Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
South Korea’s Telecom Giants Grapple With Cyber Breaches and Executive Shakeups
Cybersecurity
South Korea’s Telecom Giants Grapple With Cyber Breaches and Executive Shakeups
Mitchell Langley November 3, 2025
South Korea’s telecom giants SK Telecom, KT, and LG Uplus are facing severe cyberattacks, financial losses, and leadership shakeups, exposing systemic weaknesses in national telecom ...
Proton Warns of 300 Million Stolen Credentials Fueling Global Data Breach Crisis
Data Security
Proton Warns of 300 Million Stolen Credentials Fueling Global Data Breach Crisis
Gabby Lee November 3, 2025
Proton’s Data Breach Observatory uncovered 300 million stolen credentials circulating on the dark web, exposing corporations and individuals worldwide to identity theft and financial fraud ...
Conti Ransomware Associate Oleksii Lytvynenko Charged After U.S. Extradition
News
Conti Ransomware Associate Oleksii Lytvynenko Charged After U.S. Extradition
Andrew Doyle November 2, 2025
Ukrainian national Oleksii Lytvynenko has been extradited to the U.S. to face charges for aiding the Conti ransomware group, marking a major milestone in cross-border ...
University of Pennsylvania Data Breach Exposes 1.2 Million Donor Records
Data Security
University of Pennsylvania Data Breach Exposes 1.2 Million Donor Records
Andrew Doyle November 2, 2025
A data breach at the University of Pennsylvania has reportedly exposed the personal information of 1.2 million donors after a hacker—who began by emailing “we ...
Open VSX Access Tokens Leaked, Allowing Malicious Extensions in Supply Chain Threat
Application Security
Open VSX Access Tokens Leaked, Allowing Malicious Extensions in Supply Chain Threat
Mitchell Langley November 2, 2025
A credential leak in the Open VSX registry allowed attackers to publish malicious VS Code extensions, exposing a major supply chain risk. Swift token revocation ...
Australia Issues Urgent Warning as Cisco IOS XE Exploit Sees Ongoing Attacks
CVE Vulnerability Alerts
Australia Issues Urgent Warning as Cisco IOS XE Exploit Sees Ongoing Attacks
Gabby Lee November 2, 2025
Australian authorities have issued an urgent warning over active exploitation of CVE-2023-20198, a critical Cisco IOS XE flaw used to deploy the persistent “BadCandy” webshell. ...
Bronze Butler Exploited Zero-Day in Motex Lanscope to Deploy Gokcpdoor Malware
Application Security
Bronze Butler Exploited Zero-Day in Motex Lanscope to Deploy Gokcpdoor Malware
Mitchell Langley November 2, 2025
China-linked APT group Bronze Butler exploited a zero-day flaw in Motex Lanscope Endpoint Manager to deploy an upgraded Gokcpdoor malware variant in targeted Japanese organizations. ...
Google’s AI-Powered Search Signals the Return of Ads What it Means for Security and Strategy
Application Security
Google’s AI-Powered Search Signals the Return of Ads: What it Means for Security and Strategy
Gabby Lee November 2, 2025
Google is integrating advertising into its AI-powered Search Generative Experience (SGE), embedding sponsored results directly within AI summaries and answer boxes. The move redefines ad ...
China-Linked UNC6384 Exploits Windows Zero-Day to Target EU Diplomats
News
China-Linked UNC6384 Exploits Windows Zero-Day to Target EU Diplomats
Andrew Doyle November 2, 2025
China-linked APT group UNC6384 has launched a cyberespionage campaign exploiting a Windows zero-day flaw to infiltrate European diplomatic networks. Researchers say the operation, uncovered by ...
Reputation.com Data Leak Exposes 120 Million Internal Logs Containing Customer Session Data
Cybersecurity
Reputation.com Data Leak Exposes 120 Million Internal Logs Containing Customer Session Data
Andrew Doyle October 31, 2025
A misconfigured server at Reputation.com exposed 120 million internal logs containing session cookies and backend data, potentially allowing attackers to hijack customer social media accounts.
Hackers Claim Breach of Viz Media Executive Account, Exfiltrating 250GB of Corporate Data
Cybersecurity
Hackers Claim Breach of Viz Media Executive Account, Exfiltrating 250GB of Corporate Data
Mitchell Langley October 31, 2025
Hackers claim to have breached Viz Media’s vice president’s Google Drive, stealing 250GB of corporate data, credentials, and licensing documents now being sold on dark ...
Russian Police Arrest Teenagers Behind Meduza Infostealer Operation
Cybersecurity
Russian Police Arrest Teenagers Behind Meduza Infostealer Operation
Andrew Doyle October 31, 2025
Russian police arrested three teenagers behind the Meduza Infostealer operation, exposing a teenage-run malware service that stole credentials and state data across multiple systems.
CISA and NSA Issue Joint Guidance to Secure Microsoft Exchange Servers
Application Security
CISA and NSA Issue Joint Guidance to Secure Microsoft Exchange Servers
Gabby Lee October 31, 2025
CISA and NSA have issued new guidance to secure Microsoft Exchange servers, urging organizations to minimize exposure, disable legacy protocols, and adopt Zero Trust to ...
Former L3Harris Executive Admits to Selling Classified Cybersecurity Data to Russian Exploit Dealer
Cybersecurity
Former L3Harris Executive Admits to Selling Classified Cybersecurity Data to Russian Exploit Dealer
Andrew Doyle October 31, 2025
A former L3Harris executive pleaded guilty to leaking U.S. cyber exploit intelligence to a Russian broker. The insider threat case exposes severe national security and ...
WhatsApp Enhances Security With Passkey-Enforced Encrypted Chat Backups
Application Security
WhatsApp Enhances Security With Passkey-Enforced Encrypted Chat Backups
Mitchell Langley October 31, 2025
WhatsApp is rolling out passkey-encrypted backups for Android and iOS, securing chat history in the cloud with biometric or screen-lock authentication to enhance end-to-end encryption.
Critical “Brash” Vulnerability in Chromium’s Blink Engine Can Instantly Crash Browsers
Application Security
Critical “Brash” Vulnerability in Chromium’s Blink Engine Can Instantly Crash Browsers
Mitchell Langley October 30, 2025
A flaw in Chromium’s Blink engine, dubbed “Brash,” lets attackers crash browsers like Chrome and Edge with a single malicious URL, exposing a major denial-of-service ...
CISA Adds XWiki and Broadcom VMware Flaws to Known Exploited Vulnerabilities Catalog
CVE Vulnerability Alerts
CISA Adds XWiki and Broadcom VMware Flaws to Known Exploited Vulnerabilities Catalog
Gabby Lee October 30, 2025
CISA has added critical XWiki and VMware vulnerabilities to its Known Exploited list, confirming active attacks and urging immediate patching under federal security mandates.
OpenAI Upgrades GPT-5 to Better Handle Conversations Involving Emotional Distress
Application Security
OpenAI Upgrades GPT-5 to Better Handle Conversations Involving Emotional Distress
Mitchell Langley October 30, 2025
OpenAI’s October GPT-4 update improves how the model handles emotionally charged conversations. The upgrade enhances safety, empathy, and redirection for users expressing distress while reducing ...
Surge in NFC Relay Malware Hits Android Users Across Eastern Europe
Application Security
Surge in NFC Relay Malware Hits Android Users Across Eastern Europe
Andrew Doyle October 30, 2025
Over 760 malicious Android apps are exploiting NFC tap-to-pay features to steal payment credentials in real time. The surge in NFC relay malware highlights rising ...
Conduent Discloses Data Breach Impacting 10.5 Million Individuals
Application Security
Conduent Discloses Data Breach Impacting 10.5 Million Individuals
Mitchell Langley October 30, 2025
A data breach at Conduent has exposed personal and medical information of over 10.5 million people through the MOVEit vulnerability, underscoring the massive risks of ...
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
FTC Warns Tech Giants: Don’t Weaken Encryption for Foreign Governments
August 27, 2025
Podcasts
Invisible Prompts: How Image Scaling Attacks Break AI Security
August 27, 2025
Podcasts
Healthcare Services Group Breach Exposes 624,000 Individuals’ Sensitive Data
August 27, 2025

Cyber Security News

Mustang Panda’s Novel Kernel-Mode Rootkit Used in Mid-2025 Cyber Attack Analysis
Application Security
Mustang Panda’s Novel Kernel-Mode Rootkit Used in Mid-2025 Cyber Attack Analysis
December 31, 2025
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
Cybersecurity
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
December 29, 2025
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
CVE Vulnerability Alerts
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
December 29, 2025
Ransomware Attack Disrupts Operations at Romania's Oltenia Energy Complex During Christmas
Cybersecurity
Ransomware Attack Disrupts Operations at Romania’s Oltenia Energy Complex During Christmas
December 29, 2025
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
Cybersecurity
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
December 29, 2025
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Data Security
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
December 29, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Conti Ransomware Associate Oleksii Lytvynenko Charged After U.S. Extradition
November 2, 2025
Ukrainian national Oleksii Lytvynenko has been extradited to the U.S. to face charges for aiding the Conti ransomware group, marking a major milestone in cross-border ...
University of Pennsylvania Data Breach Exposes 1.2 Million Donor Records
November 2, 2025
A data breach at the University of Pennsylvania has reportedly exposed the personal information of 1.2 million donors after a hacker—who began by emailing “we ...
Open VSX Access Tokens Leaked, Allowing Malicious Extensions in Supply Chain Threat
November 2, 2025
A credential leak in the Open VSX registry allowed attackers to publish malicious VS Code extensions, exposing a major supply chain risk. Swift token revocation ...
Australia Issues Urgent Warning as Cisco IOS XE Exploit Sees Ongoing Attacks
November 2, 2025
Australian authorities have issued an urgent warning over active exploitation of CVE-2023-20198, a critical Cisco IOS XE flaw used to deploy the persistent “BadCandy” webshell. ...
Bronze Butler Exploited Zero-Day in Motex Lanscope to Deploy Gokcpdoor Malware
November 2, 2025
China-linked APT group Bronze Butler exploited a zero-day flaw in Motex Lanscope Endpoint Manager to deploy an upgraded Gokcpdoor malware variant in targeted Japanese organizations. ...
Google’s AI-Powered Search Signals the Return of Ads: What it Means for Security and Strategy
November 2, 2025
Google is integrating advertising into its AI-powered Search Generative Experience (SGE), embedding sponsored results directly within AI summaries and answer boxes. The move redefines ad ...
China-Linked UNC6384 Exploits Windows Zero-Day to Target EU Diplomats
November 2, 2025
China-linked APT group UNC6384 has launched a cyberespionage campaign exploiting a Windows zero-day flaw to infiltrate European diplomatic networks. Researchers say the operation, uncovered by ...
Reputation.com Data Leak Exposes 120 Million Internal Logs Containing Customer Session Data
October 31, 2025
A misconfigured server at Reputation.com exposed 120 million internal logs containing session cookies and backend data, potentially allowing attackers to hijack customer social media accounts.
Hackers Claim Breach of Viz Media Executive Account, Exfiltrating 250GB of Corporate Data
October 31, 2025
Hackers claim to have breached Viz Media’s vice president’s Google Drive, stealing 250GB of corporate data, credentials, and licensing documents now being sold on dark ...
Russian Police Arrest Teenagers Behind Meduza Infostealer Operation
October 31, 2025
Russian police arrested three teenagers behind the Meduza Infostealer operation, exposing a teenage-run malware service that stole credentials and state data across multiple systems.
Trend Vision One Identity Security Review: Unified Identity-Centric Threat Detection and Risk Management for the Enterprise
October 31, 2025
Trend Vision One Identity Security delivers unified visibility into human and non-human identities, posture assessment and threat detection across cloud, hybrid and on-premises infrastructure for ...
CISA and NSA Issue Joint Guidance to Secure Microsoft Exchange Servers
October 31, 2025
CISA and NSA have issued new guidance to secure Microsoft Exchange servers, urging organizations to minimize exposure, disable legacy protocols, and adopt Zero Trust to ...
Former L3Harris Executive Admits to Selling Classified Cybersecurity Data to Russian Exploit Dealer
October 31, 2025
A former L3Harris executive pleaded guilty to leaking U.S. cyber exploit intelligence to a Russian broker. The insider threat case exposes severe national security and ...
WhatsApp Enhances Security With Passkey-Enforced Encrypted Chat Backups
October 31, 2025
WhatsApp is rolling out passkey-encrypted backups for Android and iOS, securing chat history in the cloud with biometric or screen-lock authentication to enhance end-to-end encryption.
Critical “Brash” Vulnerability in Chromium’s Blink Engine Can Instantly Crash Browsers
October 30, 2025
A flaw in Chromium’s Blink engine, dubbed “Brash,” lets attackers crash browsers like Chrome and Edge with a single malicious URL, exposing a major denial-of-service ...
CISA Adds XWiki and Broadcom VMware Flaws to Known Exploited Vulnerabilities Catalog
October 30, 2025
CISA has added critical XWiki and VMware vulnerabilities to its Known Exploited list, confirming active attacks and urging immediate patching under federal security mandates.
OpenAI Upgrades GPT-5 to Better Handle Conversations Involving Emotional Distress
October 30, 2025
OpenAI’s October GPT-4 update improves how the model handles emotionally charged conversations. The upgrade enhances safety, empathy, and redirection for users expressing distress while reducing ...
Surge in NFC Relay Malware Hits Android Users Across Eastern Europe
October 30, 2025
Over 760 malicious Android apps are exploiting NFC tap-to-pay features to steal payment credentials in real time. The surge in NFC relay malware highlights rising ...
Conduent Discloses Data Breach Impacting 10.5 Million Individuals
October 30, 2025
A data breach at Conduent has exposed personal and medical information of over 10.5 million people through the MOVEit vulnerability, underscoring the massive risks of ...
Proton Launches Dark Web Data Breach Observatory to Expose Hidden Cyber Threats
October 30, 2025
Proton launched its Data Breach Observatory to detect and report dark web data exposures, providing real-time alerts and insights to help organizations prevent and mitigate ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited