Cyber Security
NIST Proposes AI Cybersecurity Overlays to Secure Generative and Predictive Systems
MoD Contractor Data Breach Exposes Thousands Of Afghan Nationals
Workday Data Breach Linked To Third-Party CRM Amid Salesforce Social Engineering Wave
Healthplex Fined $2M After Phishing-Driven Data Breach Exposed Tens Of Thousands
WestJet Data Breach Exposes Passenger Details, Including Names, DOB and Travel Details
Citrix NetScaler Zero-Day Breach Hits Critical Dutch Infrastructure
Why Supply Chain Security is a 2025 Cyber Priority
Fortinet Warns of FortiSIEM Zero-Day CVE-2025-25256 Critical RCE Flaw
Quantum Key Distribution Faces Real-World Cybersecurity Risks
Cybercrime Groups ShinyHunters and Scattered Spider Collaborate in Extortion Attacks
Thorium: CISA’s New Open-Source Malware Analysis and Forensic Platform
FBI Flags $9.9M in Losses from Crypto Recovery Scams
Cisco’s Critical FMC RADIUS Vulnerability: CVSS 10.0 Remote Code Execution Risk
Why Zero Trust Architecture is Now Essential for 2025 Cyber Defense
Microsoft August 2025 Patch: 107 Fixes, Including Kerberos Zero-Day
Accenture Acquires CyberCX in $650 Million Deal to Bolster Cybersecurity Services
Generative AI Cybersecurity Threats 2025: From Promptware to Deepfake Attacks
IoT Security in Crisis: BadBox Botnet, AI Exploits, and CNI Risks
Credential Theft Up 160% in 2025: 1.8 Billion Logins Stolen in First Half of Year
DARPA’s AI Cyber Challenge: Advancements in Autonomous Bug Patching
Cybersecurity Trends 2025: AI, Digital Identity, and the Shift to Intelligent SecOps
Over 200,000 New Zealand Government, Health, and Banking Credentials Found on Dark Web
UK Proposes New Cybersecurity Law with Stricter Reporting and Governance Rules
North St. Paul Municipal Data Breach Targets Police Department
Qualys Unveils Agentic AI for Autonomous Cyber Risk Management
Windows 11 August 2025 Security Update Introduces AI Features
Cybersecurity Complexity Due to Tool Sprawl and Multi-Vendor Ecosystems
Bitdefender Launches Cybersecurity Advisory Services to Address Security Gaps
Palo Alto Networks Acquires CyberArk in $25 Billion Deal
UK Now Third Most Targeted Nation for Malware Attacks in 2025
New Chirp Tool Using Audio Tones for Data Transit Between Devices
News
New Chirp Tool Using Audio Tones for Data Transit Between Devices
The new Chirp tool allows data transfer between devices using audio tones, offering a unique and engaging way to communicate.
Akira Ransomware Uses Webcam to Bypass EDR
News
Akira Ransomware Uses Webcam to Bypass EDR
The Akira ransomware gang has found a way to bypass EDR by exploiting unsecured webcams, demonstrating a new level of sophistication in cyberattacks.
Microsoft Reports Malvertising Campaign Impacted 1 Million PCs
Blog
Microsoft Reports Malvertising Campaign Impacted 1 Million PCs
Microsoft reports a large malvertising campaign has impacted nearly one million PCs, using malicious ads on streaming sites to deploy malware.
Taylor Swift Ticket Scam: Cybercrime Crew Steals $635,000
News
Taylor Swift Ticket Scam: Cybercrime Crew Steals $635,000
A cybercrime crew stole $635,000 worth of concert tickets, primarily for Taylor Swift's Eras Tour, exploiting a StubHub vendor loophole. Two employees were arrested and ...
Scott County Breach: Email Account Compromises Patient Data
News
Scott County Breach: Email Account Compromises Patient Data
The Scott County breach involved unauthorized access to email accounts, compromising protected health information for thousands of individuals across Iowa.
12,000 API Keys and Passwords Found in AI Training Datasets
News
12,000 API Keys and Passwords Found in AI Training Datasets
Nearly 12,000 API keys and passwords were discovered in the Common Crawl dataset used for training AI models, highlighting significant security risks for enterprises. Many ...
Open-Source Tool Rayhunter Helps Users Detect Stingray Attacks
News
Open-Source Tool Rayhunter Helps Users Detect Stingray Attacks
The EFF has introduced Rayhunter, an open-source tool for detecting Stingray attacks, helping users safeguard their sensitive data from unauthorized access.
Fake BianLian Ransom Notes Mailed to US CEOs in Postal Mail Scam
News
Fake BianLian Ransom Notes Mailed to US CEOs in Postal Mail Scam
Scammers are impersonating the BianLian group, mailing fake ransom notes to US CEOs, threatening data leaks unless Bitcoin payments are made.
BadBox Malware Disrupted on 500K Infected Android Devices
News
BadBox Malware Disrupted on 500K Infected Android Devices
The BadBox malware disruption has impacted over 500,000 devices, revealing the urgency of addressing cybersecurity threats in low-cost Android devices.
Silk Typhoon Hackers Now Target IT Supply Chains to Breach Networks
News
Silk Typhoon Hackers Now Target IT Supply Chains to Breach Networks
The Silk Typhoon hackers have shifted tactics, now focusing on IT supply chains to infiltrate networks and exploit sensitive data across multiple industries.
YouTube Warns of AI-Generated Phishing Attacks Targeting Creators
News
YouTube Warns of AI-Generated Phishing Attacks Targeting Creators
AI-generated video of YouTube's CEO is being used in phishing attacks to steal creators' credentials. YouTube warns users to avoid suspicious private videos and links.
US Charges Chinese Hackers Targeting Critical Infrastructure Breaches
News
US Charges Chinese Hackers Targeting Critical Infrastructure Breaches
US charges Chinese state security officers and hackers from APT27 and i-Soon for global cyberattacks targeting critical infrastructure and government agencies since 2011.
Hunters International Claims Ransomware Attack on Tata Technologies: 1.4TB Data Breached
News
Hunters International Claims Ransomware Attack on Tata Technologies: 1.4TB Data Breached
Hunters International ransomware claims responsibility for a major attack on Tata Technologies, stealing 1.4 TB of data and threatening to release it.
Black Basta and Cactus Ransomware: Shared Tactics and BackConnect Malware Connection
News
Black Basta and Cactus Ransomware: Shared Tactics and BackConnect Malware Connection
Black Basta and Cactus ransomware groups share similar tactics and use BackConnect malware, highlighting the need for robust cybersecurity measures in enterprise businesses.
Cisco Warns of BroadWorks Flaw Exposing Credentials
News
Cisco Warns of BroadWorks Flaw Exposing Credentials
Cisco warns of a BroadWorks flaw that could allow unauthenticated attackers to access sensitive credentials. Users are advised to implement security measures.
Broadcom Fixes Three VMware Zero-Days Exploited in Attacks
News
Broadcom Fixes Three VMware Zero-Days Exploited in Attacks
Broadcom fixes three critical VMware zero-days exploited in attacks, enabling attackers to escape virtual machine sandboxes. Immediate patching is advised.
Major Data Breach at Lost & Found Tracking Site Exposes Over 800,000 Records
News
Major Data Breach at Lost & Found Tracking Site Exposes Over 800,000 Records
A massive data breach at Lost & Found, a German travel tracking firm, exposed over 800,000 records, including passport scans and driver's licenses, raising serious ...
Polish Space Agency Suffers Cyberattack, Takes Systems Offline
News
Polish Space Agency Suffers Cyberattack, Takes Systems Offline
The Polish Space Agency (POLSA) disconnected its systems after a weekend cyberattack. The agency is working with national CSIRT teams to restore services and investigate ...
New Polyglot Malware Targets Aviation and Satellite Communication Firms
News
New Polyglot Malware Targets Aviation and Satellite Communication Firms
A new polyglot malware, Sosano, targets aviation and satellite communication firms in the UAE, enabling remote command execution and persistent access on infected devices.
Eleven11bot: New Botnet Infects 86,000 Devices for DDoS Attacks
News
Eleven11bot: New Botnet Infects 86,000 Devices for DDoS Attacks
The Eleven11bot botnet has infected over 86,000 IoT devices, primarily focusing on security cameras and NVRs to launch DDoS attacks globally.

TOP CYBERSECURITY HEADLINES

This Week’s Security Spotlight

Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
NSO Group Fined $167 Million for Pegasus Spyware Attack on WhatsApp Users
A U.S. jury has ordered NSO Group to pay over $167 million in damages for a 2019 Pegasus spyware attack that targeted 1,400 WhatsApp users. ...
PowerSchool Hacker Now Extorting Individual School Districts Using Stolen Data
The PowerSchool hacker is now targeting individual school districts, threatening to leak sensitive student and staff data stolen in the December 2024 breach.
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail sectors.
The Langflow Breach: How a Popular AI Tool Opened the Door to Hackers
A newly disclosed zero-day vulnerability, CVE-2025-3248, is being actively exploited in the wild—and it’s targeting Langflow, a popular open-source framework for building AI-powered applications. In ...
Mirai Reloaded: Why CVE-2024-7399 Still Haunts Samsung Servers
In this episode, we break down the active exploitation of CVE-2024-7399, a critical path traversal and arbitrary file upload vulnerability in Samsung MagicINFO 9 Server. ...
UK Retail Cyberattacks Prompt Urgent Warning from National Cyber Security Centre
The UK’s NCSC has issued a warning after recent cyberattacks disrupted major retailers including Marks & Spencer, Harrods, and Co-op, urging stronger cybersecurity readiness.
CVE-2025-31324: A Critical SAP Zero-Day in Active Exploitation
A critical zero-day vulnerability — CVE-2025-31324 — is shaking the enterprise tech world. In this episode, we dive deep into the alarming exploit targeting SAP NetWeaver ...
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
Masimo disclosed a cyberattack impacting manufacturing and logistics, coinciding with the $350M sale of its Sound United audio brands to Samsung subsidiary Harman.
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
Ransom House claims to have breached German brewing giant Oettinger, threatening to leak sensitive data if the company fails to meet its ransom demands.
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
CISA confirms active exploitation of critical Langflow RCE flaw CVE-2025-3248, urging urgent updates to prevent full server takeover through exposed API endpoints.
“Bring Your Own Installer” EDR Bypass Used in Ransomware Attack Targeting SentinelOne
A new “Bring Your Own Installer” bypass lets ransomware actors disable SentinelOne EDR protection by exploiting the agent upgrade process, leaving endpoints exposed to attack. ...
Another Day, Another Commvault Zero-Day: RCE, Path Traversal, and KEV Inclusions
In this episode, we break down the anatomy of some of the most critical vulnerabilities threatening enterprise systems in 2025 — and the real-world attacks ...
Kelly Benefits Breach: What 413,000 Exposed Records Teach Us About Cybersecurity
In this episode, we dive deep into the massive data breach at Kelly Benefits, a payroll and benefits administrator that exposed the sensitive personal data ...
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Explore six critical Supply Chain Cybersecurity Risks in 2025—from AI-driven cyberattacks and IoT vulnerabilities to quantum computing and geopolitical threats shaping logistics.
$491M Budget Cut: The White House Move That Could Reshape CISA
 In this episode, we unpack the rising tensions surrounding the Cybersecurity and Infrastructure Security Agency (CISA) as it faces proposed budget cuts, looming layoffs, and ...
Rhysida Ransomware Gang Claims Cyberattack on Peruvian Government Systems
Rhysida ransomware group has claimed responsibility for a cyberattack on Peru’s government systems, demanding payment for stolen data while officials deny any breach occurred.
Anonymous Hacks GlobalX Airline Over Deportation Flights Linked to ICE and Trump-Era Policy
Anonymous defaced a GlobalX subdomain and leaked flight manifests related to ICE deportation flights of Venezuelan migrants, protesting Trump-era policies ruled unlawful by a federal ...
Trump’s Security Adviser Targeted in Messaging App Breach Linked to Signal Clone
A hacked Signal clone used by Trump’s former security adviser Mike Waltz has raised serious concerns over the safety of sensitive government communications.
New York Post X Account Hacked and Hijacked in Targeted Crypto Scam
Hackers hijacked the New York Post’s verified X account to target crypto users via direct messages, redirecting victims to a Telegram-based scam under false pretenses. ...
EU Fines TikTok €530 Million For Data Protection Failures
TikTok has been fined €530 million by EU regulators over data protection failures and may face a data transfer suspension to China unless it complies ...
PyPI Cracks Down on Domain Expiration Attacks to Protect Python Packages
AI Joins the Fight Against Exploits: Google and Mozilla Patch Dangerous Vulnerabilities
Britain Backs Down: UK Drops Encryption Backdoor Demand on Apple
PipeMagic Backdoor: How Ransomware Actors Exploited a Windows Zero-Day
270,000 Intel Employee Records at Risk from Authentication Bypass and Hardcoded Credentials
How Social Engineering and Vendor Weaknesses Led to Allianz Life’s Massive Breach
Cloud Computing Heist: $3.5 Million Fraud Leads to Prison for Fake Crypto Influencer
Lexington-Richland 5 Data Breach Exposes Students’ Names, Addresses and SSNs
Panera Agrees to $2.5M Settlement After 2024 Data Breach
IBM Finds “AI Oversight Gap” in Organizations That Suffered AI-Related Breaches
Embassy Espionage: Kimsuky and Suspected Chinese Partners Deploy XenoRAT in Seoul
GSMA Confirms Flaws: Researchers Unveil Dangerous 5G Sniffing and Injection Attack
PayPal Denies Breach Amid 16M Login Leak on Dark Web
SAP NetWeaver Under Siege: New Exploit Chains Threaten Global Enterprises
NIST Proposes AI Cybersecurity Overlays to Secure Generative and Predictive Systems
Microsoft Opens Inquiry After Reports Israel Used Azure for Mass Surveillance
Ransomware Gangs Deploy Kernel-Level EDR Killers to Evade Detection
Chinese APTs Target Taiwan: UAT-7237’s SoundBill Loader and Gelsemium’s FireWood Backdoor
Colt Cyberattack: Multi-Day Outages After WarLock Ransomware Exploited SharePoint Zero-Day
Workday Breach Tied to Third-Party CRM Hack in ShinyHunters Campaign