Cyber Security
News
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
Scattered Spider may have pivoted from retail to insurance, with Erie Indemnity likely its first U.S. victim. Experts urge insurers to prepare for advanced phishing ...
News
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
EDRi is calling for a full ban on spyware in the EU, warning that unchecked surveillance software threatens human rights, democratic institutions, and cybersecurity.
News
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
Several Washington Post journalists’ Microsoft email accounts were compromised in a cyberattack believed to be the work of a foreign government targeting national security reporting. ...
News
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
Cybercriminals are now targeting the U.S. insurance sector with Scattered Spider-style tactics—experts warn of imminent threats involving phishing, SIM swapping, and MFA abuse.
News
Zoomcar Confirms Data Breach Impacting 8.4 Million Users Following Threat Actor Alert
Zoomcar has confirmed a cybersecurity breach affecting 8.4 million users, exposing names, contact details, and vehicle data—but not financial information or passwords.
News
Hackers Claim Breach of Scania’s Corporate Insurance Arm, 34,000 Files Allegedly Stolen
Hackers claim to have breached Scania’s corporate insurance arm, stealing 34,000 internal files. The targeted platform remains offline, citing maintenance.
News
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
A ransomware attack forced Germany’s century-old napkin manufacturer Fasana into insolvency, halting production, delaying salaries, and causing losses over €2 million in two weeks.
Cybersecurity
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
Hackers have claimed to leak a database containing 64 million records linked to T-Mobile, one of the largest mobile carriers ...
News
Debt Collection Breach at CCC Exposes Data of Over 9 Million Americans
A cyberattack on Credit Control Corporation exposed data of 9.1 million Americans, including personal and financial records. Attackers may exploit the information for targeted scams. ...
News
Yes24 Ransomware Attack Disrupts South Korea’s Entertainment Industry, Exposes Millions to Risk
A ransomware attack on Yes24, South Korea’s leading ticket platform, brought services to a halt, disrupted major K-pop events, and triggered fears over customer data ...
News
Cyberattack Disrupts WestJet Internal Systems, Airline Investigating with Authorities
A cyberattack on Canada’s second-largest airline, WestJet, disrupted internal systems and app access, prompting an ongoing investigation involving law enforcement and transport authorities.
News
Over 46,000 Grafana Instances Still Vulnerable to ‘Grafana Ghost’ Account Takeover Bug
A critical vulnerability in Grafana leaves over 46,000 internet-facing instances exposed to account hijacking and JavaScript injection through malicious plugin redirects.
News
Victoria’s Secret Restores Critical Systems Following Cyberattack That Delayed Q1 Earnings
Victoria’s Secret confirms full restoration of core systems after a May cyberattack disrupted corporate operations and forced a delay in the company’s Q1 earnings release. ...
News
Graphite Spyware Used in Zero-Click iOS Attacks on European Journalists
Citizen Lab confirms Paragon’s Graphite spyware exploited an iOS zero-day to launch zero-click attacks on European journalists through iMessage without any user interaction.
News
Password-Spraying Campaign Hits Over 80,000 Microsoft Entra ID Accounts with TeamFiltration Tool
Threat actor UNK_SneakyStrike used TeamFiltration to launch password-spraying attacks on over 80,000 Microsoft Entra ID accounts across hundreds of global organizations.
News
Hackers Claim 64 Million T-Mobile Records Leaked Online
Hackers claim to have leaked 64 million T-Mobile records online, including sensitive personal and device data. The breach may contain new data unseen in past ...
News
Qilin Ransomware Claims Asefa Attack: 210GB of Data Leaked Including FC Barcelona Insurance Files
Qilin ransomware group claims to have stolen 210GB of sensitive data from Spanish insurer Asefa, including internal documents and a Camp Nou insurance plan.
News
Spyware Scandal Expands as Second Italian Journalist Targeted with Paragon Surveillance Tool
Citizen Lab confirms Paragon spyware targeted a second journalist at Fanpage, deepening Italy’s political surveillance controversy and raising new concerns over investigative oversight.
Application Security
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
Scattered Spider service desk attacks exploit social engineering to bypass security, targeting help desks for credential access. Learn defense strategies using open-source tools and training. ...
News
Food Delivery App GonnaOrder Leaked Customer Names, Addresses, and Order Info for Nearly Two Years
A misconfigured Kafka Broker on GonnaOrder’s platform exposed customer names, phone numbers, and delivery details across Europe from August 2022 to May 2025.
TOP CYBERSECURITY HEADLINES
This Week’s Security Spotlight
Application Security
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Auto-Color Linux Malware Exploits SAP Zero-Day CVE-2025-31324
In this episode, we uncover the Auto-Color Linux malware, a stealthy and highly persistent Remote Access Trojan (RAT) that is rapidly emerging as one of ...
Inside the July 2025 PyPI Phishing Scam: How Hackers Stole Developer Credentials
In this episode, we investigate the growing cybersecurity storm targeting the Python Package Index (PyPI) — the backbone of Python’s software distribution ecosystem. A recent ...
IoT Security Crisis: Dahua Smart Camera Vulnerabilities Expose Surveillance Systems
In this episode, we examine the alarming discovery of critical security vulnerabilities in Dahua smart cameras, one of the world’s most widely deployed surveillance systems. ...
Dropzone AI Secures $37M to Tackle Alert Fatigue with Autonomous SOC Analysts
In this episode, we dive into Dropzone AI’s landmark $37 million Series B funding round, bringing the company’s total raised to over $57 million. Backed ...
Axonius Buys Cynerio for $100M+: Closing Healthcare’s Biggest Cybersecurity Blind Spot
In this episode, we explore Axonius’s landmark acquisition of Cynerio, a healthcare cybersecurity company specializing in protecting vulnerable medical devices like MRI machines, infusion pumps, ...
Hackers Exploit SAP NetWeaver Flaw to Deploy Advanced Auto-Color Malware on U.S. Chemical Firm
Hackers exploited a critical SAP NetWeaver vulnerability to deploy Auto-Color malware on a U.S. chemicals firm, using advanced stealth and sandbox evasion techniques.
Aeroflot Flights Canceled After Hacktivist Cyberattack Cripples Airline Systems
Aeroflot’s operations were disrupted after a cyberattack claimed by Ukrainian and Belarusian hacktivists who allege wiping critical systems and exfiltrating sensitive airline data.
Scattered Spider Ransomware Group Ramps Up Sophisticated Attacks Targeting Enterprises Globally
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI and international partners, has issued an updated advisory warning organizations about the evolving ...
Cheap McDonald’s Deal Turns Into Subscription Scam: Over 10,000 Romanians Targeted via Facebook and Instagram Ads
A $2 McDonald's deal scam has duped over 10,000 Romanians into €63.42 bi-weekly subscriptions via fake ads on Instagram and Facebook, Bitdefender reports.
Orange Discloses Cyberattack, Service Disruptions in France Following Breach
French telecom giant Orange confirmed a cyberattack that disrupted services in France. The affected system was isolated; no data exfiltration has been found yet.
Critical Lenovo Firmware Flaws Expose Millions to Persistent UEFI Attacks
In this episode, we examine a critical firmware security crisis shaking Lenovo devices worldwide. Security researchers at Binarly have uncovered six serious vulnerabilities in the ...
Promptfoo Secures $18.4M to Combat AI Security Threats in Generative AI
In this episode, we dive into Promptfoo’s groundbreaking $18.4 million Series A funding round, led by Insight Partners and supported by Andreessen Horowitz, bringing the ...
1.1 Million Private Messages Leaked: Inside the Tea App Privacy Disaster
A platform designed to protect women’s safety in dating has instead become a nightmare for its users. In this episode, we uncover the catastrophic Tea ...
Job Scams, Corporate Espionage, and Digital Deception: Inside the Deepfake Crisis
Deepfake technology has evolved from a fringe novelty into one of the most serious cybersecurity and national security threats of our time. In this episode, ...
Microsoft Exposes Major macOS Flaws in Transparency, Consent, and Control
In this episode, we dive deep into Microsoft Threat Intelligence’s latest findings on two critical macOS vulnerabilities that shook Apple’s privacy defenses. The flaws, identified ...
Aeroflot in Chaos: How Hackers Crippled Russia’s Flagship Airline
On July 28, 2025, Aeroflot—Russia’s largest state-owned airline—was brought to its knees in one of the most severe cyberattacks since the country’s invasion of Ukraine ...
Lynx Ransomware: INC Ransomware Reincarnated
The Lynx ransomware group is a financially motivated threat actor operating under a Ransomware-as-a-Service (RaaS) model. Emerging as a successor to the INC ransomware group ...
How to Backup and Restore the Windows Registry
Protect your system settings from accidental changes or corruption. Learn how to safely backup and restore the Windows Registry with this easy step-by-step guide.
Google Patches Gemini CLI Vulnerability That Enabled Silent Code Execution and Data Theft
A critical flaw in Google’s Gemini CLI exposed developers to silent command execution and data theft through poisoned context files, prompting an urgent security patch. ...
NASCAR Confirms Data Breach Tied to Medusa Ransomware Gang, SSNs Exposed
NASCAR confirms a data breach exposing Social Security numbers, linked to Medusa ransomware gang. Victims are receiving breach notifications and one year of credit monitoring. ...