Cyber Security
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
A Justice Department document, recently disclosed, reveals that in 2017, Jeffrey Epstein was alleged to have a "personal hacker," linked to his network.
Cybersecurity
Android Malware Incident: Hugging Face Repository Misuse
Malicious actors have manipulated the Hugging Face repository to distribute a Remote Access Trojan targeting Android users. The attack involved embedding harmful code into applications ...
Application Security
Chrome Extensions Prove Malicious with Data Hijacking Tricks
Security experts have discovered Chrome extensions hijacking data and targeting OpenAI ChatGPT tokens. One identified extension, "Amazon Ads Blocker," falsely claims to remove sponsored content ...
Cybersecurity
White House Revokes Software Security Rules But Keeps Key Resources
The White House has annulled two Biden-era security memorandums, deemed burdensome, while preserving resources that provided value. This decision affects guidelines for agencies working with ...
Application Security
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
To bolster cybersecurity, Microsoft announced plans to phase out the NTLM authentication protocol, which has been part of Windows for over three decades, citing vulnerabilities ...
Cybersecurity
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Aisy announces a successful $2.3 million seed funding round for its innovative AI platform dedicated to transforming vulnerability management. This stealth stage company aims to ...
Cybersecurity
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Illegal cryptocurrency transactions surged to a record $158 billion in 2025, reversing a trend of decreasing activity from $86 billion in 2021 to $64 billion ...
News
China-linked Threat Actor UAT-8099 Targets Asian IIS Servers
Cisco Talos uncovered an operation by UAT-8099 aimed at compromised Internet Information Services servers throughout Asia, focusing heavily on Thailand and Vietnam.
Cybersecurity
Legal Repercussions Mount for Cognizant After TriZetto Incident
The TriZetto data breach ignited a series of legal battles for Cognizant, its parent company. Thousands of affected Oregonians will receive data breach notifications linked ...
Cybersecurity
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
Law enforcement officials have announced the successful cessation of three massive illegal IPTV services. This law enforcement action forms part of a broader attempt to ...
Application Security
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Research identifies 175,000 exposed Ollama hosts potentially facilitating LLM misuse, with 23,000 persistently active. Highlighted by SecurityWeek, this cybersecurity risk could enable unauthorized access to ...
Cybersecurity
Google Disrupts Major Residential Proxy Network to Weaken Cybercriminals’ Shield
Google has effectively disrupted one of the largest residential proxy networks, impacting cybercriminals who mask illegal activities by mimicking legitimate residential traffic. This intervention aims ...
Cybersecurity
Match Group Confirms Data Breach Impacting Multiple Dating Platforms
Match Group, owner of dating platforms such as Tinder and OkCupid, confirmed a data breach compromising user information across its networks. This incident raises significant ...
Cybersecurity
Aisuru/Kimwolf Botnet Orchestrates Massive DDoS Attack
The Aisuru/Kimwolf botnet orchestrated a potent distributed denial of service (DDoS) attack in December 2025. The attack reached 31.4 Tbps and executed 200 million requests ...
Cybersecurity
Game Mods Conceal Infostealer Malware: A Threat to Corporate IT Systems
Seemingly innocuous game modifications can carry infostealer malware that quietly compromises identities and systems. An example is how Roblox mods could escalate PC infections into ...
Cybersecurity
Cybercriminals Exploit LLMs and MCPs in ‘Operation Bizarre Bazaar’
Cybercriminals have launched 'Operation Bizarre Bazaar,' targeting exposed Large Language Models (LLMs) and Machine Content Platforms (MCPs) with commercial intent. The operation manipulates these systems ...
Application Security
SolarWinds Web Help Desk Critical Vulnerabilities Patched
SolarWinds has released updates for six vulnerabilities in its Web Help Desk. Among these were four critical flaws enabling unauthenticated remote code execution or authentication ...
Application Security
Critical Vulnerabilities Found in n8n’s Sandbox Mechanism: Potential for Remote Code Execution
Two newly identified vulnerabilities within n8n's sandbox could allow attackers to execute remote code. Weaknesses in the AST sanitization logic are key factors.
Cybersecurity
Legal Dispute Arises Between eScan and Morphisec Over Update Server Breach
eScan and Morphisec are embroiled in a dispute following an update server incident affecting eScan customers. The contention centers on claims regarding the identification of ...
Cybersecurity
Mesh Security Secures $12 Million for CSMA Platform Innovation
Mesh Security has garnered significant investor support, securing $12 million to bolster its Cybersecurity Mesh Architecture (CSMA) platform. This investment will enhance its autonomous capabilities, ...
Application Security
Chrome 149 Patches 28 Flaws, Including 12 Use-After-Free Bugs
Cybersecurity
Kyushu Electric Loses Drive With Data on 10.9M Customers
TOP CYBERSECURITY HEADLINES
Application Security
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
Application Security
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
This Week’s Security Spotlight
Application Security
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Application Security
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
White House Revokes Software Security Rules But Keeps Key Resources
The White House has annulled two Biden-era security memorandums, deemed burdensome, while preserving resources that provided value. This decision affects guidelines for agencies working with ...
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
To bolster cybersecurity, Microsoft announced plans to phase out the NTLM authentication protocol, which has been part of Windows for over three decades, citing vulnerabilities ...
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Aisy announces a successful $2.3 million seed funding round for its innovative AI platform dedicated to transforming vulnerability management. This stealth stage company aims to ...
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Illegal cryptocurrency transactions surged to a record $158 billion in 2025, reversing a trend of decreasing activity from $86 billion in 2021 to $64 billion ...
China-linked Threat Actor UAT-8099 Targets Asian IIS Servers
Cisco Talos uncovered an operation by UAT-8099 aimed at compromised Internet Information Services servers throughout Asia, focusing heavily on Thailand and Vietnam.
Legal Repercussions Mount for Cognizant After TriZetto Incident
The TriZetto data breach ignited a series of legal battles for Cognizant, its parent company. Thousands of affected Oregonians will receive data breach notifications linked ...
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
Law enforcement officials have announced the successful cessation of three massive illegal IPTV services. This law enforcement action forms part of a broader attempt to ...
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Research identifies 175,000 exposed Ollama hosts potentially facilitating LLM misuse, with 23,000 persistently active. Highlighted by SecurityWeek, this cybersecurity risk could enable unauthorized access to ...
Google Disrupts Major Residential Proxy Network to Weaken Cybercriminals’ Shield
Google has effectively disrupted one of the largest residential proxy networks, impacting cybercriminals who mask illegal activities by mimicking legitimate residential traffic. This intervention aims ...
Game Mods Conceal Infostealer Malware: A Threat to Corporate IT Systems
Seemingly innocuous game modifications can carry infostealer malware that quietly compromises identities and systems. An example is how Roblox mods could escalate PC infections into ...
Aisuru/Kimwolf Botnet Orchestrates Massive DDoS Attack
The Aisuru/Kimwolf botnet orchestrated a potent distributed denial of service (DDoS) attack in December 2025. The attack reached 31.4 Tbps and executed 200 million requests ...
Match Group Confirms Data Breach Impacting Multiple Dating Platforms
Match Group, owner of dating platforms such as Tinder and OkCupid, confirmed a data breach compromising user information across its networks. This incident raises significant ...
Cybercriminals Exploit LLMs and MCPs in ‘Operation Bizarre Bazaar’
Cybercriminals have launched 'Operation Bizarre Bazaar,' targeting exposed Large Language Models (LLMs) and Machine Content Platforms (MCPs) with commercial intent. The operation manipulates these systems ...
Critical Vulnerabilities Found in n8n’s Sandbox Mechanism: Potential for Remote Code Execution
Two newly identified vulnerabilities within n8n's sandbox could allow attackers to execute remote code. Weaknesses in the AST sanitization logic are key factors.
SolarWinds Web Help Desk Critical Vulnerabilities Patched
SolarWinds has released updates for six vulnerabilities in its Web Help Desk. Among these were four critical flaws enabling unauthenticated remote code execution or authentication ...
Legal Dispute Arises Between eScan and Morphisec Over Update Server Breach
eScan and Morphisec are embroiled in a dispute following an update server incident affecting eScan customers. The contention centers on claims regarding the identification of ...
Mesh Security Secures $12 Million for CSMA Platform Innovation
Mesh Security has garnered significant investor support, securing $12 million to bolster its Cybersecurity Mesh Architecture (CSMA) platform. This investment will enhance its autonomous capabilities, ...
Insecure Deployments of Moltbot Pose Risks in Enterprise Settings
Insecure deployments of Moltbot, an AI assistant, in enterprise environments raise severe risks of leaking sensitive data such as API keys, OAuth tokens, and conversation ...
FBI Successfully Seizes RAMP Cybercrime Forum Disrupting Ransomware Operations
The FBI has effectively dismantled RAMP, a prominent cybercriminal forum. Known for its bold promotion of ransomware activities, RAMP's seizure marks a significant law enforcement ...
Chinese Hackers Breach Phones of UK Officials in Long-term Cyber Espionage
Chinese hackers, linked to state-sponsored activities, reportedly penetrated the smartphones of UK officials, accessing sensitive communications for several years. The invasion probes the sophistication of ...