Main Menu
Cyber Security
Echo Secures $35 Million Series A Funding to Advance Cybersecurity Tools
Verisoul Secures $8.8 Million to Enhance Fraud Prevention Technology
Understanding Ransomware Attacks on Hypervisors: A Growing Threat
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
Amazon’s Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
ECB Decision Causes Costly Delays for Bank of England’s Payment System Overhaul
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
Google Chrome Extension With Millions of Users May Be Compromising Privacy
Militant Groups Experiment With AI, Amplifying Threats
SoundCloud’s VPN Restrictions Lead to Access Denials for Users
Unsecured 16TB Database Exposes 4.3 Billion Professional Records
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
Germany Accuses Russia of Cyberattacks on Air Traffic Control and Election Interference
Justice Department Alleges Misleading Compliance in Federal Audit Case
GeoServer Vulnerability Exploitation Facilitates External Entity Attacks
MITRE Highlights XSS and SQL Injection as Top Software Vulnerabilities for 2025
Shadow Spreadsheets’ Stealthy Role in Data Security Risks
Torrent Disguised as Leonardo DiCaprio Film Evades Detection Using Subtle Malware Delivery Technique
Kali Linux Version 2025.4 Introduces New Hacking Tools and Improvements
Fieldtex Ransomware Attack: Akira Group Claims Responsibility
Digital-only eVisa Scheme Faces Scrutiny Over Data Leaks and GDPR Concerns
Gladinet CentreStack Flaw: A Widespread Threat to Organizations
Hackers Claim Breach of Italian Post, Researchers Disagree
Cybersecurity
Hackers Claim Breach of Italian Post, Researchers Disagree
Gabby Lee September 23, 2025
Hackers claim to have breached Poste Italiane, but researchers say the data is recycled from older leaks with fabricated fields, meaning no new compromise actually ...
Baltimore Medical System Claimed by Brain Cipher Ransomware
Cybersecurity
Baltimore Medical System Claimed by Brain Cipher Ransomware
Andrew Doyle September 23, 2025
Brain Cipher claims several terabytes stolen from Baltimore Medical System, posting large server and database samples; impact could include medical identity theft for thousands of ...
Hackers Now Going Straight to the Source — Company Data Backups
Cybersecurity
Hackers Now Going Straight to the Source — Company Data Backups
Andrew Doyle September 22, 2025
Hackers are increasingly targeting company backups, with 18% of breaches linked to backup attacks — crippling recovery efforts and highlighting the urgent need for secure, ...
Hackers Claim Attack on the US's Biggest Sushi Supplier — Again?
Cybersecurity
Hackers Claim Attack on the US’s Biggest Sushi Supplier — Again?
Mitchell Langley September 22, 2025
Ransomware gang Lynx claims to have stolen True World Group data, posting invoices and employee records—raising fears of a new breach and business, identity risks.
Security Flaw in Yellow.ai Chatbot Allowed Cookie Theft and Account Hijacking
Cybersecurity
Security Flaw in Yellow.ai Chatbot Allowed Cookie Theft and Account Hijacking
Mitchell Langley September 18, 2025
A critical flaw in Yellow.ai’s chatbot allowed malicious code injection and cookie theft, putting support agent accounts at risk. The vulnerability has been patched.
Russian Gang Claims Breach of U.S. Broadcaster; Executive Passport Exposed
Cybersecurity
Russian Gang Claims Breach of U.S. Broadcaster; Executive Passport Exposed
Gabby Lee September 18, 2025
Termite claims to have exfiltrated News-Press & Gazette data, posting screenshots that show a U.S. passport and employee contact records, heightening identity-theft concerns.
FBI Warns of UNC6040 and UNC6395 Threat Actors Targeting Salesforce
Cybersecurity
FBI Warns of UNC6040 and UNC6395 Threat Actors Targeting Salesforce
Mitchell Langley September 18, 2025
FBI warns that UNC6040 and UNC6395 are exploiting Salesforce through OAuth abuse and stolen tokens to steal corporate data, extort victims, and pivot into cloud ...
Vietnam Credit Bureau Leak Claims Expose 160 Million Financial Records
Cybersecurity
Vietnam Credit Bureau Leak Claims Expose 160 Million Financial Records
Mitchell Langley September 18, 2025
ShinyHunters claims to sell 160 million CIC credit records from Vietnam. Researchers verified samples; authorities confirm a breach and opened an investigation.
Retina Group of Florida and Hampton Regional Medical Center Report Patient Data Breaches
Cybersecurity
Retina Group of Florida and Hampton Regional Medical Center Report Patient Data Breaches
Andrew Doyle September 18, 2025
Retina Group of Florida and Hampton Regional Medical Center disclosed breaches exposing protected health information for approximately 153,000 patients; investigations, notifications, and monitoring are underway ...
