Cyber Security
Cybersecurity
Nevada Completes Full Recovery from Devastating Statewide Ransomware Attack
Nevada has fully restored operations across 60 state agencies nearly a year after a massive ransomware attack crippled public services in August 2023. The state ...
Application Security
Truffle Security Secures $25 Million to Expand Secrets Scanning Capabilities
Truffle Security has raised $25 million in Series A funding led by Decibel to expand its enterprise-grade secrets detection and remediation platform. Evolving from its ...
Cybersecurity
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack
The U.S. Congressional Budget Office has confirmed a cybersecurity incident involving unauthorized access to its network, with early evidence pointing to a foreign threat actor. ...
Application Security
Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
Researchers at Tenable uncovered seven security flaws in OpenAI’s ChatGPT, including critical vulnerabilities in the GPT-4o model that exposed memory-stored user data and allowed web ...
Cybersecurity
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Executive Russian hacking group Sandworm has hit Ukraine’s grain sector with destructive wiper malware, targeting economic infrastructure in attacks now reaching beyond government and energy ...
Cybersecurity
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
Hackers allegedly breached Russia’s Radon nuclear waste plant, stealing testing data, user information, and employee details, raising national security concerns over access to sensitive nuclear ...
Cybersecurity
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
A misconfigured third-party database exposed over 50,000 Stanford Health Care and Hillsboro Medical Center staff records, including payroll data, emails, and hashed passwords, increasing phishing ...
Cybersecurity
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
The Qilin ransomware gang claims to have stolen data from Habib Bank AG Zurich, exposing sensitive customer details and internal source code.
Cybersecurity
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
A global survey found 82 percent of large financial-services organisations reported a data breach or leak in the past year, signalling pervasive cyber-risk across the ...
News
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
The U.S. Treasury has sanctioned eight North Korea-linked individuals and entities accused of laundering funds from cyberattacks to finance Pyongyang’s weapons programs. The move targets ...
Application Security
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Microsoft has added a new web-based feature to the Microsoft Store that lets users create a single installer for multiple apps. The enhancement simplifies deployments, ...
Cybersecurity
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
Google has uncovered AI-driven malware capable of mutating its code during execution, evading traditional detection tools. By embedding machine learning models directly into payloads, attackers ...
News
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
The Gootloader malware gang has resurfaced after months of inactivity, reviving its signature SEO poisoning attacks. By manipulating search results to distribute malicious downloads through ...
Data Security
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Hyundai AutoEver America is now investigating a data breach that led to unauthorized access to sensitive personal information belonging to ...
Application Security
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
SonicWall has attributed its 2023 security breach to a suspected state-sponsored APT group that accessed firewall configuration backups. While no personal data was exposed, the ...
CVE Vulnerability Alerts
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
CISA has warned of active exploitation of a critical flaw (CVE-2022-44877) in CentOS Web Panel, allowing unauthenticated remote code execution. Administrators are urged to patch ...
Information Security
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
The U.K. is launching a nationwide crackdown on phone scams as major mobile carriers partner with GCHQ to deploy anti-spoofing technology that blocks fake U.K. ...
Cybersecurity
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
ALT5 Sigma Corp has sued a former consultant for unauthorized data access, citing potential operational harm and reinforcing insider threat management as a key governance ...
Cybersecurity
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
Il Manifesto exposed millions of user logs and subscriber emails through an unsecured database, revealing politically sensitive reader data and analytics without password protection or ...
News
SquareX Named SINET16 Innovator for Browser Detection and Response
PALO ALTO, Calif., November 5, SquareX, a pioneer in the Browser Detection and Response (BDR) space, announced it has been ...
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
TOP CYBERSECURITY HEADLINES
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
This Week’s Security Spotlight
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack
The U.S. Congressional Budget Office has confirmed a cybersecurity incident involving unauthorized access to its network, with early evidence pointing to a foreign threat actor. ...
Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
Researchers at Tenable uncovered seven security flaws in OpenAI’s ChatGPT, including critical vulnerabilities in the GPT-4o model that exposed memory-stored user data and allowed web ...
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Executive Russian hacking group Sandworm has hit Ukraine’s grain sector with destructive wiper malware, targeting economic infrastructure in attacks now reaching beyond government and energy ...
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
Hackers allegedly breached Russia’s Radon nuclear waste plant, stealing testing data, user information, and employee details, raising national security concerns over access to sensitive nuclear ...
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
A misconfigured third-party database exposed over 50,000 Stanford Health Care and Hillsboro Medical Center staff records, including payroll data, emails, and hashed passwords, increasing phishing ...
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
The Qilin ransomware gang claims to have stolen data from Habib Bank AG Zurich, exposing sensitive customer details and internal source code.
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
A global survey found 82 percent of large financial-services organisations reported a data breach or leak in the past year, signalling pervasive cyber-risk across the ...
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
The U.S. Treasury has sanctioned eight North Korea-linked individuals and entities accused of laundering funds from cyberattacks to finance Pyongyang’s weapons programs. The move targets ...
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Microsoft has added a new web-based feature to the Microsoft Store that lets users create a single installer for multiple apps. The enhancement simplifies deployments, ...
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
Google has uncovered AI-driven malware capable of mutating its code during execution, evading traditional detection tools. By embedding machine learning models directly into payloads, attackers ...
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
The Gootloader malware gang has resurfaced after months of inactivity, reviving its signature SEO poisoning attacks. By manipulating search results to distribute malicious downloads through ...
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Hyundai AutoEver America is now investigating a data breach that led to unauthorized access to sensitive personal information belonging to employees and contractors. The automotive ...
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
SonicWall has attributed its 2023 security breach to a suspected state-sponsored APT group that accessed firewall configuration backups. While no personal data was exposed, the ...
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
CISA has warned of active exploitation of a critical flaw (CVE-2022-44877) in CentOS Web Panel, allowing unauthenticated remote code execution. Administrators are urged to patch ...
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
The U.K. is launching a nationwide crackdown on phone scams as major mobile carriers partner with GCHQ to deploy anti-spoofing technology that blocks fake U.K. ...
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
ALT5 Sigma Corp has sued a former consultant for unauthorized data access, citing potential operational harm and reinforcing insider threat management as a key governance ...
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
Il Manifesto exposed millions of user logs and subscriber emails through an unsecured database, revealing politically sensitive reader data and analytics without password protection or ...
SquareX Named SINET16 Innovator for Browser Detection and Response
PALO ALTO, Calif., November 5, SquareX, a pioneer in the Browser Detection and Response (BDR) space, announced it has been named a SINET16 Innovator for ...
Rhysida Ransomware Gang Exploits Bing Ads to Spread Malware
Rhysida ransomware is spreading malware via malicious Bing ads targeting Microsoft Teams, Zoom, and PuTTY users while abusing code-signing certificates to evade detection and appear ...
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
Russian hackers used Hyper-V to deploy a hidden Linux VM hosting custom malware, bypassing typical endpoint detection and enabling stealthy long-term access in target networks.