Cyber Security
News
Erie Insurance Cyberattack Causes System-Wide Disruptions and Portal Outages
Erie Insurance confirms a cyberattack as the source of major service disruptions since June 7, affecting customer access, claims processing, and business operations.
News
Mental Health Provider Mount Rogers Targeted by INC Ransom, Internal Documents and Personal Details Leaked
Ransomware group INC Ransom breached Mount Rogers Community Services, leaking internal files, personal emails, and invoices from the mental health provider's systems.
News
Texas Dept. of Transportation Breach Exposes 300,000 Crash Records in May 2025
TxDOT suffered a breach on May 12, 2025, leaking 300,000 crash reports. Stolen data includes driver’s license numbers, insurance info, and crash details.
Endpoint Security
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
Ivanti patched three high-severity vulnerabilities in Workspace Control caused by hardcoded cryptographic keys, which exposed SQL and environment credentials to local authenticated attackers.
News
Mirai Botnet Exploits Wazuh Servers via Remote Code Execution Vulnerability
A critical RCE flaw in Wazuh servers is being exploited by Mirai botnet variants, allowing attackers to execute Python code through malicious API requests.
News
FIN6 Hackers Target Recruiters with Fake Job Seekers and Malware-Loaded Resumes
FIN6 hackers are impersonating job seekers to infiltrate recruiter systems, delivering the More_Eggs malware via AWS-hosted resume sites and phishing tactics on LinkedIn and Indeed. ...
News
4,000+ Fake Sites Used in Scam Marketplace Ads on Facebook to Impersonate Top Retail Brands
A scam network using over 4,000 fake websites is impersonating Amazon, Birkenstock, and more, pushing fraudulent Facebook Marketplace ads and stealing user data.
News
Bert Ransomware Group Claims Data Theft from Global Port Agency S5
Ransomware gang Bert claims to have stolen 140GB of sensitive data from S5 Agency World, a maritime logistics firm with operations in 360+ ports globally. ...
Ransomware
INC Ransomware: Master of Double Extortion
INC Ransomware is a sophisticated and relatively new cybercriminal group known for its targeted ransomware attacks against corporate and organizational networks. They exhibit a high ...
News
Ticketmaster Data from Snowflake Attack Appears Briefly on Arkana Security Extortion Site
Old Ticketmaster data stolen in the 2024 Snowflake attack was briefly relisted for sale by Arkana Security, sparking confusion over a possible new breach.
News
Ransomware Attack on Sensata Technologies Leads to Data Breach Impacting Employee Information
Sensata Technologies confirms employee data was stolen in a ransomware breach that impacted operations and exposed sensitive personal and financial details from current and former ...
News
United Natural Foods Cyberattack Disrupts Operations Across North America
United Natural Foods, a key supplier to Whole Foods, suffered a cyberattack that disrupted customer orders and forced systems offline as investigations and recovery efforts ...
News
Over 84,000 Roundcube Webmail Servers Exposed to Actively Exploited Remote Code Flaw
Over 84,000 Roundcube webmail servers remain exposed to a critical RCE flaw (CVE-2025-49113) despite a June 2025 patch fixing the vulnerability.
News
SentinelOne Targeted in Sophisticated China-Linked Supply Chain Attack Attempt
Chinese threat actors linked to APT15 and APT41 attempted to compromise SentinelOne through a third-party logistics provider using ShadowPad and GOREshell malware in a global ...
News
Hacker Claims Massive Claro, Movistar Data Breach — Companies Dispute Authenticity
A hacker claims to sell data from Claro and Movistar, affecting over 35 million users, but telecom companies dispute the breach or question its legitimacy. ...
News
The North Face Confirms Credential Stuffing Attack, Customer Accounts Exposed
The North Face warns customers of a credential stuffing attack in April that compromised account information but left payment card data untouched, thanks to tokenized ...
News
Cyprus Airways Data Breach: Hackers Claim Access to Real-Time Systems and Passenger Records
Hackers claim to have breached Cyprus Airways, stealing 41GB of passenger and staff data and maintaining real-time access to flight systems and travel information.
News
Gunra Ransomware Group Claims Massive Breach at American Hospital Dubai
Gunra ransomware claims to have stolen 450 million records from American Hospital Dubai, threatening to leak the data if ransom demands are not met by ...
News
Cartier Cyberattack Exposes Customer Data as Retail Sector Faces Ongoing Threats
Cartier confirms a cyberattack exposed customer data as cyber threats rise across the retail sector, affecting brands like Marks & Spencer, Victoria’s Secret, and Harrods. ...
News
Medical Data Breach Affected Dental Service Infrastructure
An exposed MongoDB database revealed 2.7 million patient records and 8.8 million appointments, likely linked to Gargle, a dental marketing provider, prompting HIPAA scrutiny.
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
KillSec Exploits Zero-Day to Breach Ocuco: 241K Patients Exposed
In this episode, we break down one of 2025’s most significant healthcare cybersecurity incidents: the ransomware attack on Ocuco, a global eyecare software provider. On ...
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
Several Washington Post journalists’ Microsoft email accounts were compromised in a cyberattack believed to be the work of a foreign government targeting national security reporting. ...
DragonForce Ransomware: The Evolving Threat to Healthcare Data
In this episode, we dive deep into the current state of cybersecurity in healthcare, where the growing sophistication of cyber threats has led to increasingly ...
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
Cybercriminals are now targeting the U.S. insurance sector with Scattered Spider-style tactics—experts warn of imminent threats involving phishing, SIM swapping, and MFA abuse.
Zoomcar Confirms Data Breach Impacting 8.4 Million Users Following Threat Actor Alert
Zoomcar has confirmed a cybersecurity breach affecting 8.4 million users, exposing names, contact details, and vehicle data—but not financial information or passwords.
Hackers Claim Breach of Scania’s Corporate Insurance Arm, 34,000 Files Allegedly Stolen
Hackers claim to have breached Scania’s corporate insurance arm, stealing 34,000 internal files. The targeted platform remains offline, citing maintenance.
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
A ransomware attack forced Germany’s century-old napkin manufacturer Fasana into insolvency, halting production, delaying salaries, and causing losses over €2 million in two weeks.
Google’s $32B Bid for Wiz Faces DOJ Fire: A Cloud Security Power Play or Market Grab?
In this episode, we break down the seismic implications of Google’s proposed $32 billion acquisition of Wiz, the world’s largest cybersecurity unicorn—and why this isn’t ...
SimpleHelp Exploit Fallout: Ransomware Hits Utility Billing Platforms
In this critical episode, we dive into the alarming exploitation of CVE-2024-57727, a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software actively leveraged by ...
TeamFiltration and Token Theft: The Cyber Campaign Microsoft Never Saw Coming
In this episode, we dissect UNK_SneakyStrike—a major account takeover campaign targeting Microsoft Entra ID users with precision and scale. Tracked by Proofpoint, this campaign began ...
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
Hackers have claimed to leak a database containing 64 million records linked to T-Mobile, one of the largest mobile carriers in the U.S. The data ...
Debt Collection Breach at CCC Exposes Data of Over 9 Million Americans
A cyberattack on Credit Control Corporation exposed data of 9.1 million Americans, including personal and financial records. Attackers may exploit the information for targeted scams. ...
Yes24 Ransomware Attack Disrupts South Korea’s Entertainment Industry, Exposes Millions to Risk
A ransomware attack on Yes24, South Korea’s leading ticket platform, brought services to a halt, disrupted major K-pop events, and triggered fears over customer data ...
Cyberattack Disrupts WestJet Internal Systems, Airline Investigating with Authorities
A cyberattack on Canada’s second-largest airline, WestJet, disrupted internal systems and app access, prompting an ongoing investigation involving law enforcement and transport authorities.
Three CVEs, One Risk: Arbitrary Code Execution in Nessus Agent for Windows
In this episode, we dive deep into one of the most critical attack techniques in modern cyber warfare: privilege escalation—and how it recently hit center ...
WestJet Cyberattack: Cracks in Aviation’s Digital Armor
A major cyberattack has rocked Canada’s second-largest airline, WestJet—crippling internal systems and prompting warnings for customers to monitor their accounts and change passwords. But this ...
Victoria’s Secret Restores Critical Systems Following Cyberattack That Delayed Q1 Earnings
Victoria’s Secret confirms full restoration of core systems after a May cyberattack disrupted corporate operations and forced a delay in the company’s Q1 earnings release. ...
Over 46,000 Grafana Instances Still Vulnerable to ‘Grafana Ghost’ Account Takeover Bug
A critical vulnerability in Grafana leaves over 46,000 internet-facing instances exposed to account hijacking and JavaScript injection through malicious plugin redirects.
Silent Surveillance: The Hidden Risks in 40,000+ Unsecured Cameras
In this episode, we dig into a disturbing yet underreported national security threat: the exploitation of internet-connected surveillance cameras—especially those manufactured in the People’s Republic ...
Paragon’s Promise vs. Reality: How Graphite Is Being Used Against Journalists and Activists
In this episode, we dive deep into the alarming revelations surrounding Graphite, a powerful spyware tool developed by Israeli firm Paragon Solutions. Promoted as a ...