ShinyHunters Claims 160 Million Vietnamese Credit Records Stolen From National Database
Cybersecurity
ShinyHunters Claims 160 Million Vietnamese Credit Records Stolen from National Database
Syed Arslan September 16, 2025
ShinyHunters claims 160 million Vietnam credit records stolen from CIC; samples verified by ReSecurity include PII, credit histories, and government IDs with recent timestamps.
Everest Ransomware Gang Names Allegis Group on Dark Web Claiming Client Lists
Cybersecurity
Everest Ransomware Gang Names Allegis Group on Dark Web Claiming Client Lists
Mitchell Langley September 15, 2025
Everest ransomware gang claims Allegis Group documents and client lists were taken; screenshots show spreadsheets of 135,000 and 426,000 lines, researchers warn of phishing risks.
Apple Warns Users of Sophisticated Spyware Attacks Across Multiple Countries
Cybersecurity
Apple Warns Users of Sophisticated Spyware Attacks Across Multiple Countries
Mitchell Langley September 15, 2025
Apple has warned users in over 150 countries of mercenary spyware attacks using zero-days and zero-click exploits, urging Lockdown Mode and emergency security assistance.
Microsoft to Roll Out Built-In Link Warnings for Teams Chats
Cybersecurity
Microsoft to Roll Out Built-In Link Warnings for Teams Chats
Andrew Doyle September 15, 2025
Microsoft will roll out real-time malicious link warnings for Teams chats in September 2025, adding another security layer to protect enterprise users from phishing and ...
National Cyber Director Pushes for Aggressive Cyber Strategy to Shift Risk to Adversaries
Cybersecurity
National Cyber Director Pushes for Aggressive Cyber Strategy to Shift Risk to Adversaries
Gabby Lee September 11, 2025
National Cyber Director Sean Cairncross calls for a unified cyber strategy, urging CISA 2015 reauthorization, IT modernization, and stronger deterrence measures to shift risk onto ...
U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
Cybersecurity
U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
Mitchell Langley September 11, 2025
The U.S. Treasury sanctioned 19 Southeast Asian cybercrime networks tied to forced labor, trafficking, and scams that stole over $10 billion from Americans in 2024.
Temu Fined $2 Million for INFORM Consumers Act Violations
Cybersecurity
Temu Fined $2 Million for INFORM Consumers Act Violations
Andrew Doyle September 11, 2025
Temu will pay $2 million to settle FTC and DoJ claims it violated the INFORM Consumers Act by failing to disclose seller details and suspicious ...
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
Cybersecurity
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
Gabby Lee September 11, 2025
A major data privacy lapse has rattled the New South Wales (NSW) health system after confidential records of nearly 600 ...
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development
Cybersecurity
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development
Mitchell Langley September 11, 2025
Attackers targeting exposed Docker APIs have upgraded their tools, enabling persistent access, lateral movement, and self-replication—laying the groundwork for a potential large-scale botnet campaign.
Dynatrace Confirms Customer Data Exposure in Salesforce Supply Chain Breach
Cybersecurity
Dynatrace Confirms Customer Data Exposure in Salesforce Supply Chain Breach
Gabby Lee September 11, 2025
Dynatrace confirmed customer data exposure in the Salesforce supply chain breach via Salesloft Drift, joining Cloudflare, Google, and others hit by the Scattered LapSus$ Hunters ...
Wealthsimple Data Breach Exposes Government IDs in Third-Party Attack
Cybersecurity
Wealthsimple Data Breach Exposes Government IDs in Third-Party Attack
Gabby Lee September 11, 2025
Wealthsimple confirmed a third-party data breach exposing account numbers, government IDs, and SINs of 30,000 clients. No funds stolen, but identity theft risks remain significant.
