Cyber Security
News
New Chirp Tool Using Audio Tones for Data Transit Between Devices
Andrew Doyle
March 10, 2025
The new Chirp tool allows data transfer between devices using audio tones, offering a unique and engaging way to communicate.
News
Akira Ransomware Uses Webcam to Bypass EDR
Mitchell Langley
March 7, 2025
The Akira ransomware gang has found a way to bypass EDR by exploiting unsecured webcams, demonstrating a new level of sophistication in cyberattacks.
Blog
Microsoft Reports Malvertising Campaign Impacted 1 Million PCs
Andrew Doyle
March 7, 2025
Microsoft reports a large malvertising campaign has impacted nearly one million PCs, using malicious ads on streaming sites to deploy malware.
News
Taylor Swift Ticket Scam: Cybercrime Crew Steals $635,000
Mitchell Langley
March 7, 2025
A cybercrime crew stole $635,000 worth of concert tickets, primarily for Taylor Swift's Eras Tour, exploiting a StubHub vendor loophole. Two employees were arrested and ...
News
Scott County Breach: Email Account Compromises Patient Data
Andrew Doyle
March 7, 2025
The Scott County breach involved unauthorized access to email accounts, compromising protected health information for thousands of individuals across Iowa.
News
12,000 API Keys and Passwords Found in AI Training Datasets
Mitchell Langley
March 6, 2025
Nearly 12,000 API keys and passwords were discovered in the Common Crawl dataset used for training AI models, highlighting significant security risks for enterprises. Many ...
News
Open-Source Tool Rayhunter Helps Users Detect Stingray Attacks
Andrew Doyle
March 6, 2025
The EFF has introduced Rayhunter, an open-source tool for detecting Stingray attacks, helping users safeguard their sensitive data from unauthorized access.
News
Fake BianLian Ransom Notes Mailed to US CEOs in Postal Mail Scam
Mitchell Langley
March 6, 2025
Scammers are impersonating the BianLian group, mailing fake ransom notes to US CEOs, threatening data leaks unless Bitcoin payments are made.
News
BadBox Malware Disrupted on 500K Infected Android Devices
Andrew Doyle
March 6, 2025
The BadBox malware disruption has impacted over 500,000 devices, revealing the urgency of addressing cybersecurity threats in low-cost Android devices.
News
Silk Typhoon Hackers Now Target IT Supply Chains to Breach Networks
Mitchell Langley
March 6, 2025
The Silk Typhoon hackers have shifted tactics, now focusing on IT supply chains to infiltrate networks and exploit sensitive data across multiple industries.
News
YouTube Warns of AI-Generated Phishing Attacks Targeting Creators
Mitchell Langley
March 6, 2025
AI-generated video of YouTube's CEO is being used in phishing attacks to steal creators' credentials. YouTube warns users to avoid suspicious private videos and links.
News
US Charges Chinese Hackers Targeting Critical Infrastructure Breaches
Andrew Doyle
March 6, 2025
US charges Chinese state security officers and hackers from APT27 and i-Soon for global cyberattacks targeting critical infrastructure and government agencies since 2011.
News
Hunters International Claims Ransomware Attack on Tata Technologies: 1.4TB Data Breached
Andrew Doyle
March 6, 2025
Hunters International ransomware claims responsibility for a major attack on Tata Technologies, stealing 1.4 TB of data and threatening to release it.
News
Black Basta and Cactus Ransomware: Shared Tactics and BackConnect Malware Connection
Mitchell Langley
March 6, 2025
Black Basta and Cactus ransomware groups share similar tactics and use BackConnect malware, highlighting the need for robust cybersecurity measures in enterprise businesses.
News
Cisco Warns of BroadWorks Flaw Exposing Credentials
Andrew Doyle
March 6, 2025
Cisco warns of a BroadWorks flaw that could allow unauthenticated attackers to access sensitive credentials. Users are advised to implement security measures.
News
Broadcom Fixes Three VMware Zero-Days Exploited in Attacks
Mitchell Langley
March 6, 2025
Broadcom fixes three critical VMware zero-days exploited in attacks, enabling attackers to escape virtual machine sandboxes. Immediate patching is advised.
News
Major Data Breach at Lost & Found Tracking Site Exposes Over 800,000 Records
Andrew Doyle
March 6, 2025
A massive data breach at Lost & Found, a German travel tracking firm, exposed over 800,000 records, including passport scans and driver's licenses, raising serious ...
News
Polish Space Agency Suffers Cyberattack, Takes Systems Offline
Andrew Doyle
March 6, 2025
The Polish Space Agency (POLSA) disconnected its systems after a weekend cyberattack. The agency is working with national CSIRT teams to restore services and investigate ...
News
New Polyglot Malware Targets Aviation and Satellite Communication Firms
Mitchell Langley
March 6, 2025
A new polyglot malware, Sosano, targets aviation and satellite communication firms in the UAE, enabling remote command execution and persistent access on infected devices.
News
Eleven11bot: New Botnet Infects 86,000 Devices for DDoS Attacks
Mitchell Langley
March 6, 2025
The Eleven11bot botnet has infected over 86,000 IoT devices, primarily focusing on security cameras and NVRs to launch DDoS attacks globally.
Cybersecurity
Clickjacking Vulnerability Exposes Autofill Data Across Major Extensions
Mitchell Langley
August 21, 2025
Cybersecurity
US Becomes Ransomware Capital with 146% Increase in Attacks
Mitchell Langley
August 12, 2025
TOP CYBERSECURITY HEADLINES
This Week’s Security Spotlight
News
Microsoft Opens Inquiry After Reports Israel Used Azure for Mass Surveillance
Andrew Doyle
August 19, 2025
News
AT&T Settlement Clears $177M for Victims Of 2019 and 2024 Data Breaches
Andrew Doyle
August 18, 2025
News
Bragg Discloses Cybersecurity Incident; Says Impact Appears Limited
Mitchell Langley
August 18, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Detection Tools
- Uncategorized
NSO Group Fined $167 Million for Pegasus Spyware Attack on WhatsApp Users
May 8, 2025
A U.S. jury has ordered NSO Group to pay over $167 million in damages for a 2019 Pegasus spyware attack that targeted 1,400 WhatsApp users. ...
PowerSchool Hacker Now Extorting Individual School Districts Using Stolen Data
May 8, 2025
The PowerSchool hacker is now targeting individual school districts, threatening to leak sensitive student and staff data stolen in the December 2024 breach.
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
May 8, 2025
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail sectors.
The Langflow Breach: How a Popular AI Tool Opened the Door to Hackers
May 7, 2025
A newly disclosed zero-day vulnerability, CVE-2025-3248, is being actively exploited in the wild—and it’s targeting Langflow, a popular open-source framework for building AI-powered applications. In ...
Mirai Reloaded: Why CVE-2024-7399 Still Haunts Samsung Servers
May 7, 2025
In this episode, we break down the active exploitation of CVE-2024-7399, a critical path traversal and arbitrary file upload vulnerability in Samsung MagicINFO 9 Server. ...
UK Retail Cyberattacks Prompt Urgent Warning from National Cyber Security Centre
May 7, 2025
The UK’s NCSC has issued a warning after recent cyberattacks disrupted major retailers including Marks & Spencer, Harrods, and Co-op, urging stronger cybersecurity readiness.
CVE-2025-31324: A Critical SAP Zero-Day in Active Exploitation
May 7, 2025
A critical zero-day vulnerability — CVE-2025-31324 — is shaking the enterprise tech world. In this episode, we dive deep into the alarming exploit targeting SAP NetWeaver ...
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
May 7, 2025
Masimo disclosed a cyberattack impacting manufacturing and logistics, coinciding with the $350M sale of its Sound United audio brands to Samsung subsidiary Harman.
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
May 7, 2025
Ransom House claims to have breached German brewing giant Oettinger, threatening to leak sensitive data if the company fails to meet its ransom demands.
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
May 7, 2025
CISA confirms active exploitation of critical Langflow RCE flaw CVE-2025-3248, urging urgent updates to prevent full server takeover through exposed API endpoints.
“Bring Your Own Installer” EDR Bypass Used in Ransomware Attack Targeting SentinelOne
May 7, 2025
A new “Bring Your Own Installer” bypass lets ransomware actors disable SentinelOne EDR protection by exploiting the agent upgrade process, leaving endpoints exposed to attack. ...
Another Day, Another Commvault Zero-Day: RCE, Path Traversal, and KEV Inclusions
May 6, 2025
In this episode, we break down the anatomy of some of the most critical vulnerabilities threatening enterprise systems in 2025 — and the real-world attacks ...
Kelly Benefits Breach: What 413,000 Exposed Records Teach Us About Cybersecurity
May 6, 2025
In this episode, we dive deep into the massive data breach at Kelly Benefits, a payroll and benefits administrator that exposed the sensitive personal data ...
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
May 6, 2025
Explore six critical Supply Chain Cybersecurity Risks in 2025—from AI-driven cyberattacks and IoT vulnerabilities to quantum computing and geopolitical threats shaping logistics.
$491M Budget Cut: The White House Move That Could Reshape CISA
May 6, 2025
In this episode, we unpack the rising tensions surrounding the Cybersecurity and Infrastructure Security Agency (CISA) as it faces proposed budget cuts, looming layoffs, and ...
Rhysida Ransomware Gang Claims Cyberattack on Peruvian Government Systems
May 6, 2025
Rhysida ransomware group has claimed responsibility for a cyberattack on Peru’s government systems, demanding payment for stolen data while officials deny any breach occurred.
Anonymous Hacks GlobalX Airline Over Deportation Flights Linked to ICE and Trump-Era Policy
May 6, 2025
Anonymous defaced a GlobalX subdomain and leaked flight manifests related to ICE deportation flights of Venezuelan migrants, protesting Trump-era policies ruled unlawful by a federal ...
Trump’s Security Adviser Targeted in Messaging App Breach Linked to Signal Clone
May 6, 2025
A hacked Signal clone used by Trump’s former security adviser Mike Waltz has raised serious concerns over the safety of sensitive government communications.
New York Post X Account Hacked and Hijacked in Targeted Crypto Scam
May 6, 2025
Hackers hijacked the New York Post’s verified X account to target crypto users via direct messages, redirecting victims to a Telegram-based scam under false pretenses. ...
EU Fines TikTok €530 Million For Data Protection Failures
May 6, 2025
TikTok has been fined €530 million by EU regulators over data protection failures and may face a data transfer suspension to China unless it complies ...