate hiring processes. Strengthening vetting and access controls can ...
Young Cybercriminals Rebels Without a Cause in the Digital World
Cybersecurity
Young Cybercriminals: Rebels Without a Cause in the Digital World
Mitchell Langley December 2, 2025
Emerging data reveals most young cybercriminals outgrow illicit activities by age 20. This shift signals their maturation process beyond digital crime, although a few remain ...
$29 Million in Bitcoin Seized from Cryptomixer Implications for Cybercrime
Cybersecurity
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
Mitchell Langley December 2, 2025
In a sweeping international effort, authorities targeted cryptomixer services for aiding in cybercriminal activities. Operation Olympia led to a significant Bitcoin haul.
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
Application Security
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
Gabby Lee December 2, 2025
ShadyPanda malware campaign has quietly infiltrated over 4.3 million installations of Chrome and Edge browser extensions. It deceived users by masquerading as legitimate tools, allowing ...
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
Cybersecurity
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
Gabby Lee December 2, 2025
The open-source SmartTube client for Android TV faced a security breach after an attacker accessed the developer's signing keys. This led to the distribution of ...
South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Andrew Doyle December 2, 2025
Coupang, a leading retailer in South Korea, has confirmed a data breach compromising the personal information of 33.7 million customers. This major incident raises significant ...
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
Application Security
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
Mitchell Langley December 2, 2025
A seven-year campaign has infected 4.3 million users with malware through browser extensions. Despite warnings, some extensions persist in the Microsoft Edge store, continuing to ...
India's Telecommunications Ministry Mandates Preloaded Cybersecurity App
Application Security
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Gabby Lee December 2, 2025
India's telecommunications ministry is mandating the preloading of the Sanchar Saathi cybersecurity app on new mobile devices. The app, designed to enhance user safety, is ...
Microsoft Tackles Excel Attachment Issue in New Outlook Client
Application Security
Microsoft Tackles Excel Attachment Issue in New Outlook Client
Andrew Doyle December 2, 2025
Microsoft is aware of and addressing an issue that hinders some users from opening Excel email attachments in the updated Outlook client. The issue can ...
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
CVE Vulnerability Alerts
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
Andrew Doyle December 1, 2025
CISA updates its Known Exploited Vulnerabilities (KEV) catalog with CVE-2021-26829, a security flaw impacting OpenPLC ScadaBR, used in industrial control systems.
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
Cybersecurity
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
Gabby Lee December 1, 2025
OpenAI begins testing advertisements within its ChatGPT platform, exploring new monetization avenues. This initiative may significantly influence the web economy, raising questions about user data ...
OBR Launches Investigation After Budget Forecast Leak
Cybersecurity
OBR Launches Investigation After Budget Forecast Leak
Mitchell Langley December 1, 2025
The Office for Budget Responsibility (OBR) has enlisted Ciaran Martin, ex-chief of the National Cyber Security Centre (NCSC), to investigate how its Budget day forecast ...
Man Sentenced for Running Evil Twin Network at Australian Airports
Cybersecurity
Man Sentenced for Running “Evil Twin” Network at Australian Airports
Mitchell Langley November 30, 2025
A 44-year-old man was sentenced in Australia to over seven years in prison for creating an "evil twin" WiFi network to steal data from travelers ...
French Football Federation Data Breach Exposes Administrative Management Software
Application Security
French Football Federation Data Breach Exposes Administrative Management Software
Gabby Lee November 30, 2025
The French Football Federation confirmed a cybersecurity breach after attackers accessed its administrative management software. The breach involved unauthorized access through a compromised account, potentially ...
Python Package Index Threatened by Legacy Code Vulnerabilities
Cybersecurity
Python Package Index Threatened by Legacy Code Vulnerabilities
Andrew Doyle November 30, 2025
A recent study exposes how legacy code in Python packages presents security challenges. Researchers identified vulnerabilities in bootstrap files, potentially enabling supply chain compromises on ...
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Cybersecurity
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Mitchell Langley November 30, 2025
A comprehensive scan of 5.6 million GitLab repositories has revealed over 17,000 exposed secrets, posing significant cybersecurity risks. This discovery underscores the importance of addressing ...
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
Cybersecurity
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
Gabby Lee November 30, 2025
North Korea-linked threat actors continue aggressive activity with the addition of 197 malicious npm packages. These deployments have reached over 31,000 downloads and deliver a ...
EtherRAT Malware Implant Utilizes Linux Persistence Mechanisms in React2Shell Attack
Cybersecurity
EtherRAT Malware Implant Utilizes Linux Persistence Mechanisms in React2Shell Attack
Mitchell Langley December 9, 2025
Inotiv Reports Massive Data Breach Impacting Thousands
Data Security
Inotiv Reports Massive Data Breach Impacting Thousands
Mitchell Langley December 8, 2025
Inotiv Reports Massive Data Breach Impacting Thousands
Data Security
Inotiv Reports Massive Data Breach Impacting Thousands
Mitchell Langley December 8, 2025
DragonForce Ransomware A New Collaboration in Cybercrime
News
DragonForce Ransomware: A New Collaboration in Cybercrime
Gabby Lee December 5, 2025

TOP CYBERSECURITY HEADLINES

Clickjacking Tactics Exploit SVG and CSS Understanding the New Threat
Cybersecurity
Clickjacking Tactics Exploit SVG and CSS: Understanding the New Threat
IDEsaster Uncovering Security Flaws in AI-Powered IDEs
Application Security
IDEsaster: Uncovering Security Flaws in AI-Powered IDEs
Critical RSC Vulnerability Added to CISA's KEV Catalog Due to Active Exploitation
CVE Vulnerability Alerts
Critical RSC Vulnerability Added to CISA’s KEV Catalog Due to Active Exploitation
React2Shell Vulnerability Exposes Over 77,000 IPs Worldwide
CVE Vulnerability Alerts
React2Shell Vulnerability Exposes Over 77,000 IPs Worldwide

This Week’s Security Spotlight

ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
Endpoint Security
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
Mitchell Langley December 8, 2025
Russian Internet Authority Blocks Roblox Over Content Concerns
Cybersecurity
Russian Internet Authority Blocks Roblox Over Content Concerns
Mitchell Langley December 5, 2025
React Server Components' Security Flaw Risks Unauthenticated Remote Code Execution
CVE Vulnerability Alerts
React Server Components’ Security Flaw Risks Unauthenticated Remote Code Execution
Andrew Doyle December 5, 2025
Cybersecurity Incident at Three-Council Data Breach Adds Complexity
Cybersecurity
Cybersecurity Incident at Three-Council: Data Breach Adds Complexity
Mitchell Langley December 3, 2025
More In News
Trending
AI-Powered Phishing Campaigns Mimic Enterprise Marketing Operations
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Microsoft Rushes Emergency Fix for WSUS Remote Code Execution Flaw (CVE-2025-59287)
October 27, 2025
Podcasts
Perplexity Comet AI Browser Launch Exploited in Coordinated Impersonation Scam
October 27, 2025
Podcasts
Lazarus Group Targets European UAV Firms in North Korea’s Drone Espionage Push
October 27, 2025

Cyber Security News

Agentic Security Fortifies Its Position with $130 Million Funding Round
Cybersecurity
Agentic Security Fortifies Its Position with $130 Million Funding Round
December 8, 2025
Porsche Owners in Russia Face Unexpected Disruption Satellite Security System Malfunction
Cybersecurity
Porsche Owners in Russia Face Unexpected Disruption: Satellite Security System Malfunction
December 8, 2025
Hackers Breach Marquis A Fintech Data Nightmare
Cybersecurity
Hackers Breach Marquis: A Fintech Data Nightmare
December 5, 2025
AI Used to Delete Government Databases in Breach of Cybersecurity Protocols
Cybersecurity
AI Used to Delete Government Databases in Breach of Cybersecurity Protocols
December 5, 2025
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware CISA's Critical Alert
Application Security
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware: CISA’s Critical Alert
December 5, 2025
Silver Fox Impersonates Russian Hackers in Tactical SEO Poisoning Campaign
Cybersecurity
Silver Fox Impersonates Russian Hackers in Tactical SEO Poisoning Campaign
December 5, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
December 2, 2025
Cybercriminals are increasingly using sophisticated techniques such as deepfakes, fake resumes, and stolen identities to penetrate corporate hiring processes. Strengthening vetting and access controls can ...
Young Cybercriminals: Rebels Without a Cause in the Digital World
December 2, 2025
Emerging data reveals most young cybercriminals outgrow illicit activities by age 20. This shift signals their maturation process beyond digital crime, although a few remain ...
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
December 2, 2025
In a sweeping international effort, authorities targeted cryptomixer services for aiding in cybercriminal activities. Operation Olympia led to a significant Bitcoin haul.
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
December 2, 2025
ShadyPanda malware campaign has quietly infiltrated over 4.3 million installations of Chrome and Edge browser extensions. It deceived users by masquerading as legitimate tools, allowing ...
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
December 2, 2025
The open-source SmartTube client for Android TV faced a security breach after an attacker accessed the developer's signing keys. This led to the distribution of ...
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
December 2, 2025
Coupang, a leading retailer in South Korea, has confirmed a data breach compromising the personal information of 33.7 million customers. This major incident raises significant ...
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
December 2, 2025
A seven-year campaign has infected 4.3 million users with malware through browser extensions. Despite warnings, some extensions persist in the Microsoft Edge store, continuing to ...
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
December 2, 2025
India's telecommunications ministry is mandating the preloading of the Sanchar Saathi cybersecurity app on new mobile devices. The app, designed to enhance user safety, is ...
Microsoft Tackles Excel Attachment Issue in New Outlook Client
December 2, 2025
Microsoft is aware of and addressing an issue that hinders some users from opening Excel email attachments in the updated Outlook client. The issue can ...
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
December 1, 2025
CISA updates its Known Exploited Vulnerabilities (KEV) catalog with CVE-2021-26829, a security flaw impacting OpenPLC ScadaBR, used in industrial control systems.
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
December 1, 2025
OpenAI begins testing advertisements within its ChatGPT platform, exploring new monetization avenues. This initiative may significantly influence the web economy, raising questions about user data ...
OBR Launches Investigation After Budget Forecast Leak
December 1, 2025
The Office for Budget Responsibility (OBR) has enlisted Ciaran Martin, ex-chief of the National Cyber Security Centre (NCSC), to investigate how its Budget day forecast ...
Man Sentenced for Running “Evil Twin” Network at Australian Airports
November 30, 2025
A 44-year-old man was sentenced in Australia to over seven years in prison for creating an "evil twin" WiFi network to steal data from travelers ...
French Football Federation Data Breach Exposes Administrative Management Software
November 30, 2025
The French Football Federation confirmed a cybersecurity breach after attackers accessed its administrative management software. The breach involved unauthorized access through a compromised account, potentially ...
Python Package Index Threatened by Legacy Code Vulnerabilities
November 30, 2025
A recent study exposes how legacy code in Python packages presents security challenges. Researchers identified vulnerabilities in bootstrap files, potentially enabling supply chain compromises on ...
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
November 30, 2025
A comprehensive scan of 5.6 million GitLab repositories has revealed over 17,000 exposed secrets, posing significant cybersecurity risks. This discovery underscores the importance of addressing ...
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
November 30, 2025
North Korea-linked threat actors continue aggressive activity with the addition of 197 malicious npm packages. These deployments have reached over 31,000 downloads and deliver a ...
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
November 30, 2025
Brsk, a British telecommunications company, finds itself embroiled in a cybersecurity investigation following claims of a data breach involving over 230,000 files. Cybercriminals allege they ...
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
November 30, 2025
A significant security breach involving the Shai-Hulud 2.0 npm worm revealed vulnerabilities in CI/CD workflows. PostHog experienced an unprecedented incident with attackers injecting malicious code ...
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
November 30, 2025
Microsoft has announced a technical issue affecting Windows 11 users where recent updates may cause the password sign-in option to disappear from the lock screen. ...
Clickjacking Tactics Exploit SVG and CSS: Understanding the New Threat
IDEsaster: Uncovering Security Flaws in AI-Powered IDEs
Critical RSC Vulnerability Added to CISA’s KEV Catalog Due to Active Exploitation
React2Shell Vulnerability Exposes Over 77,000 IPs Worldwide
FBI Warns of Social Media Images Exploited for Virtual Kidnapping Scams
Apache Tika Vulnerability CVE-2025-66516 Exposes Systems to Critical Risks
GlobalProtect Logins and SonicWall APIs Come Under Fire from Hacking Campaign
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
India Reverses Decision on Mandating Preinstalled Cybersecurity App on Smartphones
Virginia Brothers Face Conspiracy Charges Over Alleged Data Theft and Database Destruction
Russia Orders Block on FaceTime and Snapchat Amid Security Concerns
Inotiv Reports Massive Data Breach Impacting Thousands
Agentic Security Fortifies Its Position with $130 Million Funding Round
Porsche Owners in Russia Face Unexpected Disruption: Satellite Security System Malfunction
Hackers Breach Marquis: A Fintech Data Nightmare
AI Used to Delete Government Databases in Breach of Cybersecurity Protocols
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware: CISA’s Critical Alert
Silver Fox Impersonates Russian Hackers in Tactical SEO Poisoning Campaign
Intellexa’s Predator Spyware Exploits Zero-click ‘Aladdin’ Mechanism in Targeted Attacks
DragonForce Ransomware: A New Collaboration in Cybercrime