Clop Ransomware Gang Targets Gladinet CentreStack in Data Extortion Attack
News
Clop Ransomware Gang Targets Gladinet CentreStack in Data Extortion Attack
Gabby Lee December 19, 2025
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
Data Security
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
Andrew Doyle December 16, 2025
Clop Ransomware Gang Targets Gladinet CentreStack in Data Extortion Attack
News
Clop Ransomware Gang Targets Gladinet CentreStack in Data Extortion Attack
Gabby Lee December 19, 2025
Askul Ransomware Attack Leads to Compromise of 700,000 Records
News
Askul Ransomware Attack Leads to Compromise of 700,000 Records
Gabby Lee December 17, 2025

TOP CYBERSECURITY HEADLINES

Windows 11 Security Updates Interrupt Enterprise VPN Connectivity
Network Security
Windows 11 Security Updates Interrupt Enterprise VPN Connectivity
Echo Secures $35 Million Series A Funding to Advance Cybersecurity Tools
Cybersecurity
Echo Secures $35 Million Series A Funding to Advance Cybersecurity Tools
Verisoul Secures $8.8 Million to Enhance Fraud Prevention Technology
Cybersecurity
Verisoul Secures $8.8 Million to Enhance Fraud Prevention Technology
Askul Ransomware Attack Leads to Compromise of 700,000 Records
News
Askul Ransomware Attack Leads to Compromise of 700,000 Records

This Week’s Security Spotlight

AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Identity and Access Management
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Andrew Doyle December 17, 2025
All I Want for Christmas is All of Your Data SantaStealer Malware Spreads for the Holidays
Cybersecurity
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
Mitchell Langley December 17, 2025
SoundCloud's VPN Restrictions Lead to Access Denials for Users
Cybersecurity
SoundCloud’s VPN Restrictions Lead to Access Denials for Users
Andrew Doyle December 16, 2025
Email Scam Exploits PayPal's Subscriptions Billing Feature
News
Email Scam Exploits PayPal’s Subscriptions Billing Feature
Gabby Lee December 15, 2025
More In News
Trending
Spiderman Phishing Kit Poses New Threat to European Banks and Crypto Holders
Intense Surge in Phishing Campaigns with New Malicious Domains
Browser Notifications Hijacked for Phishing in Matrix Push C2 Scheme
Sneaky2FA Phishing Kit Adds Browser-in-the-Browser Tool for Stealthier MFA Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Cato Networks Acquires Aim Security to Bolster AI Defense in SASE
September 4, 2025
Podcasts
Tidal Cyber Secures $10M to Advance Threat-Informed Defense
September 4, 2025
Podcasts
Disney Fined $10M for COPPA Violations Over Mislabeling Kids’ Content on YouTube
September 4, 2025

Cyber Security News

Hackers Claim SAS Institute Breach, But Evidence Suggests Public, Outdated Files
Cybersecurity
Hackers Claim SAS Institute Breach, But Evidence Suggests Public, Outdated Files
November 21, 2025
Preparing for the Quantum Threat Palo Alto Networks CEO Predicts Security Overhaul by 2029
Cybersecurity
Preparing for the Quantum Threat: Palo Alto Networks CEO Predicts Security Overhaul by 2029
November 21, 2025
Palo Alto Networks to Acquire Chronosphere in $3.35 Billion Cloud Observability Deal
Cybersecurity
Palo Alto Networks to Acquire Chronosphere in $3.35 Billion Cloud Observability Deal
November 21, 2025
Rising DevOps Threats Drive Urgent Need for Automated Repository Backups
Application Security
Rising DevOps Threats Drive Urgent Need for Automated Repository Backups
November 21, 2025
Mate Raises $15.5 Million to Launch Enterprise-Focused Cloud Security Platform
Cybersecurity
Mate Raises $15.5 Million to Launch Enterprise-Focused Cloud Security Platform
November 21, 2025
Secure.com Launches AI-Powered Digital Security Teammate After $4.5M Seed Funding
Cybersecurity
Secure.com Launches AI-Powered Digital Security Teammate After $4.5M Seed Funding
November 21, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
ICO Fines U.K. Energy Firms £550K for Unlawful Robo Marketing Calls
September 30, 2025
The ICO fined two U.K. energy companies £550K for unlawful robo-calls that targeted vulnerable individuals. Consumers are urged to register with TPS and report suspicious ...
UK Arrests Suspect in Ransomware Attack That Disrupted European Airports
September 30, 2025
UK police arrested a suspect in the Collins Aerospace MUSE ransomware attack that disrupted major European airports; investigators continue forensic work while airports rely on ...
Dark Web Monitoring Guide for CISOs: Turning Shadows into Signals
September 30, 2025
Dark web monitoring gives CISOs early warning of breaches, ransomware, and credential leaks. Turning intelligence into action helps enterprises anticipate attacks instead of merely reacting.
CISA’s Sunset Clause: What Happens if America’s Cyber Threat Shield Expires?
September 30, 2025
The Cybersecurity Information Sharing Act (CISA), first enacted in 2015, is facing a critical expiration deadline in September 2025. Without reauthorization, the law that shields ...
GhostSec – From Hacktivist to Ransomware Warlord
September 30, 2025
GhostSec evolved from hacktivist roots into a hybrid ransomware threat, using GhostLocker to target global sectors with encryption, extortion, and high-impact double-extortion campaigns.
How to Remove a Hacker’s Access From a Hacked Device
September 30, 2025
Hacked phones can expose sensitive data to fraud, identity theft, and financial loss. This guide explains how to spot signs of compromise, regain control through ...
5 Cybersecurity Blind Spots Most Companies Ignore
September 30, 2025
Cyberattacks often exploit overlooked weaknesses, not just firewalls or antivirus gaps. This article highlights five common cybersecurity blind spots—shadow IT, poor access controls, unpatched systems, ...
Crypto Theft on macOS: XCSSET Malware Swaps Wallet Addresses in Real Time
September 29, 2025
A new and more dangerous variant of the XCSSET macOS malware has been uncovered by Microsoft, revealing an expanded arsenal of capabilities aimed at financial ...
Nine High-Severity Vulnerabilities Expose Cognex Legacy Cameras to Cyber Threats
September 29, 2025
Cybersecurity researchers at Nozomi Networks have uncovered nine high-severity vulnerabilities in several older models of Cognex industrial cameras, including the widely deployed In-Sight 2000, 7000, ...
Microsoft Cuts Services to Israeli Military Unit After Surveillance Revelations
September 29, 2025
Microsoft has taken the unprecedented step of cutting off services to an Israeli military unit after internal and external investigations revealed its cloud and AI ...
Ghana, Senegal, Ivory Coast at the Center of Interpol’s Multi-Nation Cybercrime Takedown
September 29, 2025
Interpol has announced the results of a sweeping cybercrime operation across 14 African nations, leading to the arrest of 260 individuals behind romance scams and ...
Legislative Shifts in Cybersecurity: Analyzing the Impact of EU and UK Cyber Laws
September 29, 2025
How will Europe’s new cyber laws change operational risk? This analysis explains the impact of the EU Cyber Solidarity Act and the UK CSRB on ...
Cisco ASA 5500-X Devices Under Attack: U.S. CISA Issues Emergency Directive
September 29, 2025
CISA has issued an emergency directive following active exploitation of Cisco ASA 5500-X firewalls. Federal agencies must audit and patch devices immediately, as vulnerabilities allow ...
Harrods Data Breach Exposes Customer Details in Third-Party Hack
September 29, 2025
Britain is facing a troubling wave of cyberattacks that has shaken some of its most high-profile organizations. Harrods, the world-renowned luxury retailer, confirmed that customer ...
Teen Suspect in Scattered Spider Casino Hacks Allegedly Holds $1.8M Bitcoin
September 29, 2025
A 17-year-old accused of aiding the 2023 MGM and Caesars cyberattacks faces six felony charges. Linked to Scattered Spider, prosecutors allege he holds $1.8M in ...
AI-Driven Zero-Day Attacks: Preparing for the Autonomous Cyber Threat Era
September 25, 2025
Autonomous AI agents are fueling a new wave of cyber threats, creating adaptive zero-day exploits and deepening risks for enterprises. Emerging defenses like AI Detection ...
Black Arrow Cyber Threat Intelligence Briefing: Analyzing Emerging Attack Vectors
September 25, 2025
Black Arrow’s 2025 Cyber Threat Intelligence Briefing highlights rising cyber threats, including AI-driven phishing, deepfake social engineering, ransomware, and nation-state exploits. CFOs, executives, and critical ...
Congress Struggles to Renew Cyber Threat Sharing Act Amid Rising Cybersecurity Concerns
September 25, 2025
The Cybersecurity Information Sharing Act (CISA) of 2015 is set to expire on September 30, 2025, with Congress divided on renewal. Political gridlock threatens critical ...
Brickstorm Backdoor Used Espionage Campaign Against U.S. Tech
September 25, 2025
Google reports Chinese hackers used Brickstorm malware to infiltrate U.S. tech and legal sectors for over a year, exfiltrating data while bypassing traditional security defenses.
GitHub Notifications Abused to Impersonate Y Combinator for Crypto Theft
September 25, 2025
Attackers abused GitHub issue notifications to impersonate YC, trick developers into EIP-712 signatures and drain wallets—inspect signed JSON, revoke approvals, and move assets now.
Windows 11 Security Updates Interrupt Enterprise VPN Connectivity
Echo Secures $35 Million Series A Funding to Advance Cybersecurity Tools
Verisoul Secures $8.8 Million to Enhance Fraud Prevention Technology
Askul Ransomware Attack Leads to Compromise of 700,000 Records
Understanding Ransomware Attacks on Hypervisors: A Growing Threat
Russian Hackers Shift Focus Toward Exploiting Misconfigurations
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo
Amazon’s Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
ECB Decision Causes Costly Delays for Bank of England’s Payment System Overhaul
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
FreePBX Critical Vulnerability Enables Potential Authentication Bypass
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals