Main Menu
Cyber Security
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
Algerian Phishing Marketplace Operator Extradited to US
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Samsung KNOX Kernel Flaw CVE-2026-20971 Affects Galaxy S9 to S25
macOS ClickFix Variant Silently Mounts DMG to Deploy AMOS Stealer
Dify DifyTap Flaws Expose Cross-Tenant AI App Data
Fake AI Agent Skill Reaches 26,000 Agents in Supply Chain Test
Canada’s CSIS Uses Court Warrant to Dismantle Foreign Botnet
Elastic Exposes OXLOADER and CastleStealer in Russian Malvertising
Understanding Cloud Detection and Response (CDR) and Its Security Role
FFmpeg PixelSmash Heap Overflow Enables RCE in Media Apps
Microsoft AutoGen AI Framework Vulnerable to Localhost RCE
WhatsApp Phishing Deploys ManageEngine RMM Malware Across Continents
TeamPCP Open-Source Supply Chain Investigation Reveals Years of Access
Multiple Groups Exploit Critical FortiSandbox Flaws Across 200 Countries
Kodak Confirms Data Breach After ShinyHunters Sets Leak Deadline
F5 Emergency Patch: Critical NGINX Unauthenticated RCE Hits 40 Percent of Web Servers
Atlassian and Splunk Patch Critical Flaws: Splunk AI Toolkit RCE, Atlassian Dependencies
Critical Command Execution Vulnerability Patched in Cisco ISE
Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps
Phantom Stealer Fileless Malware Targets Browser Credentials in Memory
INC Ransomware Targets Healthcare, Education, and Local Government
ClickFix Campaign Linked to Vice Society Uses Compromised WordPress Sites
FortiBleed Compromises 74K Fortinet Firewall Credentials Worldwide
Sam Altman's Eyeball-Scanning Orb Takes on a New Role in AI Integration
Cybersecurity
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Gabby Lee March 18, 2026
Sam Altman integrates agentic AI with his eyeball-scanning orb, enhancing its applications in cryptography and bot identification.
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
Cybersecurity
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
Andrew Doyle March 18, 2026
UK Companies House vulnerability exposed millions of firm details, potentially allowing unauthorized access and record alteration.
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
Cybersecurity
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
Mitchell Langley March 18, 2026
Researchers expose a method leveraging DNS queries for data exfiltration from AI code execution environments.
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Cybersecurity
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Mitchell Langley March 18, 2026
The EU Council has sanctioned three entities and two individuals involved in cyberattacks on critical infrastructure within the region.
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Cybersecurity
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Gabby Lee March 18, 2026
How identity-based access control for AI agents helps safeguard against misuse and data exposure.
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Application Security
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Andrew Doyle March 18, 2026
A font-rendering vulnerability manipulates AI assistants by concealing malicious web commands in innocent HTML.
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
Cybersecurity
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
Gabby Lee March 18, 2026
Surf AI secures $57M in funding for its security operations platform.
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
News
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Andrew Doyle March 18, 2026
LeakNet ransomware integrates ClickFix for access, shifting from traditional entry strategies.
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Cybersecurity
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Mitchell Langley March 18, 2026
The RondoDox botnet targets 174 vulnerabilities, increasing activity to 15,000 exploitation attempts daily.
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Cybersecurity
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Gabby Lee March 18, 2026
Major tech and retail organizations have banded together to address online scams and fraud, establishing a first-of-its-kind industry accord designed ...
Tech Giants Invest $12.5 Million in Open Source Software Security
Cybersecurity
Tech Giants Invest $12.5 Million in Open Source Software Security
Andrew Doyle March 18, 2026
Major tech firms contribute $12.5 million to enhance open source software security.
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Application Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Andrew Doyle March 17, 2026
Attack leverages stolen GitHub tokens to introduce malware into numerous Python repositories.
Stryker's Internal Microsoft Environment Was Breached Last Week
Cybersecurity
Stryker’s Internal Microsoft Environment Was Breached Last Week
Gabby Lee March 17, 2026
Stryker's internal Microsoft environment breach led to the remote wiping of tens of thousands of employee devices last week.
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
News
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
Mitchell Langley March 17, 2026
Royal Bahrain Hospital reportedly targeted by Payload ransomware, with 110 GB of sensitive data allegedly stolen.
Phishing Attack Hits Intuitive's Internal IT Business Systems
News
Phishing Attack Hits Intuitive’s Internal IT Business Systems
Mitchell Langley March 17, 2026
Intuitive's internal systems hit by phishing attack; patient operations remain unaffected.
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
Cybersecurity
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
Andrew Doyle March 17, 2026
Russian-linked threat actors deploy DRILLAPP backdoor campaign in Ukraine.
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Application Security
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Andrew Doyle March 17, 2026
Explore how new malware strains are targeting users with advanced methods and reverse engineering insights.
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
Cybersecurity
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
Andrew Doyle March 17, 2026
Companies House fixes a security flaw in WebFiling, protecting UK companies' data.
How AI Is Making Financial Fraud 4.5 Times More Profitable
Cybersecurity
How AI Is Making Financial Fraud 4.5 Times More Profitable
Andrew Doyle March 17, 2026
Financial fraud schemes using AI boost profitability by 4.5 times, Interpol reports.
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Application Security
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Mitchell Langley March 17, 2026
Microsoft is addressing an Exchange Online outage impacting mailbox and calendar access.
Application Security
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
Mitchell Langley June 24, 2026
Cybersecurity
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Gabby Lee June 24, 2026
Cybersecurity
Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps
Gabby Lee June 23, 2026
Cybersecurity
Phantom Stealer Fileless Malware Targets Browser Credentials in Memory
Gabby Lee June 23, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Application Security
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
CVE Vulnerability Alerts
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
Cybersecurity
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown

This Week’s Security Spotlight

Cybersecurity
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
Mitchell Langley June 24, 2026
Application Security
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Gabby Lee June 24, 2026
Cybersecurity
Multiple Groups Exploit Critical FortiSandbox Flaws Across 200 Countries
Gabby Lee June 23, 2026
Atlassian and Splunk Patch Critical Flaws Splunk AI Toolkit RCE, Atlassian Dependencies
Cybersecurity
Atlassian and Splunk Patch Critical Flaws: Splunk AI Toolkit RCE, Atlassian Dependencies
Gabby Lee June 23, 2026
More In News
Trending
WhatsApp Phishing Deploys ManageEngine RMM Malware Across Continents
iRhythm Confirms PHI Exfiltration via Social Engineering
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
The Quarry PhaaS: IRS Lures, ConnectWise RAT, 500+ Victims

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Cato Networks Acquires Aim Security to Bolster AI Defense in SASE
September 4, 2025
Podcasts
Tidal Cyber Secures $10M to Advance Threat-Informed Defense
September 4, 2025
Podcasts
Disney Fined $10M for COPPA Violations Over Mislabeling Kids’ Content on YouTube
September 4, 2025

Cyber Security News

Cybersecurity
Russia’s FSB Claims Foreign Spies Installed Phone Surveillance Malware
June 3, 2026
Cybersecurity
Europol Operation KRATOS 2 Dismantles 9 Illegal Streaming Crime Groups
June 3, 2026
Application Security
CVE-2026-8206 Kirki Plugin Exploited; 500,000 WordPress Sites at Risk
June 3, 2026
CVE Vulnerability Alerts
CVE-2026-0826 (CVSS 9.2): Unauthenticated RCE in HP Poly VoIP Phones
June 3, 2026
Cybersecurity
Sophos: AI Ransomware Toolkit Uses Claude Opus 4.5 for EDR Evasion
June 3, 2026
Application Security
CISA Adds CVE-2024-21182 Oracle WebLogic to KEV; Feds Have 3 Days
June 3, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
March 18, 2026
The EU Council has sanctioned three entities and two individuals involved in cyberattacks on critical infrastructure within the region.
Identity-Based Access Control for AI Agents Is Now a Security Necessity
March 18, 2026
How identity-based access control for AI agents helps safeguard against misuse and data exposure.
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
March 18, 2026
A font-rendering vulnerability manipulates AI assistants by concealing malicious web commands in innocent HTML.
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
March 18, 2026
Surf AI secures $57M in funding for its security operations platform.
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
March 18, 2026
LeakNet ransomware integrates ClickFix for access, shifting from traditional entry strategies.
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
March 18, 2026
The RondoDox botnet targets 174 vulnerabilities, increasing activity to 15,000 exploitation attempts daily.
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
March 18, 2026
Major tech and retail organizations have banded together to address online scams and fraud, establishing a first-of-its-kind industry accord designed ...
Tech Giants Invest $12.5 Million in Open Source Software Security
March 18, 2026
Major tech firms contribute $12.5 million to enhance open source software security.
Ongoing Python Package Attack Uses Stolen GitHub Tokens
March 17, 2026
Attack leverages stolen GitHub tokens to introduce malware into numerous Python repositories.
Stryker’s Internal Microsoft Environment Was Breached Last Week
March 17, 2026
Stryker's internal Microsoft environment breach led to the remote wiping of tens of thousands of employee devices last week.
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
March 17, 2026
Royal Bahrain Hospital reportedly targeted by Payload ransomware, with 110 GB of sensitive data allegedly stolen.
Phishing Attack Hits Intuitive’s Internal IT Business Systems
March 17, 2026
Intuitive's internal systems hit by phishing attack; patient operations remain unaffected.
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
March 17, 2026
Russian-linked threat actors deploy DRILLAPP backdoor campaign in Ukraine.
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
March 17, 2026
Explore how new malware strains are targeting users with advanced methods and reverse engineering insights.
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
March 17, 2026
Companies House fixes a security flaw in WebFiling, protecting UK companies' data.
How AI Is Making Financial Fraud 4.5 Times More Profitable
March 17, 2026
Financial fraud schemes using AI boost profitability by 4.5 times, Interpol reports.
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
March 17, 2026
Microsoft is addressing an Exchange Online outage impacting mailbox and calendar access.
Signal Cyberattack in Germany Targets Politicians Through Impersonation
March 17, 2026
Cyberattack on Signal and WhatsApp targets high-profile German officials, including former BND VP, using impersonation tactics.
Targeted Phishing Attack Breaches Security Firm Executive
March 17, 2026
A phishing attack involved DKIM-signed emails, trusted infrastructures, and Cloudflare protection against a security firm executive.
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
March 17, 2026
Four major corporations, Broadcom, Bechtel, Estée Lauder, and Abbott, remain silent amid Oracle EBS hack.
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
Algerian Phishing Marketplace Operator Extradited to US
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Samsung KNOX Kernel Flaw CVE-2026-20971 Affects Galaxy S9 to S25
macOS ClickFix Variant Silently Mounts DMG to Deploy AMOS Stealer
Dify DifyTap Flaws Expose Cross-Tenant AI App Data
Fake AI Agent Skill Reaches 26,000 Agents in Supply Chain Test
Canada’s CSIS Uses Court Warrant to Dismantle Foreign Botnet
Elastic Exposes OXLOADER and CastleStealer in Russian Malvertising
Understanding Cloud Detection and Response (CDR) and Its Security Role
FFmpeg PixelSmash Heap Overflow Enables RCE in Media Apps
Microsoft AutoGen AI Framework Vulnerable to Localhost RCE
WhatsApp Phishing Deploys ManageEngine RMM Malware Across Continents
TeamPCP Open-Source Supply Chain Investigation Reveals Years of Access