Cyber Security
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
Predatory Sparrow Drains and Burns $90M in Cyberattack on Iran’s Nobitex Exchange
News
Predatory Sparrow Drains and Burns $90M in Cyberattack on Iran’s Nobitex Exchange
Predatory Sparrow claims responsibility for a politically motivated cyberattack on Iran’s Nobitex exchange, draining and burning over $90 million in unusable cryptocurrency.
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
News
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
BeyondTrust patched a critical vulnerability (CVE-2025-5309) in its Remote Support software that allowed unauthenticated attackers to gain full remote code execution on servers.
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
News
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
China-backed Salt Typhoon breached Viasat in a broader espionage campaign against U.S. telecoms ahead of the 2024 election, targeting both government and private networks.
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
News
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
A World Leaks ransomware attack on Freedman Healthcare may expose over 42,000 sensitive files. The health tech firm supports data systems for 27 U.S. state ...
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
News
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
CISA warns of active exploitation targeting outdated TP-Link routers with command injection flaws. Users and federal agencies must act fast to avoid security breaches.
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
News
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
Scattered Spider may have pivoted from retail to insurance, with Erie Indemnity likely its first U.S. victim. Experts urge insurers to prepare for advanced phishing ...
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
News
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
EDRi is calling for a full ban on spyware in the EU, warning that unchecked surveillance software threatens human rights, democratic institutions, and cybersecurity.
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
News
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
Several Washington Post journalists’ Microsoft email accounts were compromised in a cyberattack believed to be the work of a foreign government targeting national security reporting. ...
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
News
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
Cybercriminals are now targeting the U.S. insurance sector with Scattered Spider-style tactics—experts warn of imminent threats involving phishing, SIM swapping, and MFA abuse.
Zoomcar Confirms Data Breach Impacting 8.4 Million Users Following Threat Actor Alert
News
Zoomcar Confirms Data Breach Impacting 8.4 Million Users Following Threat Actor Alert
Zoomcar has confirmed a cybersecurity breach affecting 8.4 million users, exposing names, contact details, and vehicle data—but not financial information or passwords.
Hackers Claim Breach of Scania’s Corporate Insurance Arm, 34,000 Files Allegedly Stolen
News
Hackers Claim Breach of Scania’s Corporate Insurance Arm, 34,000 Files Allegedly Stolen
Hackers claim to have breached Scania’s corporate insurance arm, stealing 34,000 internal files. The targeted platform remains offline, citing maintenance.
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
News
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
A ransomware attack forced Germany’s century-old napkin manufacturer Fasana into insolvency, halting production, delaying salaries, and causing losses over €2 million in two weeks.
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
Cybersecurity
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
Hackers have claimed to leak a database containing 64 million records linked to T-Mobile, one of the largest mobile carriers ...
Debt Collection Breach at CCC Exposes Data of Over 9 Million Americans
News
Debt Collection Breach at CCC Exposes Data of Over 9 Million Americans
A cyberattack on Credit Control Corporation exposed data of 9.1 million Americans, including personal and financial records. Attackers may exploit the information for targeted scams. ...
Yes24 Ransomware Attack Disrupts South Korea’s Entertainment Industry, Exposes Millions to Risk
News
Yes24 Ransomware Attack Disrupts South Korea’s Entertainment Industry, Exposes Millions to Risk
A ransomware attack on Yes24, South Korea’s leading ticket platform, brought services to a halt, disrupted major K-pop events, and triggered fears over customer data ...
Cyberattack Disrupts WestJet Internal Systems, Airline Investigating with Authorities
News
Cyberattack Disrupts WestJet Internal Systems, Airline Investigating with Authorities
A cyberattack on Canada’s second-largest airline, WestJet, disrupted internal systems and app access, prompting an ongoing investigation involving law enforcement and transport authorities.
Over 46,000 Grafana Instances Still Vulnerable to 'Grafana Ghost' Account Takeover Bug
News
Over 46,000 Grafana Instances Still Vulnerable to ‘Grafana Ghost’ Account Takeover Bug
A critical vulnerability in Grafana leaves over 46,000 internet-facing instances exposed to account hijacking and JavaScript injection through malicious plugin redirects.
Victoria’s Secret Restores Critical Systems Following Cyberattack That Delayed Q1 Earnings
News
Victoria’s Secret Restores Critical Systems Following Cyberattack That Delayed Q1 Earnings
Victoria’s Secret confirms full restoration of core systems after a May cyberattack disrupted corporate operations and forced a delay in the company’s Q1 earnings release. ...
Graphite Spyware Used in Zero-Click iOS Attacks on European Journalists
News
Graphite Spyware Used in Zero-Click iOS Attacks on European Journalists
Citizen Lab confirms Paragon’s Graphite spyware exploited an iOS zero-day to launch zero-click attacks on European journalists through iMessage without any user interaction.
Password-Spraying Campaign Hits Over 80,000 Microsoft Entra ID Accounts with TeamFiltration Tool
News
Password-Spraying Campaign Hits Over 80,000 Microsoft Entra ID Accounts with TeamFiltration Tool
Threat actor UNK_SneakyStrike used TeamFiltration to launch password-spraying attacks on over 80,000 Microsoft Entra ID accounts across hundreds of global organizations.

TOP CYBERSECURITY HEADLINES

SECURITYWEEK INDUSTRY EXPERTS

Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
New FileFix Attack Exploits Windows File Explorer to Deliver Stealthy Commands
A researcher has revealed a new FileFix attack that abuses Windows File Explorer’s address bar to stealthily execute commands, expanding on previous ClickFix phishing techniques. ...
Trojanized SonicWall NetExtender Client Targets VPN Credentials via Spoofed Sites
SonicWall and Microsoft have discovered a trojanized version of the NetExtender VPN client being distributed via spoofed websites, stealing remote access credentials from unsuspecting users. ...
Two Healthcare Data Breaches Expose Over 220,000 Records at Mainline Health and Select Medical
Mainline Health and Select Medical Holdings have disclosed separate data breaches impacting more than 220,000 individuals, with ransomware and third-party compromise behind the incidents.
New Spear Phishing Campaign Targets Financial Executives Using Legitimate Remote Access Tools
A sophisticated spear phishing campaign is targeting CFOs and finance leaders worldwide, using legitimate tools like NetBird and OpenSSH to quietly breach enterprise networks.
The Siemens-Microsoft Antivirus Dilemma Threatening OT Security
This episode examines a serious conflict between Siemens’ Simatic PCS industrial control systems and Microsoft Defender Antivirus. The absence of an “alert only” mode in ...
Prometei Botnet’s Global Surge: A Threat to Linux and Windows Systems Alike
Prometei is one of the most persistent and sophisticated botnet threats in circulation today. First identified in 2020—and active since at least 2016—this modular malware ...
UK Government Warns of £1.6 Million in Ticket Scams Ahead of Glastonbury Festival
Concertgoers in the UK have lost over £1.6 million to ticket fraud in 2024, prompting urgent warnings from the government as festival season begins.
Patient Trust on the Line: The Fallout from McLaren Health Care’s 2024 Breach
In this episode, we dive into the 2024 McLaren Health Care data breach that compromised the sensitive information of over 743,000 individuals—just one year after ...
170K-Record Database Exposes Unencrypted PII from Real Estate Sector
A misconfigured database tied to a U.S. real estate firm exposed 170,000 records of sensitive personal and internal data, including Social Security numbers and employment ...
NeuralTrust’s Echo Chamber: The AI Jailbreak That Slipped Through the Cracks
This podcast dives deep into one of the most pressing vulnerabilities in modern AI — the rise of sophisticated “jailbreaking” attacks against large language models ...
AT&T, Verizon, and Beyond: How Salt Typhoon Targets Global Telcos
In this episode, we dive deep into the alarming revelations about Salt Typhoon—a Chinese state-sponsored advanced persistent threat (APT) actor, also known as RedMike, Earth ...
Anubis Ransomware: A Destructive, Cross-Platform Threat
Anubis ransomware combines encryption and file-wiping capabilities, targeting Windows, Linux, and NAS systems with stealthy command-line execution and affiliate-driven campaigns across multiple industries.
Fake Microsoft, Netflix, & Apple Support: The Scam Lurking in Google Search
In this eye-opening episode, we break down a sophisticated new trend in tech support scams (TSS) that’s catching even the most cautious users off guard. ...
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
Nucor, North America’s largest steel producer, has confirmed data theft following a cybersecurity breach that temporarily disrupted operations and forced system shutdowns.
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
Canada confirms a state-sponsored breach in its telecom sector, where Salt Typhoon exploited an unpatched Cisco vulnerability to compromise devices and reroute sensitive network traffic. ...
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
Russian state-sponsored hackers targeted a critic of the Kremlin using a novel social engineering tactic that tricked the victim into bypassing multi-factor authentication protections.
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
A massive breach has exposed 16 billion login credentials, potentially affecting services like Facebook, Google, and Apple. This fresh infostealer data opens the door to ...
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
Russian threat group APT28 is using Signal messages to deliver new malware—BeardShell and SlimAgent—targeting Ukrainian government entities through sophisticated phishing and loader tactics.
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
Anubis ransomware group claims to hold 64GB of Disneyland Paris data, including engineering plans and behind-the-scenes content, though the source and sensitivity remain unclear.
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
Oxford City Council has confirmed a cybersecurity breach involving legacy systems, exposing election worker data from 2001 to 2022 after detecting unauthorized access to its ...
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
FBI Issues Alert as Cybercriminals Impersonate Health Fraud Investigators to Steal Patient Data
Johnson Controls Begins Notifying Individuals Impacted by 2023 Ransomware Attack
Ransomware Attack on Swiss Government Vendor Leads to Massive Data Leak
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
Canada Orders Hikvision to Shut Down National Operations Over Security Concerns
Chrome’s Latest Zero-Day: CVE-2025-6554 and Remote Code Execution Risks
Russia’s 16KB Curtain: Cloudflare Throttling and the Future of the RuNet
Ahold Delhaize Data Breach: 2.2 Million Employee Records Exposed
This Week In Cybersecurity: 23rd June to 27th June
Why Canada Banned Hikvision: National Security vs. Geopolitics
INC Ransomware: TTPs, Impact and Mitigation
Scattered Spider Takes Flight: Inside the Cybercrime Group’s Move into Aviation
Cyberattack on Hannaford Exposes Data of Over 2.2 Million, Including 95,000 Mainers
Data Breaches at Sheffield City Council Surge to Three-Year High Amid Growing Cybersecurity Concerns
Scattered Spider Ransomware Group Turns Its Focus to North American Airlines
Scattered Spider Expands Attacks to Aviation and Transportation Sectors
Massive Data Breach Hits U.S. Federal Bureau of Prisons, Exposes Sensitive Inmate Information
Fortnite and the FTC: How Epic Games Misled Players into Unwanted Purchases
Microsoft 365 Direct Send Exploited: How Phishing Emails Masquerade as Internal Messages