Main Menu
Cyber Security
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies
RoguePlanet Zero-Day Gives Attackers SYSTEM on Patched Windows
Ivanti Sentry CVE-2026-10520 Actively Exploited, Devices Backdoored
Langflow CVE-2026-5027: Path Traversal Becomes Unauthenticated RCE
WorldLeaks Claims Apple Supplier Tata Electronics and Two More Firms
What is Cloud Detection and Response (CDR) and How Does it Work
Google Patches 5th Chrome Zero-Day; V8 Flaw Chains for OS Access
LiteLLM CVE-2026-42271 Added to CISA KEV: AI API Keys at Risk
France’s Tchap Messaging App Breached, 643K Messages Exposed
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Exploit Published for Linux Kernel nf_tables CVE-2026-23111
Deutsche Bahn Hit by a Large-Scale DDoS Attack Disrupting Rail Services
Cybersecurity
Deutsche Bahn Hit by a Large-Scale DDoS Attack Disrupting Rail Services
Mitchell Langley February 20, 2026
Deutsche Bahn's services were disrupted by a DDoS attack, leading to significant travel complications across Germany's national rail network.
Snyk CEO Steps Down to Make Way for AI-Focused Leadership
Cybersecurity
Snyk CEO Steps Down to Make Way for AI-Focused Leadership
Andrew Doyle February 20, 2026
Snyk's CEO announces departure to align leadership with AI advancements in code review.
Advantest Cyberattack Sparks Fears of Employee and Client Data Exposure
Cybersecurity
Advantest Cyberattack Sparks Fears of Employee and Client Data Exposure
Mitchell Langley February 20, 2026
Advantest faces a ransomware attack, investigating potential data breach impact.
PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence
Cybersecurity
PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence
Mitchell Langley February 20, 2026
Discover how PromptSpy malware uses Gemini AI at runtime to analyze on-screen elements and maintain persistence on Android devices even after a reboot...
Ukrainian National Gets Five Years for Helping North Korean IT Workers Infiltrate U.S. Companies
News
Ukrainian National Gets Five Years for Helping North Korean IT Workers Infiltrate U.S. Companies
Mitchell Langley February 20, 2026
A Ukrainian hacker aided North Korea in infiltrating U.S. companies by providing stolen identities, resulting in a five-year prison sentence.
Former Google Engineers Indicted for Alleged Trade Secret Theft Linked to Iran
Cybersecurity
Former Google Engineers Indicted for Alleged Trade Secret Theft Linked to Iran
Gabby Lee February 20, 2026
Former Google engineers indicted for allegedly stealing trade secrets and transferring sensitive data to unauthorized locations, including Iran.
Operation Red Card 2.0 Dismantles Online Scam Networks Across Africa
Cybersecurity
Operation Red Card 2.0 Dismantles Online Scam Networks Across Africa
Andrew Doyle February 20, 2026
Operation Red Card 2.0 led to 651 arrests and disrupted online scam networks in Africa.
MIT CSAIL's 2025 AI Agent Index Puts System Transparency Under the Microscope
Cybersecurity
MIT CSAIL’s 2025 AI Agent Index Puts System Transparency Under the Microscope
Andrew Doyle February 20, 2026
Academic researchers spotlighted the growing role and impact of AI agents across industries, raising critical questions about transparency, accountabi...
FBI Issues Warning on Escalating ATM Jackpotting Losses
Cybersecurity
FBI Issues Warning on Escalating ATM Jackpotting Losses
Gabby Lee February 20, 2026
The FBI alerts the public on ATM jackpotting, reporting $20M losses and 1,900 incidents since 2020 in the U.S.
Microsoft Addresses High-Severity Flaw in Windows Admin Center
Cybersecurity
Microsoft Addresses High-Severity Flaw in Windows Admin Center
Mitchell Langley February 20, 2026
Windows Admin Center's security flaw, CVE-2026-26119, allowed privilege escalation vulnerabilities.
Android Malware Uses Generative AI to Boost Its Post-Installation Capabilities
Cybersecurity
Android Malware Uses Generative AI to Boost Its Post-Installation Capabilities
Andrew Doyle February 20, 2026
A newly identified Android malware strain that uses generative AI has raised concerns among cybersecurity researchers, though debate continues over wh...
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
OpenClaw wrestles with security gaps and misconfigurations, despite swift patches and OpenAI-backed foundation support.
African Operation Leads to 651 Fraud Arrests and $4.3M Recovery
Cybersecurity
African Operation Leads to 651 Fraud Arrests and $4.3M Recovery
Andrew Doyle February 19, 2026
Authorities in Africa arrested 651 suspects and reclaimed $4.3 million in joint fraud mitigation efforts.
Human Error Remains One of the Biggest Threats to IT Security
Blog
Human Error Remains One of the Biggest Threats to IT Security
Mitchell Langley February 19, 2026
Human errors remain a significant security risk even in systems with strong protocols.
Newly Identified Massiv Android Trojan Exploits IPTV App Disguise in Southern Europe
Application Security
Newly Identified Massiv Android Trojan Exploits IPTV App Disguise in Southern Europe
Gabby Lee February 19, 2026
Massiv Android banking trojan, disguised as an IPTV app, targets users in southern Europe.
Critical Vulnerability in Honeywell CCTVs Exposes Security Risks
CVE Vulnerability Alerts
Critical Vulnerability in Honeywell CCTVs Exposes Security Risks
Andrew Doyle February 19, 2026
CISA alerts to a critical flaw in Honeywell CCTVs enabling unauthorized access with potential for account hijacking and system compromise.
The UK Classifies Non-Consensual Intimate Images Alongside Serious Offenses
Cybersecurity
The UK Classifies Non-Consensual Intimate Images Alongside Serious Offenses
Mitchell Langley February 19, 2026
UK demands quick removal of non-consensual images, equating them with terror content.
Venice Security Raises $33M to Strengthen Its Privileged Access Management Platform
Cybersecurity
Venice Security Raises $33M to Strengthen Its Privileged Access Management Platform
Andrew Doyle February 19, 2026
Venice Security, formerly known as Valkyrie, has secured $33 million in funding to enhance its Privileged Access Management solutions.
Figure Data Breach Exposes Nearly 1 Million User Records
Cybersecurity
Figure Data Breach Exposes Nearly 1 Million User Records
Mitchell Langley February 19, 2026
Blockchain lender Figure confirms data breach with over 2GB of user information leaked by ShinyHunters.
Cybercriminals Exploit OAuth 2.0 Device Authorization Flow in Vishing Campaigns
News
Cybercriminals Exploit OAuth 2.0 Device Authorization Flow in Vishing Campaigns
Gabby Lee February 19, 2026
Hackers target tech, manufacturing, and finance sectors using device code phishing and vishing in OAuth 2.0 abuse campaigns.
Application Security
Chrome 149 Patches 28 Flaws, Including 12 Use-After-Free Bugs
Gabby Lee June 12, 2026
Cybersecurity
Kyushu Electric Loses Drive With Data on 10.9M Customers
Mitchell Langley June 12, 2026
Blog
Triple Extortion Ransomware: How It Works and How to Stop It
Andrew Doyle June 12, 2026
Cybersecurity
Europol Dismantles AudiA6 Crypto Laundering Service
Gabby Lee June 12, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Application Security
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
Application Security
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers

This Week’s Security Spotlight

Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Andrew Doyle June 12, 2026
Application Security
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Andrew Doyle June 10, 2026
Application Security
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Gabby Lee June 10, 2026
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
More In News
Trending
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Von der Leyen and Shapps Flights Hit by Suspected Russian Electronic Warfare
September 2, 2025
Podcasts
Salesforce and Google Workspace Compromised in Largest SaaS Breach
September 2, 2025
Podcasts
Chained Zero-Days: WhatsApp and Apple Exploits Used in Sophisticated Spyware Attacks
September 2, 2025

Cyber Security News

Application Security
Splunk CVE-2026-20239 Logs Session Cookies in Plaintext
May 22, 2026
Cybersecurity
DPRK npm Packages Use Hugging Face to Exfiltrate Developer Credentials
May 22, 2026
Cybersecurity
Deleted Google API Keys Stay Active for Up to 23 Minutes
May 22, 2026
Application Security
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
May 22, 2026
Cybersecurity
Texas AG Sues Meta Over WhatsApp Encryption Claims
May 22, 2026
Application Security
Banana RAT Hijacks Brazil Pix QR Codes via NF-e Lures
May 22, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
PromptSpy Android Malware Abuses Gemini AI at Runtime for Persistence
February 20, 2026
Discover how PromptSpy malware uses Gemini AI at runtime to analyze on-screen elements and maintain persistence on Android devices even after a reboot...
Ukrainian National Gets Five Years for Helping North Korean IT Workers Infiltrate U.S. Companies
February 20, 2026
A Ukrainian hacker aided North Korea in infiltrating U.S. companies by providing stolen identities, resulting in a five-year prison sentence.
Former Google Engineers Indicted for Alleged Trade Secret Theft Linked to Iran
February 20, 2026
Former Google engineers indicted for allegedly stealing trade secrets and transferring sensitive data to unauthorized locations, including Iran.
Operation Red Card 2.0 Dismantles Online Scam Networks Across Africa
February 20, 2026
Operation Red Card 2.0 led to 651 arrests and disrupted online scam networks in Africa.
MIT CSAIL’s 2025 AI Agent Index Puts System Transparency Under the Microscope
February 20, 2026
Academic researchers spotlighted the growing role and impact of AI agents across industries, raising critical questions about transparency, accountabi...
FBI Issues Warning on Escalating ATM Jackpotting Losses
February 20, 2026
The FBI alerts the public on ATM jackpotting, reporting $20M losses and 1,900 incidents since 2020 in the U.S.
Microsoft Addresses High-Severity Flaw in Windows Admin Center
February 20, 2026
Windows Admin Center's security flaw, CVE-2026-26119, allowed privilege escalation vulnerabilities.
Android Malware Uses Generative AI to Boost Its Post-Installation Capabilities
February 20, 2026
A newly identified Android malware strain that uses generative AI has raised concerns among cybersecurity researchers, though debate continues over wh...
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
February 19, 2026
OpenClaw wrestles with security gaps and misconfigurations, despite swift patches and OpenAI-backed foundation support.
African Operation Leads to 651 Fraud Arrests and $4.3M Recovery
February 19, 2026
Authorities in Africa arrested 651 suspects and reclaimed $4.3 million in joint fraud mitigation efforts.
Human Error Remains One of the Biggest Threats to IT Security
February 19, 2026
Human errors remain a significant security risk even in systems with strong protocols.
Newly Identified Massiv Android Trojan Exploits IPTV App Disguise in Southern Europe
February 19, 2026
Massiv Android banking trojan, disguised as an IPTV app, targets users in southern Europe.
Critical Vulnerability in Honeywell CCTVs Exposes Security Risks
February 19, 2026
CISA alerts to a critical flaw in Honeywell CCTVs enabling unauthorized access with potential for account hijacking and system compromise.
The UK Classifies Non-Consensual Intimate Images Alongside Serious Offenses
February 19, 2026
UK demands quick removal of non-consensual images, equating them with terror content.
Venice Security Raises $33M to Strengthen Its Privileged Access Management Platform
February 19, 2026
Venice Security, formerly known as Valkyrie, has secured $33 million in funding to enhance its Privileged Access Management solutions.
Figure Data Breach Exposes Nearly 1 Million User Records
February 19, 2026
Blockchain lender Figure confirms data breach with over 2GB of user information leaked by ShinyHunters.
Cybercriminals Exploit OAuth 2.0 Device Authorization Flow in Vishing Campaigns
February 19, 2026
Hackers target tech, manufacturing, and finance sectors using device code phishing and vishing in OAuth 2.0 abuse campaigns.
Texas Sues TP-Link Over Router Security Deception Tied to Chinese State-Backed Hackers
February 19, 2026
Texas accuses TP-Link of falsely advertising its routers' security, allowing Chinese state-backed hackers to exploit firmware vulnerabilities and acce...
DEF CON Bars Three Men Named in Epstein Documents
February 19, 2026
DEF CON bans three men linked to Epstein files, raising important questions about ethics and attendee policies at major cybersecurity conferences.
Ivanti Zero-Day Exploitation Peaks as Cyber Threats Surge
February 19, 2026
Surge in Ivanti zero-day vulnerability exploits traced back to July 2025.
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies