Main Menu
Cyber Security
U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
Temu Fined $2 Million for INFORM Consumers Act Violations
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development
Dynatrace Confirms Customer Data Exposure in Salesforce Supply Chain Breach
Wealthsimple Data Breach Exposes Government IDs in Third-Party Attack
External Attack Surface Management: CISO’s Guide to Mitigating Risk Before It Strikes
Salesloft Data Breach Exposes 700 Companies Through OAuth Token Attack
U.S. Charges Ukrainian National for Administering Ransomware
Doctors Outraged After NSW Health Department Leaks Personal and Professional Data
Salt Typhoon Breach Exposes U.S. Telecom Wiretap Systems
China Is Blurring the Lines Between Civilian AI and Military Power
Rose Acre Farms Targeted in Alleged Lynx Ransomware Attack
Lovesac Confirms Data Breach Following Ransomware Attack
GhostAction Supply Chain Attack on GitHub Exposes 3,325 Secrets
Qantas Airways Reduces CEO’s Bonus Following July Data Breach
This Week In Cybersecurity: September 1–5, 2025
Czech Cybersecurity Agency Warns Against Chinese Technology in Critical Infrastructure
Social Engineering Breach Opens Door to Google Salesforce Data Leak
Cybersecurity Leadership: An Expert Talks Executive Risk
Hack on In-Flight Connectivity Provider Anuvu Exposes Starlink User Data
Wealthsimple Data Breach Leaked Client Information Online
Jaguar Land Rover Cyberattack Severely Disrupts Production, Systems Taken Offline
GPS Jamming Attack Forces Ursula Von Der Leyen’s Plane to Land Without Navigation
Santa Fe County Website “Hack” Likely Based on Old Source Code
Salesforce Supply Chain Breach Hits Palo Alto Networks Customers
Evertec Confirms $130M Fraud Attempt in Sinqia Pix Cyberattack
Cloudflare Confirms Salesforce Breach in Growing Supply Chain Attack
Exploring Ransomware EDR-Killer Tools: How New Tactics Undermine Endpoint Security
Agentic AI Steals Spotlight at Black Hat 2025 with Real-Time Threat Response
Hackers Leak Sensitive Healthcare Data of 433,000 U.S. Doctors
Cybersecurity
Hackers Leak Sensitive Healthcare Data of 433,000 U.S. Doctors
Andrew Doyle September 3, 2025
Hackers leaked data on 433,000 U.S. doctors, exposing names, addresses, and emails. Experts warn of phishing, identity theft, and ransomware risks targeting healthcare professionals and ...
Tea App Data Breach Exposes Sensitive Images
Cybersecurity
Tea App Data Breach Exposes Sensitive Images
Gabby Lee September 2, 2025
Tea Dating Advice confirmed a July 2025 breach affecting 4,244 users, exposing sensitive PII, identity documents, and private images, raising concerns over larger-scale data exposure.
NCSC Warns of Malware Campaign Using Fake PDF Editors
Application Security
NCSC Warns of Malware Campaign Using Fake PDF Editors
Mitchell Langley September 2, 2025
The NCSC uncovered a malware campaign using fake PDF editors and manual finder tools to turn devices into residential proxies, enabling criminals to mask their ...
TransUnion Data Breach Exposes Personal Information of 4.4 Million
Cybersecurity
TransUnion Data Breach Exposes Personal Information of 4.4 Million
Gabby Lee September 2, 2025
TransUnion confirmed a cyberattack exposing data of over 4.4 million U.S. consumers, tied to Salesforce breaches attributed to ShinyHunters and UNC6395 extortion groups.
Brokewell Android Malware Spread Through Fake TradingView Ads
Application Security
Brokewell Android Malware Spread Through Fake TradingView Ads
Andrew Doyle September 2, 2025
Cybercriminals are exploiting Meta’s ad network to push fake TradingView Premium apps that secretly install Brokewell malware on Android devices, stealing data and hijacking user ...
SentinelOne Q3 Revenue Jumps 22 Amid Cybersecurity Surge
Cybersecurity
SentinelOne Q3 Revenue Jumps 22% Amid Cybersecurity Surge
Andrew Doyle September 2, 2025
SentinelOne has raised its annual revenue forecast amid surging demand for AI-driven cybersecurity. With its Singularity platform and growing ARR surpassing $1 billion, the company ...
U.S. and Allies Expose Salt Typhoon Cyber Espionage Network
Cybersecurity
U.S. and Allies Expose Salt Typhoon Cyber Espionage Network
Mitchell Langley September 2, 2025
A sweeping international advisory accuses Chinese tech firms of fueling cyber espionage campaigns tied to Salt Typhoon and related groups. The attacks span telecom networks, ...
Senator Wyden Demands Independent Cybersecurity Review of Federal Courts
Cybersecurity
Senator Wyden Demands Independent Cybersecurity Review of Federal Courts
Gabby Lee September 2, 2025
A wave of breaches exposing sealed court records and confidential informant data has drawn sharp criticism of the judiciary’s outdated IT. Senator Ron Wyden is ...
FEMA Fires 24 Staff After DHS Cybersecurity Audit Uncovers Major Failures
Endpoint Security
FEMA Fires 24 Staff After DHS Cybersecurity Audit Uncovers Major Failures
Andrew Doyle September 2, 2025
A DHS audit prompted FEMA to fire 24 staff, including top IT leaders, over cybersecurity failures such as weak authentication and outdated protocols, highlighting federal ...
Maryland’s Paratransit Ransomware Strike Cyberattack Disrupts Disabled Transit Services
News
Maryland’s Paratransit Ransomware Strike: Cyberattack Disrupts Disabled Transit Services
Mitchell Langley September 2, 2025
A ransomware attack on Maryland’s Mobility paratransit system has disrupted critical transportation for disabled residents, blocking new reservations and rebookings. While core transit services remain ...
Critical SharePoint Zero-Day Exploited Immediate Steps Against CVE-2025-53770 Vulnerability
Application Security
Critical SharePoint Zero-Day Exploited: Immediate Steps Against CVE-2025-53770 Vulnerability
Gabby Lee September 2, 2025
A critical zero-day in Microsoft SharePoint, tracked as CVE-2025-53770, is being widely exploited in espionage and ransomware campaigns. Dubbed “ToolShell,” the flaw enables unauthenticated remote ...
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
Cybersecurity
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
Gabby Lee August 28, 2025
Microsoft warns Storm-0501 now focuses on cloud-native extortion: exfiltrating data, destroying backups, and encrypting cloud storage rather than encrypting on-premises endpoints.
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Cybersecurity
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Andrew Doyle August 28, 2025
CPAP’s systems were breached in December 2024, exposing names, SSNs, and protected health information for over 90,000 individuals including military beneficiaries.
Healthcare Services Group Data Breach Impacts 624,000 Individuals After 2024 Network Intrusion
Cybersecurity
Healthcare Services Group Data Breach Impacts 624,000 Individuals After 2024 Network Intrusion
Mitchell Langley August 28, 2025
Healthcare Services Group reports a late-2024 intrusion that exposed personal data for 624,000 people; company offers identity protection and continues forensic investigations.
PromptLock Ransomware Uses AI to Encrypt and Steal Data
Cybersecurity
PromptLock Ransomware Uses AI to Encrypt and Steal Data
Gabby Lee August 28, 2025
Researchers uncovered PromptLock, the first AI-powered ransomware generating malicious Lua scripts via LLM prompts. Though only a proof-of-concept, it highlights risks of weaponized AI in ...
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Application Security
FreePBX Administrator Control Panels Under Active Zero-Day Exploit
Andrew Doyle August 28, 2025
Microsoft warns Storm-0501 now focuses on cloud-native extortion: exfiltrating data, destroying backups, and encrypting cloud storage rather than encrypting on-premises endpoints.
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
Cybersecurity
Miljödata Cyberattack Disrupts Services for More Than 200 Swedish Municipalities
Gabby Lee August 28, 2025
A cyberattack on Miljödata disrupted services across 200+ Swedish municipalities and may have exposed sensitive personal data; a ransom demand of 1.5 BTC was reported.
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
Cybersecurity
Image-Scaling Prompt Injection Exposes Hidden Risks in AI Systems
Mitchell Langley August 28, 2025
Researchers show image-scaling prompt injection can hide executable instructions that surface only after downscaling, enabling LLM-driven data exfiltration across multiple AI platforms.
Auchan Notifies Customers After Loyalty Account Data Exposure in Cyberattack
Cybersecurity
Auchan Notifies Customers After Loyalty Account Data Exposure in Cyberattack
Andrew Doyle August 28, 2025
Auchan disclosed a cyberattack exposing contact and loyalty data for several hundred thousand customers; bank details and passwords were not impacted, CNIL was notified.
Critical Docker Desktop SSRF Vulnerability Compromises Hosts Using Containers
Cybersecurity
Critical Docker Desktop SSRF Vulnerability Compromises Hosts Using Containers
Gabby Lee August 28, 2025
A critical SSRF in Docker Desktop (CVE-2025-9074) let containers reach the Docker Engine API and bind host storage; Docker issued Docker Desktop 4.44.3 to fix ...
Apple Warns Users of Sophisticated Spyware Attacks Across Multiple Countries
Cybersecurity
Apple Warns Users of Sophisticated Spyware Attacks Across Multiple Countries
Mitchell Langley September 15, 2025
Evertec Confirms 130M Fraud Attempt in Sinqia Pix Cyberattack
Cybersecurity
Evertec Confirms $130M Fraud Attempt in Sinqia Pix Cyberattack
Gabby Lee September 4, 2025
Maryland’s Paratransit Ransomware Strike Cyberattack Disrupts Disabled Transit Services
News
Maryland’s Paratransit Ransomware Strike: Cyberattack Disrupts Disabled Transit Services
Mitchell Langley September 2, 2025
Inotiv Ransomware Attack Disrupts Operations After Qilin Claims 176GB Data Theft
News
Inotiv Ransomware Attack Disrupts Operations After Qilin Claims 176GB Data Theft
Gabby Lee August 19, 2025

TOP CYBERSECURITY HEADLINES

U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
Cybersecurity
U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
Temu Fined $2 Million for INFORM Consumers Act Violations
Cybersecurity
Temu Fined $2 Million for INFORM Consumers Act Violations
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
Cybersecurity
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development
Cybersecurity
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development

This Week’s Security Spotlight

This Week In Cybersecurity: September 1–5, 2025
Cybersecurity
This Week In Cybersecurity: September 1–5, 2025
Andrew Doyle September 8, 2025
Cloudflare Confirms Salesforce Breach in Growing Supply Chain Attack
Cybersecurity
Cloudflare Confirms Salesforce Breach in Growing Supply Chain Attack
Andrew Doyle September 4, 2025
Hackers Threaten Google with Data Leak Unless it Fires Threat Intelligence Employees
Cybersecurity
Hackers Threaten Google with Data Leak Unless it Fires Threat Intelligence Employees
Mitchell Langley September 3, 2025
SK Telecom Fined 96.9M After Data Breach Hits 23M Users
Cybersecurity
SK Telecom Hit with Record US$96.9 Million Fine After Data Breach Exposes 23 Million Users
Gabby Lee September 3, 2025
More In News
Trending
ClickFix Phishing Campaign Targets Booking.com Using Infostealers and RATs
Darcula PhaaS 3.0 Auto-Generates Phishing Kits for Any Brand
Sophisticated Gmail Attacks Target Users: FBI Issues “Do Not Click” Alert
This Facebook Phishing Attack Could Steal EVERYTHING!

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Silent Push Raises $10M Series B to Expand Threat Intelligence Platform
September 16, 2025
Podcasts
Google Accused of Shadow Lobbying Against California Privacy Opt-Out Law
September 16, 2025
Podcasts
FinWise Bank Data Breach Exposes 700K Customers Amid Predatory Lending Allegations
September 16, 2025

Cyber Security News

Doctors Outraged After NSW Health Department Leaks Personal and Professional Data
Cybersecurity
Doctors Outraged After NSW Health Department Leaks Personal and Professional Data
September 11, 2025
Salt Typhoon Breach Exposes U.S. Telecom Wiretap Systems
Cybersecurity
Salt Typhoon Breach Exposes U.S. Telecom Wiretap Systems
September 10, 2025
China Is Blurring the Lines Between Civilian AI and Military Power
Cybersecurity
China Is Blurring the Lines Between Civilian AI and Military Power
September 9, 2025
Rose Acre Farms Targeted in Alleged Lynx Ransomware Attack
Cybersecurity
Rose Acre Farms Targeted in Alleged Lynx Ransomware Attack
September 9, 2025
Lovesac Confirms Data Breach Following Ransomware Attack
Cybersecurity
Lovesac Confirms Data Breach Following Ransomware Attack
September 9, 2025
GhostAction Supply Chain Attack on GitHub Exposes 3,325 Secrets
Cybersecurity
GhostAction Supply Chain Attack on GitHub Exposes 3,325 Secrets
September 9, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Detection Tools
Cato Networks Acquires Aim Security to Bolster AI Defense in SASE
September 4, 2025
Cato Networks, a leader in Secure Access Service Edge (SASE), has made its first acquisition, purchasing Aim Security, an AI security startup founded in 2022. ...
Tidal Cyber Secures $10M to Advance Threat-Informed Defense
September 4, 2025
Cybersecurity startup Tidal Cyber, founded in 2022 by three former MITRE experts, has raised $10 million in Series A funding, bringing its total capital to ...
Disney Fined $10M for COPPA Violations Over Mislabeling Kids’ Content on YouTube
September 4, 2025
Disney has reached a $10 million settlement with the U.S. Federal Trade Commission (FTC) after being found in violation of the Children’s Online Privacy Protection ...
Google Patches 111 Android Flaws in September 2025, Including Two Zero-Days Under Attack
September 4, 2025
Google has released its September 2025 Android security patches, addressing a staggering 111 unique vulnerabilities, including two actively exploited zero-day flaws that are already being ...
Santa Fe County Website “Hack” Likely Based on Old Source Code
September 4, 2025
Hackers claimed to leak Santa Fe County’s website source code, but researchers found the data outdated, likely from the early 2010s, raising doubts about its ...
Salesforce Supply Chain Breach Hits Palo Alto Networks Customers
September 4, 2025
Palo Alto Networks confirmed exposure of customer records in a Salesforce breach via Drift tokens, as Unit 42 warned attackers mass-exfiltrated sensitive data and credentials ...
Google Warns of Sitecore Zero-Day: ViewState Deserialization Under Fire
September 4, 2025
A critical zero-day vulnerability, CVE-2025-53690, is being actively exploited in the wild, targeting Sitecore Experience Manager (XM) and Experience Platform (XP) systems deployed with outdated ...
Evertec Confirms $130M Fraud Attempt in Sinqia Pix Cyberattack
September 4, 2025
Hackers breached Evertec’s Brazilian subsidiary Sinqia, attempting a $130 million theft via Pix. Using stolen vendor credentials, they initiated unauthorized transfers before operations were suspended ...
Cloudflare Confirms Salesforce Breach in Growing Supply Chain Attack
September 4, 2025
Cloudflare confirmed its Salesforce instance was breached through compromised SalesLoft and Drift integrations, exposing customer data in a campaign affecting 700+ companies. The company’s detailed ...
Exploring Ransomware EDR-Killer Tools: How New Tactics Undermine Endpoint Security
September 4, 2025
A new wave of EDR-killer tools is reshaping ransomware tactics, enabling groups like RansomHub, Medusa, and Blacksuit to disable endpoint defenses. By exploiting vulnerable drivers ...
Agentic AI Steals Spotlight at Black Hat 2025 with Real-Time Threat Response
September 4, 2025
Agentic AI took center stage at Black Hat USA 2025, marking a definitive pivot from conceptual discussions to real-world deployment. As the cybersecurity industry grapples ...
DHS Cuts $27M Cybersecurity Support: Impact on 19,000 Local Governments
September 4, 2025
The Department of Homeland Security (DHS) will halt $27 million in annual federal funding for the Multi-State Information Sharing and Analysis Center (MS-ISAC) by the ...
TamperedChef Infostealer Delivered Through Fraudulent PDF Editor Ads
September 3, 2025
Cybercriminals used fraudulent Google Ads to spread a fake PDF Editor app delivering TamperedChef infostealer, leveraging code-signing certificates, residential proxy enrollment
Amazon Disrupts Midnight Blizzard Campaign Targeting Microsoft 365
September 3, 2025
Amazon disrupted a Midnight Blizzard campaign where Russian hackers used compromised websites, fake Cloudflare pages, and Microsoft device code abuse to target enterprise Microsoft 365 ...
Zscaler Data Breach Exposes Customer Information After Salesloft Drift Compromise
September 3, 2025
Zscaler confirmed a Salesforce data breach linked to the Salesloft Drift compromise, exposing customer information but not its core services. The incident highlights escalating OAuth ...
Hackers Threaten Google with Data Leak Unless it Fires Threat Intelligence Employees
September 3, 2025
Hackers calling themselves Scattered LapSus Hunters threatened to leak Google databases unless two employees are dismissed, linking their demand to recent Salesforce-driven phishing attacks.
SK Telecom Hit with Record US$96.9 Million Fine After Data Breach Exposes 23 Million Users
September 3, 2025
SK Telecom has been fined $96.9 million after a breach exposed 23 million users’ data, marking the largest privacy penalty ever imposed on a South ...
Hackers Leak Sensitive Healthcare Data of 433,000 U.S. Doctors
September 3, 2025
Hackers leaked data on 433,000 U.S. doctors, exposing names, addresses, and emails. Experts warn of phishing, identity theft, and ransomware risks targeting healthcare professionals and ...
Brokewell Malware Targets Android Users via Fake TradingView Ads on Meta
September 2, 2025
A new and highly sophisticated Android malware campaign, dubbed Brokewell, has emerged as one of the most dangerous mobile threats of 2024–2025. First spotted in ...
Von der Leyen and Shapps Flights Hit by Suspected Russian Electronic Warfare
September 2, 2025
Aviation safety and geopolitics collided when multiple flights carrying high-ranking European and UK officials were hit by suspected Russian GPS jamming. European Commission President Ursula ...
CrowdStrike Acquires Pangea to Launch AI Detection and Response (AIDR)
RaccoonO365: $100K Phishing-as-a-Service Scheme Taken Down
AI-Generated Phishing and Deepfakes Supercharge Social Engineering Attacks
Phoenix Attack Breaks DDR5 Rowhammer Defenses: Root in 109 Seconds
Silent Push Raises $10M Series B to Expand Threat Intelligence Platform
Google Accused of Shadow Lobbying Against California Privacy Opt-Out Law
FinWise Bank Data Breach Exposes 700K Customers Amid Predatory Lending Allegations
Apple Warns Users of Sophisticated Spyware Attacks Across Multiple Countries
Microsoft to Roll Out Built-In Link Warnings for Teams Chats
National Cyber Director Pushes for Aggressive Cyber Strategy to Shift Risk to Adversaries
U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
Temu Fined $2 Million for INFORM Consumers Act Violations
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
Wealthsimple Data Breach Exposes Government IDs in Third-Party Attack
Dynatrace Confirms Customer Data Exposure in Salesforce Supply Chain Breach
External Attack Surface Management: CISO’s Guide to Mitigating Risk Before It Strikes
Salesloft Data Breach Exposes 700 Companies Through OAuth Token Attack
U.S. Charges Ukrainian National for Administering Ransomware
Doctors Outraged After NSW Health Department Leaks Personal and Professional Data