Main Menu
Cyber Security
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Autovista Battles Ransomware Attack Across Europe and Australia
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Basic-Fit Data Breach Exposes Personal Information of One Million Members
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
Adobe’s ColdFusion Vulnerabilities Pose a Major Threat Amid Broader Security Concerns
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
News
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
Gabby Lee January 7, 2026
In an effort to better understand new hacking techniques, researchers have deployed honeypots—a deceptive cybersecurity strategy—to lure attackers from the Scattered Lapsus$ group. These controlled ...
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Cybersecurity
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Andrew Doyle January 7, 2026
A critical flaw in TOTOLINK EX200 allows remote attackers full control. Tracked as CVE-2025-65606, the vulnerability presents significant risks for users.
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Application Security
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Mitchell Langley January 7, 2026
Cybersecurity experts have discovered browser extensions that secretly exfiltrate conversations and browsing activities from ChatGPT and DeepSeek, exposing users to potential data compromises. Over 900,000 ...
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Cybersecurity
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Gabby Lee January 6, 2026
Google's latest Android security patch addresses the critical Dolby audio decoder vulnerability, CVE-2025-54957, originally discovered in October 2025. The issue was initially resolved in December ...
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
Endpoint Security
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
Andrew Doyle January 6, 2026
Threat actors have been exploiting a command injection vulnerability identified in out-of-support D-Link DSL router models. The flaw allows remote execution of malicious commands, compromising ...
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
Application Security
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
Mitchell Langley January 6, 2026
NordVPN denied allegations of a breach on its Salesforce development servers, clarifying that the accessed data was from a third-party test platform's dummy data.
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Cybersecurity
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Mitchell Langley January 6, 2026
The CISA KEV catalog now logs 1,484 vulnerabilities, after adding 24 new entries tied to ransomware exploits, signaling significant cybersecurity challenges.
Kimwolf Botnet A New Threat to Millions of Android Devices
Cybersecurity
Kimwolf Botnet: A New Threat to Millions of Android Devices
Gabby Lee January 6, 2026
The Kimwolf botnet has infected more than 2 million Android devices, using residential proxy networks to evade detection. Researchers warn its tactics mirror the Aisuru ...
Ledger Breach Due to Global-e Attack Compromises Customer Data
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Andrew Doyle January 6, 2026
Ledger informs about data breach from Global-e compromise, affecting customer information and highlighting third-party vulnerabilities.
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Application Security
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Gabby Lee January 6, 2026
Russia-aligned threat actor UAC-0184 employs Viber messaging platform, delivering malicious ZIP archives aimed at the Ukrainian military and government sectors, marking persistent intelligence activities in ...
Cybersecurity Operation Snares Former ShinyHunters Member
News
Cybersecurity Operation Snares Former ShinyHunters Member
Andrew Doyle January 6, 2026
The Scattered Lapsus$ Hunters were caught in a cybersecurity sting, resulting in a subpoena for a former ShinyHunters member accused of data theft.
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Data Security
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Andrew Doyle January 6, 2026
Hackers have targeted a file transfer system used by Sedgwick’s government-focused subsidiary. This breach raises concerns about the security of sensitive data managed by government ...
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
Cybersecurity
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
Mitchell Langley January 6, 2026
A substantial data breach at Brightspeed has been claimed by the hacking group Crimson Collective. They assert responsibility for stealing personal information from over one ...
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Information Security
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Gabby Lee January 6, 2026
The Trump administration has lifted sanctions on three individuals linked to the Intellexa spyware consortium. This consortium is associated with the Predator surveillance tool, leading ...
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
Cybersecurity
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
Andrew Doyle January 5, 2026
AI agents are anticipated to become a notable insider threat by 2026, requiring firms to modify their security strategies, as a report from Palo Alto ...
ShinyHunters' Strategic Use of Decoy Accounts in Cyber Espionage
News
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
Mitchell Langley January 5, 2026
In September 2025, a significant development in the realm of cyber threats emerged with the activities of a hacker group ...
Trump Orders Emcore to Divest Chip Manufacturing Assets
Cybersecurity
Trump Orders Emcore to Divest Chip Manufacturing Assets
Andrew Doyle January 5, 2026
President Trump's recent decision mandates Emcore Corp. to divest its computer chip operation, underscoring a calculated effort to protect U.S. security interests. This article examines ...
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
Cybersecurity
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
Mitchell Langley January 5, 2026
The French authorities have launched an investigation into AI-generated sexually explicit deepfakes that altered images of hundreds of women and teenagers. Utilizing an AI tool ...
Adobe ColdFusion Cyberattacks Surge During Holiday Period
Application Security
Adobe ColdFusion Cyberattacks Surge During Holiday Period
Andrew Doyle January 5, 2026
GreyNoise detected a significant surge in attack attempts targeting Adobe ColdFusion vulnerabilities over Christmas 2025, revealing a coordinated effort exploiting multiple vulnerabilities in ColdFusion servers.
Phishing Campaign Targets Users with Google Cloud Application Exploitation
News
Phishing Campaign Targets Users with Google Cloud Application Exploitation
Mitchell Langley January 5, 2026
Recent phishing operations exploit Google Cloud Application Integration, sending fake Google emails that deceive users into trusting malicious messages.
Cybersecurity
Threat Actors Are Ramping Up Microsoft Teams Exploitation for Network Access
Gabby Lee April 21, 2026
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
Cybersecurity
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
Gabby Lee April 21, 2026
News
Seiko USA Faces Ransom Threat After Website Defacement
Mitchell Langley April 21, 2026
Autovista Battles Ransomware Attack Across Europe and Australia
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
Gabby Lee April 16, 2026

TOP CYBERSECURITY HEADLINES

CVE Vulnerability Alerts
Severe Command Injection Flaw Discovered in SGLang
Cybersecurity
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
News
Seiko USA Faces Ransom Threat After Website Defacement
Cybersecurity
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist

This Week’s Security Spotlight

Application Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Mitchell Langley April 21, 2026
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Andrew Doyle April 16, 2026
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Cybersecurity
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Gabby Lee April 16, 2026
France's Rising Kidnapping Cases Amid Crypto Extortion Schemes
Cybersecurity
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Mitchell Langley April 16, 2026
More In News
Trending
APT28 Deploys PRISMEX Malware Against Ukraine and Its Allies
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Bogus Traffic Violation Text Scam Targeting Americans

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Cato Networks Acquires Aim Security to Bolster AI Defense in SASE
September 4, 2025
Podcasts
Tidal Cyber Secures $10M to Advance Threat-Informed Defense
September 4, 2025
Podcasts
Disney Fined $10M for COPPA Violations Over Mislabeling Kids’ Content on YouTube
September 4, 2025

Cyber Security News

Cybercriminals Target Airline Loyalty Programs A New Threat to Travelers
Cybersecurity
Cybercriminals Target Airline Loyalty Programs: A New Threat to Travelers
March 13, 2026
Global Arrests Made in a Social Media Scam Targeting Thousands
Cybersecurity
Global Arrests Made in a Social Media Scam Targeting Thousands
March 12, 2026
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
Application Security
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
March 12, 2026
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
Cybersecurity
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
March 12, 2026
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
March 12, 2026
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
Cybersecurity
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
March 12, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
January 6, 2026
Google's latest Android security patch addresses the critical Dolby audio decoder vulnerability, CVE-2025-54957, originally discovered in October 2025. The issue was initially resolved in December ...
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
January 6, 2026
Threat actors have been exploiting a command injection vulnerability identified in out-of-support D-Link DSL router models. The flaw allows remote execution of malicious commands, compromising ...
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
January 6, 2026
NordVPN denied allegations of a breach on its Salesforce development servers, clarifying that the accessed data was from a third-party test platform's dummy data.
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
January 6, 2026
The CISA KEV catalog now logs 1,484 vulnerabilities, after adding 24 new entries tied to ransomware exploits, signaling significant cybersecurity challenges.
Kimwolf Botnet: A New Threat to Millions of Android Devices
January 6, 2026
The Kimwolf botnet has infected more than 2 million Android devices, using residential proxy networks to evade detection. Researchers warn its tactics mirror the Aisuru ...
Ledger Breach Due to Global-e Attack Compromises Customer Data
January 6, 2026
Ledger informs about data breach from Global-e compromise, affecting customer information and highlighting third-party vulnerabilities.
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
January 6, 2026
Russia-aligned threat actor UAC-0184 employs Viber messaging platform, delivering malicious ZIP archives aimed at the Ukrainian military and government sectors, marking persistent intelligence activities in ...
Cybersecurity Operation Snares Former ShinyHunters Member
January 6, 2026
The Scattered Lapsus$ Hunters were caught in a cybersecurity sting, resulting in a subpoena for a former ShinyHunters member accused of data theft.
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
January 6, 2026
Hackers have targeted a file transfer system used by Sedgwick’s government-focused subsidiary. This breach raises concerns about the security of sensitive data managed by government ...
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
January 6, 2026
A substantial data breach at Brightspeed has been claimed by the hacking group Crimson Collective. They assert responsibility for stealing personal information from over one ...
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
January 6, 2026
The Trump administration has lifted sanctions on three individuals linked to the Intellexa spyware consortium. This consortium is associated with the Predator surveillance tool, leading ...
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
January 5, 2026
AI agents are anticipated to become a notable insider threat by 2026, requiring firms to modify their security strategies, as a report from Palo Alto ...
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
January 5, 2026
In September 2025, a significant development in the realm of cyber threats emerged with the activities of a hacker group known as the “ShinyHunters” or ...
Trump Orders Emcore to Divest Chip Manufacturing Assets
January 5, 2026
President Trump's recent decision mandates Emcore Corp. to divest its computer chip operation, underscoring a calculated effort to protect U.S. security interests. This article examines ...
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
January 5, 2026
The French authorities have launched an investigation into AI-generated sexually explicit deepfakes that altered images of hundreds of women and teenagers. Utilizing an AI tool ...
Adobe ColdFusion Cyberattacks Surge During Holiday Period
January 5, 2026
GreyNoise detected a significant surge in attack attempts targeting Adobe ColdFusion vulnerabilities over Christmas 2025, revealing a coordinated effort exploiting multiple vulnerabilities in ColdFusion servers.
Phishing Campaign Targets Users with Google Cloud Application Exploitation
January 5, 2026
Recent phishing operations exploit Google Cloud Application Integration, sending fake Google emails that deceive users into trusting malicious messages.
Two US Cybersecurity Professionals Admit Guilt in Ransomware Schemes
January 5, 2026
Ryan Goldberg and Kevin Martin, two American cybersecurity professionals, have confessed to being affiliates of the notorious BlackCat/Alphv ransomware group. This revelation poses significant implications ...
Gavin Webb’s Role in the Takedown of LockBit Ransomware
January 5, 2026
Recognized for his exemplary public service, Gavin Webb spearheaded the strategic takedown of the notorious LockBit ransomware, marking a significant achievement in global cybersecurity efforts.
British Security Researcher Earns Australia’s Prestigious Visa for Vulnerability Discovery
January 5, 2026
British security analyst Jacob Riggs has achieved Australia's strictest, invite-only visa for exposure of a critical vulnerability in its government system.
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Seiko USA Faces Ransom Threat After Website Defacement
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Threat Actors Repurpose Tycoon 2FA Tools in New Phishing Schemes
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
Phishing Scams Are Now Exploiting Apple’s Trusted Email Servers
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure