Main Menu
Cyber Security
Apple Releases iOS and iPadOS Updates to Patch Coruna Exploits
Veeam Software Fixes Critical RCE Vulnerabilities in Backup & Replication Solution
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
International Operation Dismantles the Dangerous SocksEscort Proxy Service
Apple Patches Older iPhones and iPads Against Coruna Exploit Kit Attacks
Cybercriminals Target Airline Loyalty Programs: A New Threat to Travelers
Global Arrests Made in a Social Media Scam Targeting Thousands
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
‘PhantomRaven’ Supply-Chain Campaign Floods npm Registry with Malicious Packages
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
Fake Starlink Android Apps Spread BeatBanker Malware
ELECQ Data Breach May Have Exposed EV Charger Users’ Private Information
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
Malicious npm Package Disguises as OpenClaw Installer for Data Theft
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Tier 1 SOC Analysts Are Carrying More Weight Than They Should
Joint Operation Dismantles Criminal Syndicate Exploiting Ukrainian War Refugees
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
Microsoft Silently Patches Long-Exploited Windows Vulnerability
Application Security
Microsoft Silently Patches Long-Exploited Windows Vulnerability
Gabby Lee December 5, 2025
Microsoft discretely resolves CVE-2025-9491, a critical Windows Shortcut vulnerability exploited by hackers for years. November 2025 Patch Tuesday delivers the fix.
React Server Components' Security Flaw Risks Unauthenticated Remote Code Execution
CVE Vulnerability Alerts
React Server Components’ Security Flaw Risks Unauthenticated Remote Code Execution
Andrew Doyle December 5, 2025
React Server Components are impacted by a critical vulnerability, CVE-2025-55182, offering a CVSS score of 10.0 for unauthenticated remote code execution.
Major Universities Affected in Oracle E-Business Suite Hacking Campaign
Cybersecurity
Major Universities Affected in Oracle E-Business Suite Hacking Campaign
Mitchell Langley December 5, 2025
The University of Pennsylvania and the University of Phoenix recently disclosed that they were attacked in a broader cyber campaign. This campaign targets organizations utilizing ...
Freedom Mobile Data Breach Protecting Consumer Information in the Telecom Sector
Data Security
Freedom Mobile Data Breach: Protecting Consumer Information in the Telecom Sector
Gabby Lee December 5, 2025
Freedom Mobile, Canada's fourth-largest wireless carrier, announced a significant data breach involving its customer account management platform, exposing consumer information. This development puts a spotlight ...
North Korea's Covert IT Workforce Exposed Unmasking the Chollima Scheme
Cybersecurity
North Korea’s Covert IT Workforce Exposed: Unmasking the Chollima Scheme
Mitchell Langley December 3, 2025
A joint investigation by BCA LTD, NorthScan, and ANY.RUN reveals North Korea's persistent infiltration scheme. The study exposes remote IT workers linked to the Lazarus ...
FTC Targets EdTech Giant Illuminate After Data Breach Exposes 10 Million Students
Cybersecurity
FTC Targets EdTech Giant Illuminate After Data Breach Exposes 10 Million Students
Andrew Doyle December 3, 2025
The Federal Trade Commission proposed significant actions against Illuminate Education following a 2021 incident that compromised data of 10 million students. The firm's measures raise ...
Cybersecurity Incident at Three-Council Data Breach Adds Complexity
Cybersecurity
Cybersecurity Incident at Three-Council: Data Breach Adds Complexity
Mitchell Langley December 3, 2025
Kensington and Chelsea Council acknowledges a data breach as their IT system experiences disruption during a cyber incident. Historical data was accessed and copied, escalating ...
GlassWorm Supply Chain Attack Compromises Developer Tools
Cybersecurity
GlassWorm Supply Chain Attack Compromises Developer Tools
Gabby Lee December 3, 2025
The GlassWorm supply chain attack returns, infiltrating Microsoft Visual Studio Marketplace and Open VSX with 24 extensions that impersonate popular developer frameworks such as Flutter, ...
Shai-Hulud Strikes Again Massive Data Exposure from NPM Attack
Cybersecurity
Shai-Hulud Strikes Again: Massive Data Exposure from NPM Attack
Andrew Doyle December 3, 2025
Shai-Hulud's second attack compromised NPM packages, exposing 400,000 secrets. The breach affected thousands of GitHub repositories and underlines vulnerabilities inherent in open-source software supply chains.
Application Security
Microsoft Investigates Defender XDR Portal Access Disruptions
Mitchell Langley December 3, 2025
Microsoft faces a challenge as users report limited access to the Defender XDR portal. For over 10 hours, customers have experienced obstacles accessing key features, ...
University of Pennsylvania Data Breach Clop's Zero-Day Exploit Targets Oracle's E-Business Suite
Cybersecurity
University of Pennsylvania Data Breach: Clop’s Zero-Day Exploit Targets Oracle’s E-Business Suite
Gabby Lee December 3, 2025
The University of Pennsylvania recently disclosed a data breach affecting over 1,400 individuals. Attackers exploited a zero-day vulnerability in Oracle’s E-Business Suite, linked to the ...
Zafran Security Accelerates Global Expansion with $60 Million Series C Funding
Cybersecurity
Zafran Security Accelerates Global Expansion with $60 Million Series C Funding
Andrew Doyle December 3, 2025
Zafran Security, a cybersecurity startup, has raised $60 million in Series C funding to enhance product innovation and global reach. This development marks a significant ...
Albiriox Banking Trojan Poses New Threat to Android Devices
Cybersecurity
Albiriox Banking Trojan Poses New Threat to Android Devices
Andrew Doyle December 2, 2025
Cybersecurity experts are on high alert with the emergence of Albiriox, an Android banking trojan sold for $720 monthly. This new threat from Russian cybercriminals ...
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Cybersecurity
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Andrew Doyle December 2, 2025
Cybercriminals are increasingly using sophisticated techniques such as deepfakes, fake resumes, and stolen identities to penetrate corporate hiring processes. Strengthening vetting and access controls can ...
Young Cybercriminals Rebels Without a Cause in the Digital World
Cybersecurity
Young Cybercriminals: Rebels Without a Cause in the Digital World
Mitchell Langley December 2, 2025
Emerging data reveals most young cybercriminals outgrow illicit activities by age 20. This shift signals their maturation process beyond digital crime, although a few remain ...
$29 Million in Bitcoin Seized from Cryptomixer Implications for Cybercrime
Cybersecurity
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
Mitchell Langley December 2, 2025
In a sweeping international effort, authorities targeted cryptomixer services for aiding in cybercriminal activities. Operation Olympia led to a significant Bitcoin haul.
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
Application Security
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
Gabby Lee December 2, 2025
ShadyPanda malware campaign has quietly infiltrated over 4.3 million installations of Chrome and Edge browser extensions. It deceived users by masquerading as legitimate tools, allowing ...
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
Cybersecurity
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
Gabby Lee December 2, 2025
The open-source SmartTube client for Android TV faced a security breach after an attacker accessed the developer's signing keys. This led to the distribution of ...
South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Andrew Doyle December 2, 2025
Coupang, a leading retailer in South Korea, has confirmed a data breach compromising the personal information of 33.7 million customers. This major incident raises significant ...
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
Application Security
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
Mitchell Langley December 2, 2025
A seven-year campaign has infected 4.3 million users with malware through browser extensions. Despite warnings, some extensions persist in the Microsoft Edge store, continuing to ...
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
Application Security
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
Gabby Lee March 13, 2026
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
Cybersecurity
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
Gabby Lee March 13, 2026
VENON Banking Malware Targets Brazilian Users With Rust-Based Code
Cybersecurity
VENON Banking Malware Targets Brazilian Users With Rust-Based Code
Gabby Lee March 13, 2026
Slopoly Malware Linked to Interlock Ransomware Attack
News
Slopoly Malware Linked to Interlock Ransomware Attack
Mitchell Langley March 13, 2026

TOP CYBERSECURITY HEADLINES

Apple Releases iOS and iPadOS Updates to Patch Coruna Exploits
Application Security
Apple Releases iOS and iPadOS Updates to Patch Coruna Exploits
Veeam Software Fixes Critical RCE Vulnerabilities in Backup & Replication Solution
Application Security
Veeam Software Fixes Critical RCE Vulnerabilities in Backup & Replication Solution
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
Cybersecurity
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
International Operation Dismantles the Dangerous SocksEscort Proxy Service
Cybersecurity
International Operation Dismantles the Dangerous SocksEscort Proxy Service

This Week’s Security Spotlight

Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Cybersecurity
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Andrew Doyle March 13, 2026
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Andrew Doyle March 12, 2026
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Mitchell Langley March 12, 2026
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
More In News
Trending
Law Enforcement Dismantles Tycoon2FA Phishing-as-a-Service Platform
Phishing Attack Masquerades as Google Security Page to Steal Sensitive Information
Optimizely Suffers a Data Breach Through a Voice Phishing Attack
Cybercriminals Exploit OAuth 2.0 Device Authorization Flow in Vishing Campaigns

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Von der Leyen and Shapps Flights Hit by Suspected Russian Electronic Warfare
September 2, 2025
Podcasts
Salesforce and Google Workspace Compromised in Largest SaaS Breach
September 2, 2025
Podcasts
Chained Zero-Days: WhatsApp and Apple Exploits Used in Sophisticated Spyware Attacks
September 2, 2025

Cyber Security News

Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Cybersecurity
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
February 4, 2026
Legal Repercussions Mount for Cognizant After TriZetto Incident
Cybersecurity
Legal Repercussions Mount for Cognizant After TriZetto Incident
February 4, 2026
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
Cybersecurity
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
February 4, 2026
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Application Security
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
February 4, 2026
Game Mods Conceal Infostealer Malware A Threat to Corporate IT Systems
Cybersecurity
Game Mods Conceal Infostealer Malware: A Threat to Corporate IT Systems
January 30, 2026
Google Disrupts Major Residential Proxy Network to Weaken Cybercriminals' Shield
Cybersecurity
Google Disrupts Major Residential Proxy Network to Weaken Cybercriminals’ Shield
January 30, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Major Universities Affected in Oracle E-Business Suite Hacking Campaign
December 5, 2025
The University of Pennsylvania and the University of Phoenix recently disclosed that they were attacked in a broader cyber campaign. This campaign targets organizations utilizing ...
Freedom Mobile Data Breach: Protecting Consumer Information in the Telecom Sector
December 5, 2025
Freedom Mobile, Canada's fourth-largest wireless carrier, announced a significant data breach involving its customer account management platform, exposing consumer information. This development puts a spotlight ...
North Korea’s Covert IT Workforce Exposed: Unmasking the Chollima Scheme
December 3, 2025
A joint investigation by BCA LTD, NorthScan, and ANY.RUN reveals North Korea's persistent infiltration scheme. The study exposes remote IT workers linked to the Lazarus ...
FTC Targets EdTech Giant Illuminate After Data Breach Exposes 10 Million Students
December 3, 2025
The Federal Trade Commission proposed significant actions against Illuminate Education following a 2021 incident that compromised data of 10 million students. The firm's measures raise ...
Cybersecurity Incident at Three-Council: Data Breach Adds Complexity
December 3, 2025
Kensington and Chelsea Council acknowledges a data breach as their IT system experiences disruption during a cyber incident. Historical data was accessed and copied, escalating ...
GlassWorm Supply Chain Attack Compromises Developer Tools
December 3, 2025
The GlassWorm supply chain attack returns, infiltrating Microsoft Visual Studio Marketplace and Open VSX with 24 extensions that impersonate popular developer frameworks such as Flutter, ...
Shai-Hulud Strikes Again: Massive Data Exposure from NPM Attack
December 3, 2025
Shai-Hulud's second attack compromised NPM packages, exposing 400,000 secrets. The breach affected thousands of GitHub repositories and underlines vulnerabilities inherent in open-source software supply chains.
Microsoft Investigates Defender XDR Portal Access Disruptions
December 3, 2025
Microsoft faces a challenge as users report limited access to the Defender XDR portal. For over 10 hours, customers have experienced obstacles accessing key features, ...
University of Pennsylvania Data Breach: Clop’s Zero-Day Exploit Targets Oracle’s E-Business Suite
December 3, 2025
The University of Pennsylvania recently disclosed a data breach affecting over 1,400 individuals. Attackers exploited a zero-day vulnerability in Oracle’s E-Business Suite, linked to the ...
Zafran Security Accelerates Global Expansion with $60 Million Series C Funding
December 3, 2025
Zafran Security, a cybersecurity startup, has raised $60 million in Series C funding to enhance product innovation and global reach. This development marks a significant ...
Albiriox Banking Trojan Poses New Threat to Android Devices
December 2, 2025
Cybersecurity experts are on high alert with the emergence of Albiriox, an Android banking trojan sold for $720 monthly. This new threat from Russian cybercriminals ...
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
December 2, 2025
Cybercriminals are increasingly using sophisticated techniques such as deepfakes, fake resumes, and stolen identities to penetrate corporate hiring processes. Strengthening vetting and access controls can ...
Young Cybercriminals: Rebels Without a Cause in the Digital World
December 2, 2025
Emerging data reveals most young cybercriminals outgrow illicit activities by age 20. This shift signals their maturation process beyond digital crime, although a few remain ...
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
December 2, 2025
In a sweeping international effort, authorities targeted cryptomixer services for aiding in cybercriminal activities. Operation Olympia led to a significant Bitcoin haul.
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
December 2, 2025
ShadyPanda malware campaign has quietly infiltrated over 4.3 million installations of Chrome and Edge browser extensions. It deceived users by masquerading as legitimate tools, allowing ...
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
December 2, 2025
The open-source SmartTube client for Android TV faced a security breach after an attacker accessed the developer's signing keys. This led to the distribution of ...
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
December 2, 2025
Coupang, a leading retailer in South Korea, has confirmed a data breach compromising the personal information of 33.7 million customers. This major incident raises significant ...
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
December 2, 2025
A seven-year campaign has infected 4.3 million users with malware through browser extensions. Despite warnings, some extensions persist in the Microsoft Edge store, continuing to ...
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
December 2, 2025
India's telecommunications ministry is mandating the preloading of the Sanchar Saathi cybersecurity app on new mobile devices. The app, designed to enhance user safety, is ...
Microsoft Tackles Excel Attachment Issue in New Outlook Client
December 2, 2025
Microsoft is aware of and addressing an issue that hinders some users from opening Excel email attachments in the updated Outlook client. The issue can ...
Apple Releases iOS and iPadOS Updates to Patch Coruna Exploits
Veeam Software Fixes Critical RCE Vulnerabilities in Backup & Replication Solution
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
International Operation Dismantles the Dangerous SocksEscort Proxy Service
Slopoly Malware Linked to Interlock Ransomware Attack
Apple Patches Older iPhones and iPads Against Coruna Exploit Kit Attacks
Cybercriminals Target Airline Loyalty Programs: A New Threat to Travelers
Global Arrests Made in a Social Media Scam Targeting Thousands
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Police Scotland Fined £66,000 for Mishandling Sensitive Victim Data
‘PhantomRaven’ Supply-Chain Campaign Floods npm Registry with Malicious Packages
Stryker Healthcare Faces Cybersecurity Breach Linked to Hacktivist Group
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Google Cloud Strengthens Its Position with the $32 Billion Acquisition of Wiz
Fake Starlink Android Apps Spread BeatBanker Malware
ELECQ Data Breach May Have Exposed EV Charger Users’ Private Information
Ericsson Inc. Faces Data Breach Through a Third-Party Service Provider
Malicious npm Package Disguises as OpenClaw Installer for Data Theft