Cyber Security
News
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
Mitchell Langley
May 30, 2025
Chinese APT41 hackers used Google Calendar to run malware operations and exfiltrate data, exploiting Calendar events for covert command-and-control and stealth communications.
News
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
Mitchell Langley
May 29, 2025
Medusa ransomware claims a 150GB data breach at RE/MAX and demands $200K ransom. Exposed files include agent details, commissions, and internal property documents.
News
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
Mitchell Langley
May 29, 2025
BSI warns of an unpatched flaw in Windows Server 2025 Active Directory that allows domain takeover via dMSA. Microsoft rates it moderate; Germany rates it ...
News
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
Andrew Doyle
May 29, 2025
An exposed Azure storage bucket leaked 1.6 million customer emails from Etsy, TikTok Shop, and others, revealing names, addresses, and order data.
News
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
Andrew Doyle
May 29, 2025
Everest ransomware group claims to have breached Jordan Kuwait Bank, stealing 11.7GB of internal data, including personal employee details, and demanding ransom by May 31. ...
News
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
Mitchell Langley
May 29, 2025
Chaos ransomware has claimed a cyberattack on the Salvation Army, threatening to leak sensitive charity data unless demands are met. Scope and content remain undisclosed. ...
News
Alleged AT&T Data Breach Exposes 31 Million Records
Andrew Doyle
May 28, 2025
Hackers claim to have leaked 31 million AT&T user records, including tax IDs and IPs, though researchers cannot confirm the breach due to limited data ...
News
Russian Espionage Group ‘Laundry Bear’ Hacks Dutch Police and NATO-Aligned Targets
Andrew Doyle
May 28, 2025
Dutch intelligence links a new Russian cyber espionage group, Laundry Bear, to attacks on NATO entities and the Dutch police targeting sensitive military and diplomatic ...
News
Firmware and Bootloaders Under Attack as Hackers Target Pre-OS Environments
Mitchell Langley
May 28, 2025
Hackers are escalating attacks on BIOS and bootloaders, exploiting pre-OS vulnerabilities to maintain persistence, evade detection, and bypass Secure Boot protections.
News
Everest Ransomware Gang Targets $5.4B Global Hospital Group Mediclinic
Andrew Doyle
May 28, 2025
Everest ransomware gang claims cyberattack on global hospital group Mediclinic, stealing employee data and 4GB of internal files. Ransom deadline set for five days.
News
Rhysida Ransomware Gang Claims Cyberattack on Brazilian Chevrolet Retailer
Mitchell Langley
May 28, 2025
Rhysida ransomware gang claims to have breached Carrera, a leading Brazilian Chevrolet dealership, demanding $1 million and threatening to leak passports and contracts.
News
Coca-Cola Data Breach: Employee Details Leaked After Ignored Ransom Demand
Mitchell Langley
May 28, 2025
Hackers leaked Coca-Cola employee data after the company ignored Everest ransomware’s ransom demand. The breach exposed passport scans, visa documents, and personal IDs online.
News
Coinbase Faces Investor Lawsuit After Data Breach Exposes 69,000+ Customers
Mitchell Langley
May 27, 2025
Coinbase faces a class action lawsuit after a breach exposed data of over 69,000 users. Insider involvement and financial impact raise enterprise security concerns.
News
Global Data Breach Exposes 184 Million Credentials from Major Tech and Government Platforms
Andrew Doyle
May 27, 2025
A global data breach exposed 184 million credentials from tech, government, and banking platforms, highlighting serious risks of credential stuffing, phishing, and ransomware attacks.
News
Healthcare Data Breaches Hit Providers in Four U.S. States, Impacting Over 60,000 Individuals
Andrew Doyle
May 27, 2025
Healthcare data breaches in NJ, PA, IA, and LA compromise sensitive information of over 60,000 individuals, including Social Security numbers and health records.
News
U.S. and Allies Release Security Guidance to Protect AI Models from Tampering and Exploitation
Mitchell Langley
May 27, 2025
The U.S. and allies urge stronger protections for AI systems, warning that data tampering and system vulnerabilities pose rising risks to critical infrastructure.
News
Adidas Confirms Third-Party Data Breach Exposing Global Customer Information
Mitchell Langley
May 27, 2025
Adidas confirms a third-party data breach involving customer service data. No payment information was leaked, but global exposure is possible due to Adidas' vast reach. ...
News
Cetus Protocol Hit by $223 Million Cryptocurrency Heist, $5M Bounty Offered
Mitchell Langley
May 26, 2025
Hackers stole $223 million from Cetus Protocol via a blockchain exploit. The platform offers a whitehat deal and $5 million bounty to recover stolen funds. ...
News
Qilin Ransomware Gang Targets Luxury Jet Firm Elit Avia, Leaks Staff Documents
Andrew Doyle
May 26, 2025
Ransomware group Qilin posts alleged staff data from Elit Avia, including passport photos, raising security concerns for employees at the luxury private jet operator.
News
Operation Endgame Dismantles 300 Servers in Global Ransomware Infrastructure Crackdown
Mitchell Langley
May 26, 2025
Operation Endgame dismantled 300 servers and 650 domains supporting ransomware campaigns, while U.S. authorities indicted 16 cybercriminals tied to DanaBot malware and botnet operations.
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle
May 12, 2025
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Syed Arslan
May 8, 2025
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
Application Security
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
Andrew Doyle
June 12, 2025
News
Food Delivery App GonnaOrder Leaked Customer Names, Addresses, and Order Info for Nearly Two Years
Andrew Doyle
June 12, 2025
News
Ransomware Attack on Mastery Schools Exposes Thousands of Sensitive Records, Including Credit Card and Biometric Data
Andrew Doyle
June 12, 2025
News
Headero App Data Leak Exposes Over Four Million Sensitive User Records, Including GPS and Sexual Preferences
Mitchell Langley
June 12, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
June 4, 2025
Volkswagen is investigating Stormous ransomware group’s breach claims, but internal reviews show no unauthorized access or compromised data within the company’s systems so far.
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
June 4, 2025
CISA has warned U.S. agencies of active attacks exploiting a ScreenConnect vulnerability and critical flaws in ASUS routers and Craft CMS. Patches and mitigations are ...
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
June 3, 2025
The North Face has confirmed a credential stuffing attack in April, exposing customer data including names, addresses, and emails. Payment information remains unaffected.
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
June 3, 2025
North Dakota-based Nokota Packers has reportedly suffered a ransomware attack by the J Group gang, with hackers claiming to have stolen 50GB of sensitive data. ...
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
June 3, 2025
Stormous ransomware gang claims a breach at Volkswagen, but provides no sample data. Researchers find no evidence yet of compromised systems or stolen information.
Google Chrome vs. Failing CAs: The Policy Behind the Distrust
June 3, 2025
In this episode, we dissect Google’s recent and upcoming decisions to distrust several Certificate Authorities (CAs) within the Chrome Root Store, including Entrust, Chunghwa Telecom, ...
CVE-2025-48827 & 48828: How vBulletin’s API and Template Engine Got Weaponized
June 3, 2025
Two critical, actively exploited vulnerabilities in vBulletin forum software—CVE-2025-48827 and CVE-2025-48828—have put thousands of websites at immediate risk of full system compromise. In this episode, ...
JINX-0132: How Cryptojackers Hijacked DevOps Infrastructure via Nomad and Docker
June 3, 2025
In this episode, we dissect the JINX-0132 cryptojacking campaign — a real-world example of how threat actors are exploiting cloud and DevOps environments to mine ...
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
June 3, 2025
Cartier has confirmed a cyberattack that exposed limited customer data, including names and email addresses. Sensitive financial and login information was not compromised.
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
June 3, 2025
The Russian Market has surged in popularity as a major cybercrime marketplace, offering stolen credentials harvested by info-stealer malware like Lumma and Acreed.
Multi-Stage Phishing Attacks Now Use Google Infrastructure—Here’s How
June 2, 2025
Recent phishing campaigns have entered a new phase—one where trust is weaponized. In this episode, we break down how cybercriminals are exploiting legitimate services like ...
Password Hashes Leaked via Linux Crash Handlers: The Truth Behind CVE-2025-5054 & 4598
June 2, 2025
In this episode, we unpack two newly disclosed Linux vulnerabilities—CVE-2025-5054 and CVE-2025-4598—discovered by the Qualys Threat Research Unit (TRU). These race condition flaws impact Ubuntu’s ...
Inside the AVCheck Takedown: How Law Enforcement Disrupted a Key Cybercrime Tool
June 2, 2025
In this episode, we unpack the international takedown of AVCheck, one of the largest counter antivirus (CAV) services used by cybercriminals to test and fine-tune ...
Kaiser Permanente Recovers from Widespread Network Outage That Disrupted Patient Services Nationwide
June 1, 2025
Kaiser Permanente suffered a major network outage that disrupted electronic health records and patient services across the U.S. System functionality was restored the following day. ...
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
June 1, 2025
Latrodectus malware infected over 44,000 IP addresses before Operation Endgame's global takedown, with Shadowserver warning of critical ongoing threats across infected systems.
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
June 1, 2025
Germany has named Vitaly Kovalev, aka "Stern," as the leader of the Conti ransomware and TrickBot gangs in a major breakthrough tied to Operation Endgame. ...
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
June 1, 2025
Exploit details for a critical Cisco IOS XE Wireless LAN Controller vulnerability (CVE-2025-20188) are now public, raising urgent concerns about remote code execution risks.
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
June 1, 2025
Two critical vBulletin vulnerabilities, actively exploited in the wild, allow attackers to execute code remotely by abusing template logic and PHP’s Reflection API.
184 Million Login Credentials Exposed in Major Unprotected Database Leak
June 1, 2025
Over 184 million login credentials were exposed online in plain text, revealing widespread negligence in data protection and the growing threat of credential-based cyberattacks.
Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers
May 30, 2025
In this episode, we dive into the graphical corruption saga triggered by Firefox version 139, released on May 27, 2025. Aimed at uncovering what went ...