Main Menu
Cyber Security
React2Shell Exploit Continues to Deliver Undetected Malware Families
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
.NET Framework Vulnerability SOAPwn: Impact on Enterprise Applications
Teen Hacker Arrested in Spain for Major Data Breach Scheme
Satellite Signal Interruption Causes Porsche Immobilization in Russia
Ivanti Urges Immediate Patch for Endpoint Manager Vulnerability
Prime Security Secures $20 Million to Advance AI-Powered Security Tools
Microsoft Appoints New Operating CISOs to Enhance AI-Driven Cyberdefense
Fortinet Releases Fixes for Critical Vulnerabilities Affecting FortiOS and Other Products
Adobe’s Comprehensive Security Update Targets Massive Vulnerabilities Array
Microsoft Enhances PowerShell Security With Script Warning Functionality
Microsoft Patches Critical Zero-Day Vulnerability in Windows
Google Introduces Layered Defenses in Chrome to Combat Prompt Injection Vulnerabilities
Microsoft Works to Mitigate Copilot Access Issues in Europe
Equixly Secures $11 Million Investment to Enhance API Penetration Testing Capabilities
Proofpoint Completes Acquisition of Hornetsecurity: A Strategic Move in Cybersecurity
Storm-0249 Exploits EDR and Windows Tools for Ransomware Prep
Mirai-based Broadside Botnet Exploits TBK Vision DVRs in Maritime Sector
Identity Security Firm Saviynt Secures $700 Million in Funding Amid Booming Security Market
EtherRAT Malware Implant Utilizes Linux Persistence Mechanisms in React2Shell Attack
OpenAI Responds to ChatGPT Plus Subscription Controversy Over Ads
Portugal Establishes Legal Safe Harbor for Ethical Hackers
Clickjacking Tactics Exploit SVG and CSS: Understanding the New Threat
IDEsaster: Uncovering Security Flaws in AI-Powered IDEs
FBI Warns of Social Media Images Exploited for Virtual Kidnapping Scams
GlobalProtect Logins and SonicWall APIs Come Under Fire from Hacking Campaign
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
India Reverses Decision on Mandating Preinstalled Cybersecurity App on Smartphones
Virginia Brothers Face Conspiracy Charges Over Alleged Data Theft and Database Destruction
Technical Glitch Briefly Erases Sections of U.S. Constitution from Congress.gov, Restored Quickly
News
Technical Glitch Briefly Erases Sections of U.S. Constitution from Congress.gov, Restored Quickly
Andrew Doyle August 8, 2025
Critical sections of the Constitution briefly vanished from Congress.gov due to a software glitch; the Library of Congress restored them within hours and is implementing ...
Air France and KLM Confirm Third-Party Data Breach Impacting Customer Information
News
Air France and KLM Confirm Third-Party Data Breach Impacting Customer Information
Andrew Doyle August 7, 2025
Air France and KLM have confirmed a data breach via a third-party vendor, exposing personal information of loyalty members and airline customers to potential cyber ...
Akira Ransomware Disables Microsoft Defender Using Intel Driver Exploit in New Wave of Attacks
News
Akira Ransomware Disables Microsoft Defender Using Intel Driver Exploit in New Wave of Attacks
Mitchell Langley August 7, 2025
Akira ransomware disables Microsoft Defender using Intel’s driver in BYOVD attacks. Researchers warn of new techniques, SonicWall VPN exploits, and trojanized IT tool installers.
MagentaTV Data Leak Exposes Over 324 Million Logs Linked to Deutsche Telekom’s Streaming Platform
News
MagentaTV Data Leak Exposes Over 324 Million Logs Linked to Deutsche Telekom’s Streaming Platform
Andrew Doyle August 7, 2025
A data leak tied to Deutsche Telekom’s MagentaTV platform exposed over 324 million logs, including user IPs, MAC addresses, and session details.
Meta Blocks 6.8 Million WhatsApp Accounts Amid Rising Scam Group Abuse
News
Meta Blocks 6.8 Million WhatsApp Accounts Amid Rising Scam Group Abuse
Mitchell Langley August 7, 2025
Meta has blocked 6.8 million WhatsApp accounts tied to scam operations, rolling out new security features to prevent abuse of group invites and direct messaging. ...
Google Confirms Data Breach as Part of Ongoing Salesforce CRM Attacks by ShinyHunters
News
Google Confirms Data Breach as Part of Ongoing Salesforce CRM Attacks by ShinyHunters
Andrew Doyle August 7, 2025
Google confirms a Salesforce data breach linked to ShinyHunters, who are targeting enterprise CRM systems in a widespread extortion campaign affecting major global brands.
Cisco Reports Data Breach Following Vishing Attack on Employee
News
Cisco Reports Data Breach Following Vishing Attack on Employee
Andrew Doyle August 7, 2025
Cisco disclosed a data breach impacting Cisco.com user accounts after a vishing attack on an employee, exposing basic user details but no passwords or sensitive ...
Rhysida Ransomware Group Claims Attack on Cookeville Regional Medical Center
News
Rhysida Ransomware Group Claims Attack on Cookeville Regional Medical Center
Andrew Doyle August 6, 2025
Rhysida ransomware gang has claimed the attack on Cookeville Regional Medical Center, threatening to leak sensitive patient and financial data unless the hospital pays a ...
Pandora Confirms Data Breach Linked to Salesforce Credential Theft Campaign
News
Pandora Confirms Data Breach Linked to Salesforce Credential Theft Campaign
Mitchell Langley August 6, 2025
Pandora confirms a data breach linked to Salesforce credential theft campaigns, exposing customer data while attackers continue to target global enterprises through phishing and OAuth ...
PBS Confirms Data Breach After Employee Information Circulates on Discord
News
PBS Confirms Data Breach After Employee Information Circulates on Discord
Andrew Doyle August 6, 2025
PBS confirmed a data breach after corporate contact details for nearly 4,000 employees were leaked and shared on Discord communities, raising concerns over unauthorized exposure ...
New Linux Backdoor “Plague” Evades Detection for Months
News
New Linux Backdoor “Plague” Evades Detection for Months
Mitchell Langley August 6, 2025
A stealthy Linux backdoor named Plague has evaded antivirus detection for months, exploiting PAM authentication modules to provide attackers with persistent SSH access and near-total ...
APT28 / Fancy Bear: Russian State Sponsored APT
Threat Actors
APT28 / Fancy Bear: Russian State Sponsored APT
Gabby Lee August 6, 2025
APT28, aka Fancy Bear, a Russian GRU-linked group, conducts sophisticated espionage and information theft campaigns globally, targeting governments and critical infrastructure.
CurXecute Prompt-Injection Flaw in Cursor IDE Enables Remote Code Execution
News
CurXecute Prompt-Injection Flaw in Cursor IDE Enables Remote Code Execution
Mitchell Langley August 5, 2025
Cursor IDE’s CurXecute flaw lets malicious prompts escalate to remote code execution; Pi-hole donor emails leaked via GiveWP plugin misconfiguration. Patches released.
Chanel Confirms US Customer Data Breach Linked to Salesforce Social Engineering Attacks
News
Chanel Confirms US Customer Data Breach Linked to Salesforce Social Engineering Attacks
Andrew Doyle August 5, 2025
Chanel confirms a U.S.-based data breach from Salesforce social engineering attacks, exposing contact details amid a broader extortion campaign targeting global enterprise brands.
Palo Alto Networks to Acquire CyberArk in $25 Billion Deal to Strengthen Identity Security
News
Palo Alto Networks to Acquire CyberArk in $25 Billion Deal to Strengthen Identity Security
Mitchell Langley August 5, 2025
Palo Alto Networks will acquire CyberArk for $25 billion to combine AI-powered security with identity and privilege controls, targeting evolving enterprise threats.
FraudOnTok
News
FraudOnTok Malware Campaign Targets TikTok Shop Users Through Fake Apps and Phishing Tactics
Mitchell Langley August 5, 2025
CTM360 exposes the FraudOnTok campaign targeting TikTok Shop users through fake apps and phishing, using SparkKitty spyware to steal crypto wallet data and drain funds. ...
Ransomware Gangs Exploit Microsoft SharePoint Flaws in Widespread Attack Campaign
News
Ransomware Gangs Exploit Microsoft SharePoint Flaws in Widespread Attack Campaign
Mitchell Langley August 5, 2025
Ransomware groups are exploiting Microsoft SharePoint flaws in a global attack campaign, affecting over 148 organizations and linking to Chinese state-backed threat actors.
348,000 Patients Impacted in Mt. Baker Imaging Data Breach
News
348,000 Patients Impacted in Mt. Baker Imaging Data Breach
Andrew Doyle August 5, 2025
A cyberattack on Mt. Baker Imaging exposed sensitive data for 348,000 Washington patients, including medical and financial records, triggering a class action lawsuit.
Attackers Abuse Link-Wrapping Services to Steal Microsoft 365 Credentials
News
Attackers Abuse Link-Wrapping Services to Steal Microsoft 365 Credentials
Mitchell Langley August 5, 2025
Attackers hijack Proofpoint and Intermedia link-wrapping to hide Microsoft 365 phishing pages, using compromised protected accounts to harvest login credentials.
Akira Ransomware Surges on SonicWall Devices Using Zero-Day and Credential Abuse
News
Akira Ransomware Surges on SonicWall Devices Using Zero-Day and Credential Abuse
Andrew Doyle August 5, 2025
A sharp uptick in Akira ransomware activity is exploiting SonicWall remote access infrastructure, potentially via an unpatched zero-day. Akira Ransomware ...
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
Application Security
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
Andrew Doyle December 11, 2025
Docker Hub Data Exposure Puts Thousands of Containers at Risk
Data Security
Docker Hub Data Exposure Puts Thousands of Containers at Risk
Mitchell Langley December 11, 2025
React2Shell Exploit Continues to Deliver Undetected Malware Families
Cybersecurity
React2Shell Exploit Continues to Deliver Undetected Malware Families
Mitchell Langley December 11, 2025
Storm-0249 Exploits EDR and Windows Tools for Ransomware Prep
Application Security
Storm-0249 Exploits EDR and Windows Tools for Ransomware Prep
Mitchell Langley December 11, 2025

TOP CYBERSECURITY HEADLINES

Docker Hub Data Exposure Puts Thousands of Containers at Risk
Data Security
Docker Hub Data Exposure Puts Thousands of Containers at Risk
React2Shell Exploit Continues to Deliver Undetected Malware Families
Cybersecurity
React2Shell Exploit Continues to Deliver Undetected Malware Families
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Application Security
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
Application Security
Microsoft Faces Criticism Over Unresolved .NET Vulnerability

This Week’s Security Spotlight

Why Insuring Keith Richards' Fingers Highlights Risk Management in Cybersecurity
Cybersecurity
Why Insuring Keith Richards’ Fingers Highlights Risk Management in Cybersecurity
Andrew Doyle December 11, 2025
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
Endpoint Security
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
Mitchell Langley December 8, 2025
Russian Internet Authority Blocks Roblox Over Content Concerns
Cybersecurity
Russian Internet Authority Blocks Roblox Over Content Concerns
Mitchell Langley December 5, 2025
React Server Components' Security Flaw Risks Unauthenticated Remote Code Execution
CVE Vulnerability Alerts
React Server Components’ Security Flaw Risks Unauthenticated Remote Code Execution
Andrew Doyle December 5, 2025
More In News
Trending
Sneaky2FA Phishing Kit Adds Browser-in-the-Browser Tool for Stealthier MFA Attacks
AI-Powered Phishing Campaigns Mimic Enterprise Marketing Operations
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Data I/O Ransomware Attack: Supply Chain Cybersecurity in Crisis
August 26, 2025
Podcasts
BianLian Ransomware Strikes Aspire Rural Health: 138,000 Patients Exposed
August 26, 2025
Podcasts
OneFlip: How a Single Bit-Flip Can Hack AI Models
August 26, 2025

Cyber Security News

Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
Application Security
Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
November 6, 2025
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Cybersecurity
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
November 6, 2025
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
Cybersecurity
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
November 6, 2025
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
Cybersecurity
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
November 6, 2025
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
Cybersecurity
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
November 6, 2025
Cybersecurity
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
November 6, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
APT36 Hackers Abuse Linux to Deliver Malware in Espionage Attacks
August 28, 2025
APT36 (Transparent Tribe) is exploiting Linux .desktop files in a new espionage campaign against Indian defense and government targets. Disguised as PDFs, these droppers fetch ...
Silk Typhoon’s Fake Adobe Update: How China-Backed Hackers Target Diplomats
August 27, 2025
A new and highly sophisticated cyber espionage campaign attributed to Silk Typhoon—also known as Mustang Panda, TEMP.Hex, or UNC6384—has been uncovered, targeting diplomats and government ...
FTC Warns Tech Giants: Don’t Weaken Encryption for Foreign Governments
August 27, 2025
The fight over encryption has entered a new phase. The Federal Trade Commission (FTC), led by Chairman Andrew Ferguson, has issued a strong warning to ...
Invisible Prompts: How Image Scaling Attacks Break AI Security
August 27, 2025
Researchers have uncovered a new form of indirect prompt injection that leverages a simple but powerful trick: image scaling. This novel attack involves hiding malicious ...
Google to Verify Android Developers: A New Era in App Security Emerges
August 27, 2025
Google is rolling out its Developer Verification program, requiring all Android developers—inside and outside the Play Store—to verify their identity by 2027. The policy aims ...
Healthcare Services Group Breach Exposes 624,000 Individuals’ Sensitive Data
August 27, 2025
The healthcare sector has been rocked yet again by a massive cybersecurity incident. Healthcare Services Group (HCSG), a provider of dining and laundry services to ...
Okta Raises Annual Forecasts Amid Surging Demand for Cybersecurity Tools
August 27, 2025
Okta has lifted its fiscal 2026 revenue forecast after reporting strong Q2 results, driven by soaring demand for identity verification tools. As AI-powered impersonation attacks ...
Auchan Data Breach: Hundreds of Thousands of Loyalty Accounts Compromised
August 27, 2025
French retail giant Auchan has confirmed a massive data breach that compromised the personal details of hundreds of thousands of customers. The stolen data includes ...
Docker Desktop Vulnerability: Why Containers Aren’t as Safe as You Think
August 26, 2025
A critical vulnerability in Docker Desktop, CVE-2025-9074, has shaken the container security world. Scoring 9.3 on the CVSS scale, this flaw exposed an unauthenticated Docker ...
Arch Linux Website, Forums, and AUR Targeted in Sustained Cyber Assault
August 26, 2025
The Arch Linux community has just endured more than a week of turbulence as a massive distributed denial-of-service (DDoS) attack disrupted its most critical services, ...
Data I/O Ransomware Attack: Supply Chain Cybersecurity in Crisis
August 26, 2025
Cyberattacks against supply chains are no longer isolated disruptions—they are systemic threats with the power to cascade across industries and nations. The recent ransomware attack ...
BianLian Ransomware Strikes Aspire Rural Health: 138,000 Patients Exposed
August 26, 2025
The U.S. healthcare sector continues to face relentless cyberattacks, and rural hospitals are increasingly at the center of this crisis. The recent Aspire Rural Health ...
OneFlip: How a Single Bit-Flip Can Hack AI Models
August 26, 2025
Artificial Intelligence (AI) models are shaping the future of industries from healthcare and finance to autonomous vehicles and national infrastructure. But with this rise comes ...
The Dual Role of AI in Cybersecurity: Weapon and Shield
August 26, 2025
AI hacking has moved from speculation to reality, enabling deepfake phishing, automated malware, and large-scale social engineering. While defenders deploy AI for detection and response, ...
FraudGPT, WormGPT, and Dark AI Models Fuel Surge in Cybercrime
August 26, 2025
Malicious AI models like FraudGPT, WormGPT, and PoisonGPT are reshaping cybercrime, enabling scalable phishing, malware generation, and disinformation. Unlike mainstream LLMs, these blackhat tools strip ...
The Imperative for a New Cyber Defense Playbook
August 26, 2025
Traditional cybersecurity models are failing against AI-driven threats, workforce fatigue, and complex tool sprawl. From adaptive malware and deepfake phishing to poorly governed machine identities, ...
UpCrypter Phishing Campaign Exploits Fake Emails to Deliver RAT Payloads
August 26, 2025
A new phishing campaign is distributing the UpCrypter malware loader through fake voicemail and purchase order emails. Targeting industries worldwide, UpCrypter delivers multiple remote access ...
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
August 26, 2025
Senator Ron Wyden is urging an independent review of federal court cybersecurity after breaches exposed sealed case files. Citing outdated systems and weak defenses, he ...
Nevada State Offices Shut Down Amid Major Network Security Incident
August 26, 2025
Nevada’s state government was forced to suspend in-person services and shut down major websites after a large-scale network security incident on August 25, 2025. Early ...
Android Malware Masquerades as FSB Antivirus To Spy on Russian Business Executives
August 25, 2025
A fake FSB antivirus hides Android malware spying on Russian executives, logging keystrokes, streaming cameras, exfiltrating messenger data, and rotating providers for command and control.
Docker Hub Data Exposure Puts Thousands of Containers at Risk
React2Shell Exploit Continues to Deliver Undetected Malware Families
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
.NET Framework Vulnerability SOAPwn: Impact on Enterprise Applications
Teen Hacker Arrested in Spain for Major Data Breach Scheme
Satellite Signal Interruption Causes Porsche Immobilization in Russia
Ivanti Urges Immediate Patch for Endpoint Manager Vulnerability
Prime Security Secures $20 Million to Advance AI-Powered Security Tools
Microsoft Appoints New Operating CISOs to Enhance AI-Driven Cyberdefense
Fortinet Releases Fixes for Critical Vulnerabilities Affecting FortiOS and Other Products
Adobe’s Comprehensive Security Update Targets Massive Vulnerabilities Array
Microsoft Enhances PowerShell Security With Script Warning Functionality
Microsoft Patches Critical Zero-Day Vulnerability in Windows
Google Introduces Layered Defenses in Chrome to Combat Prompt Injection Vulnerabilities
Microsoft Works to Mitigate Copilot Access Issues in Europe
Equixly Secures $11 Million Investment to Enhance API Penetration Testing Capabilities
Proofpoint Completes Acquisition of Hornetsecurity: A Strategic Move in Cybersecurity
Storm-0249 Exploits EDR and Windows Tools for Ransomware Prep
Mirai-based Broadside Botnet Exploits TBK Vision DVRs in Maritime Sector