Cyber Security
Endpoint Security
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
Threat actors have been exploiting a command injection vulnerability identified in out-of-support D-Link DSL router models. The flaw allows remote execution of malicious commands, compromising ...
Application Security
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
NordVPN denied allegations of a breach on its Salesforce development servers, clarifying that the accessed data was from a third-party test platform's dummy data.
Cybersecurity
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
The CISA KEV catalog now logs 1,484 vulnerabilities, after adding 24 new entries tied to ransomware exploits, signaling significant cybersecurity challenges.
Cybersecurity
Kimwolf Botnet: A New Threat to Millions of Android Devices
The Kimwolf botnet has infected more than 2 million Android devices, using residential proxy networks to evade detection. Researchers warn its tactics mirror the Aisuru ...
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Ledger informs about data breach from Global-e compromise, affecting customer information and highlighting third-party vulnerabilities.
Application Security
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Russia-aligned threat actor UAC-0184 employs Viber messaging platform, delivering malicious ZIP archives aimed at the Ukrainian military and government sectors, marking persistent intelligence activities in ...
News
Cybersecurity Operation Snares Former ShinyHunters Member
The Scattered Lapsus$ Hunters were caught in a cybersecurity sting, resulting in a subpoena for a former ShinyHunters member accused of data theft.
Data Security
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Hackers have targeted a file transfer system used by Sedgwick’s government-focused subsidiary. This breach raises concerns about the security of sensitive data managed by government ...
Cybersecurity
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
A substantial data breach at Brightspeed has been claimed by the hacking group Crimson Collective. They assert responsibility for stealing personal information from over one ...
Information Security
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
The Trump administration has lifted sanctions on three individuals linked to the Intellexa spyware consortium. This consortium is associated with the Predator surveillance tool, leading ...
Cybersecurity
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
AI agents are anticipated to become a notable insider threat by 2026, requiring firms to modify their security strategies, as a report from Palo Alto ...
News
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
In September 2025, a significant development in the realm of cyber threats emerged with the activities of a hacker group ...
Cybersecurity
Trump Orders Emcore to Divest Chip Manufacturing Assets
President Trump's recent decision mandates Emcore Corp. to divest its computer chip operation, underscoring a calculated effort to protect U.S. security interests. This article examines ...
Cybersecurity
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
The French authorities have launched an investigation into AI-generated sexually explicit deepfakes that altered images of hundreds of women and teenagers. Utilizing an AI tool ...
Application Security
Adobe ColdFusion Cyberattacks Surge During Holiday Period
GreyNoise detected a significant surge in attack attempts targeting Adobe ColdFusion vulnerabilities over Christmas 2025, revealing a coordinated effort exploiting multiple vulnerabilities in ColdFusion servers.
News
Phishing Campaign Targets Users with Google Cloud Application Exploitation
Recent phishing operations exploit Google Cloud Application Integration, sending fake Google emails that deceive users into trusting malicious messages.
News
Two US Cybersecurity Professionals Admit Guilt in Ransomware Schemes
Ryan Goldberg and Kevin Martin, two American cybersecurity professionals, have confessed to being affiliates of the notorious BlackCat/Alphv ransomware group. This revelation poses significant implications ...
News
Gavin Webb’s Role in the Takedown of LockBit Ransomware
Recognized for his exemplary public service, Gavin Webb spearheaded the strategic takedown of the notorious LockBit ransomware, marking a significant achievement in global cybersecurity efforts.
Cybersecurity
British Security Researcher Earns Australia’s Prestigious Visa for Vulnerability Discovery
British security analyst Jacob Riggs has achieved Australia's strictest, invite-only visa for exposure of a critical vulnerability in its government system.
Cybersecurity
Ongoing Cryptocurrency Thefts Linked to 2022 LastPass Breach
Blockchain investigation has revealed that recent cryptocurrency thefts are tied to the 2022 LastPass breach. Attackers laundered stolen funds through Russian exchanges, exploiting vulnerabilities exposed ...
Cybersecurity
WantToCry Ransomware Hits SMB Ports, Evades EDR Tools
Cybersecurity
Microsoft Disrupts Fox Tempest Malware-Signing Service
TOP CYBERSECURITY HEADLINES
Cybersecurity
Deleted Google API Keys Stay Active for Up to 23 Minutes
Application Security
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Cybersecurity
Texas AG Sues Meta Over WhatsApp Encryption Claims
This Week’s Security Spotlight
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Application Security
Anthropic Silently Fixed Claude Code Null-Byte Sandbox Escape
Application Security
CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Kimwolf Botnet: A New Threat to Millions of Android Devices
The Kimwolf botnet has infected more than 2 million Android devices, using residential proxy networks to evade detection. Researchers warn its tactics mirror the Aisuru ...
Ledger Breach Due to Global-e Attack Compromises Customer Data
Ledger informs about data breach from Global-e compromise, affecting customer information and highlighting third-party vulnerabilities.
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Russia-aligned threat actor UAC-0184 employs Viber messaging platform, delivering malicious ZIP archives aimed at the Ukrainian military and government sectors, marking persistent intelligence activities in ...
Cybersecurity Operation Snares Former ShinyHunters Member
The Scattered Lapsus$ Hunters were caught in a cybersecurity sting, resulting in a subpoena for a former ShinyHunters member accused of data theft.
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Hackers have targeted a file transfer system used by Sedgwick’s government-focused subsidiary. This breach raises concerns about the security of sensitive data managed by government ...
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
A substantial data breach at Brightspeed has been claimed by the hacking group Crimson Collective. They assert responsibility for stealing personal information from over one ...
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
The Trump administration has lifted sanctions on three individuals linked to the Intellexa spyware consortium. This consortium is associated with the Predator surveillance tool, leading ...
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
AI agents are anticipated to become a notable insider threat by 2026, requiring firms to modify their security strategies, as a report from Palo Alto ...
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
In September 2025, a significant development in the realm of cyber threats emerged with the activities of a hacker group known as the “ShinyHunters” or ...
Trump Orders Emcore to Divest Chip Manufacturing Assets
President Trump's recent decision mandates Emcore Corp. to divest its computer chip operation, underscoring a calculated effort to protect U.S. security interests. This article examines ...
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
The French authorities have launched an investigation into AI-generated sexually explicit deepfakes that altered images of hundreds of women and teenagers. Utilizing an AI tool ...
Adobe ColdFusion Cyberattacks Surge During Holiday Period
GreyNoise detected a significant surge in attack attempts targeting Adobe ColdFusion vulnerabilities over Christmas 2025, revealing a coordinated effort exploiting multiple vulnerabilities in ColdFusion servers.
Phishing Campaign Targets Users with Google Cloud Application Exploitation
Recent phishing operations exploit Google Cloud Application Integration, sending fake Google emails that deceive users into trusting malicious messages.
Two US Cybersecurity Professionals Admit Guilt in Ransomware Schemes
Ryan Goldberg and Kevin Martin, two American cybersecurity professionals, have confessed to being affiliates of the notorious BlackCat/Alphv ransomware group. This revelation poses significant implications ...
Gavin Webb’s Role in the Takedown of LockBit Ransomware
Recognized for his exemplary public service, Gavin Webb spearheaded the strategic takedown of the notorious LockBit ransomware, marking a significant achievement in global cybersecurity efforts.
British Security Researcher Earns Australia’s Prestigious Visa for Vulnerability Discovery
British security analyst Jacob Riggs has achieved Australia's strictest, invite-only visa for exposure of a critical vulnerability in its government system.
Ongoing Cryptocurrency Thefts Linked to 2022 LastPass Breach
Blockchain investigation has revealed that recent cryptocurrency thefts are tied to the 2022 LastPass breach. Attackers laundered stolen funds through Russian exchanges, exploiting vulnerabilities exposed ...
Pickett and Associates Data Breach: Hacker Demands Bitcoin
A cybercriminal is selling stolen data from Pickett and Associates, impacting major utilities like Tampa Electric, Duke Energy, and American Electric Power.
Netflix Documentary Could Explore Crypto Crime: Part 2 Potential
Ilya Lichtenstein, linked to the 2016 Bitfinex bitcoin heist, has recently been released from prison after serving 14 months. Rumors suggest a Netflix documentary might ...
Covenant Health Ransomware Breach Impacts 478,000 Individuals Across Multiple States
In May 2025, a ransomware attack by the Qilin group on Covenant Health compromised sensitive data of over 478,000 individuals at the healthcare organization located ...