Cyber Security
News
Hackers Claim 64 Million T-Mobile Records Leaked Online
Mitchell Langley
June 13, 2025
Hackers claim to have leaked 64 million T-Mobile records online, including sensitive personal and device data. The breach may contain new data unseen in past ...
News
Qilin Ransomware Claims Asefa Attack: 210GB of Data Leaked Including FC Barcelona Insurance Files
Andrew Doyle
June 13, 2025
Qilin ransomware group claims to have stolen 210GB of sensitive data from Spanish insurer Asefa, including internal documents and a Camp Nou insurance plan.
News
Spyware Scandal Expands as Second Italian Journalist Targeted with Paragon Surveillance Tool
Mitchell Langley
June 13, 2025
Citizen Lab confirms Paragon spyware targeted a second journalist at Fanpage, deepening Italy’s political surveillance controversy and raising new concerns over investigative oversight.
News
Food Delivery App GonnaOrder Leaked Customer Names, Addresses, and Order Info for Nearly Two Years
Andrew Doyle
June 12, 2025
A misconfigured Kafka Broker on GonnaOrder’s platform exposed customer names, phone numbers, and delivery details across Europe from August 2022 to May 2025.
News
Ransomware Attack on Mastery Schools Exposes Thousands of Sensitive Records, Including Credit Card and Biometric Data
Andrew Doyle
June 12, 2025
A ransomware breach at Mastery Schools in Philadelphia exposed sensitive personal and financial records, affecting over 37,000 individuals including students, staff, and families.
News
Headero App Data Leak Exposes Over Four Million Sensitive User Records, Including GPS and Sexual Preferences
Mitchell Langley
June 12, 2025
A misconfigured database tied to the Headero dating app exposed over four million sensitive user records, including GPS coordinates, explicit chat logs, and STD statuses. ...
News
Erie Insurance Cyberattack Causes System-Wide Disruptions and Portal Outages
Mitchell Langley
June 12, 2025
Erie Insurance confirms a cyberattack as the source of major service disruptions since June 7, affecting customer access, claims processing, and business operations.
News
Mental Health Provider Mount Rogers Targeted by INC Ransom, Internal Documents and Personal Details Leaked
Mitchell Langley
June 12, 2025
Ransomware group INC Ransom breached Mount Rogers Community Services, leaking internal files, personal emails, and invoices from the mental health provider's systems.
News
Texas Dept. of Transportation Breach Exposes 300,000 Crash Records in May 2025
Mitchell Langley
June 11, 2025
TxDOT suffered a breach on May 12, 2025, leaking 300,000 crash reports. Stolen data includes driver’s license numbers, insurance info, and crash details.
Endpoint Security
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
Mitchell Langley
June 11, 2025
Ivanti patched three high-severity vulnerabilities in Workspace Control caused by hardcoded cryptographic keys, which exposed SQL and environment credentials to local authenticated attackers.
News
Mirai Botnet Exploits Wazuh Servers via Remote Code Execution Vulnerability
Andrew Doyle
June 11, 2025
A critical RCE flaw in Wazuh servers is being exploited by Mirai botnet variants, allowing attackers to execute Python code through malicious API requests.
News
FIN6 Hackers Target Recruiters with Fake Job Seekers and Malware-Loaded Resumes
Andrew Doyle
June 11, 2025
FIN6 hackers are impersonating job seekers to infiltrate recruiter systems, delivering the More_Eggs malware via AWS-hosted resume sites and phishing tactics on LinkedIn and Indeed. ...
News
4,000+ Fake Sites Used in Scam Marketplace Ads on Facebook to Impersonate Top Retail Brands
Andrew Doyle
June 11, 2025
A scam network using over 4,000 fake websites is impersonating Amazon, Birkenstock, and more, pushing fraudulent Facebook Marketplace ads and stealing user data.
News
Bert Ransomware Group Claims Data Theft from Global Port Agency S5
Mitchell Langley
June 11, 2025
Ransomware gang Bert claims to have stolen 140GB of sensitive data from S5 Agency World, a maritime logistics firm with operations in 360+ ports globally. ...
Ransomware
INC Ransomware: Master of Double Extortion
Gabby Lee
June 10, 2025
INC Ransomware is a sophisticated and relatively new cybercriminal group known for its targeted ransomware attacks against corporate and organizational networks. They exhibit a high ...
News
Ticketmaster Data from Snowflake Attack Appears Briefly on Arkana Security Extortion Site
Mitchell Langley
June 10, 2025
Old Ticketmaster data stolen in the 2024 Snowflake attack was briefly relisted for sale by Arkana Security, sparking confusion over a possible new breach.
News
Ransomware Attack on Sensata Technologies Leads to Data Breach Impacting Employee Information
Mitchell Langley
June 10, 2025
Sensata Technologies confirms employee data was stolen in a ransomware breach that impacted operations and exposed sensitive personal and financial details from current and former ...
News
United Natural Foods Cyberattack Disrupts Operations Across North America
Andrew Doyle
June 10, 2025
United Natural Foods, a key supplier to Whole Foods, suffered a cyberattack that disrupted customer orders and forced systems offline as investigations and recovery efforts ...
News
Over 84,000 Roundcube Webmail Servers Exposed to Actively Exploited Remote Code Flaw
Andrew Doyle
June 10, 2025
Over 84,000 Roundcube webmail servers remain exposed to a critical RCE flaw (CVE-2025-49113) despite a June 2025 patch fixing the vulnerability.
News
SentinelOne Targeted in Sophisticated China-Linked Supply Chain Attack Attempt
Mitchell Langley
June 10, 2025
Chinese threat actors linked to APT15 and APT41 attempted to compromise SentinelOne through a third-party logistics provider using ShadowPad and GOREshell malware in a global ...
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle
May 12, 2025
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley
May 8, 2025
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
News
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
Syed Arslan
July 1, 2025
News
FBI Issues Alert as Cybercriminals Impersonate Health Fraud Investigators to Steal Patient Data
Andrew Doyle
July 1, 2025
News
Johnson Controls Begins Notifying Individuals Impacted by 2023 Ransomware Attack
Mitchell Langley
July 1, 2025
News
Ransomware Attack on Swiss Government Vendor Leads to Massive Data Leak
Andrew Doyle
July 1, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
June 24, 2025
McLaren Health Care has suffered a major data breach, exposing sensitive personal and medical data of 743,000 individuals, following a history of ransomware incidents.
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
June 24, 2025
Insurance giant Aflac has confirmed a breach involving sensitive personal and health data, part of a broader wave of attacks linked to the Scattered Spider ...
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
June 24, 2025
Taiwan-based crypto exchange BitoPro has linked the $11 million theft from its platform to the North Korean Lazarus Group, citing attack similarities and forensic evidence. ...
From Malware to Court: Qilin Ransomware’s ‘Call a Lawyer’ Tactic
June 23, 2025
In this episode, we take a deep dive into the Qilin ransomware group — now regarded as the world’s leading ransomware-as-a-service (RaaS) operation — and ...
Zero-Click, Zero-Warning: The FreeType Flaw Behind a Spyware Surge
June 23, 2025
In this episode, we dive deep into the story behind CVE-2025-27363, a critical zero-click vulnerability in the widely used FreeType font rendering library. Initially discovered ...
The Insurance Industry Under Fire: Anatomy of the Aflac Cyber Incident
June 23, 2025
In this episode, we take a deep dive into the June 2025 cyberattack on Aflac, one of the latest strikes in a growing wave of ...
The Nucor Cyberattack: How Ransomware Threatens American Steel
June 23, 2025
In May 2025, a ransomware attack forced Nucor — one of America’s largest steel producers — to halt its metal production operations. This wasn’t just ...
Inside the $225M Crypto Seizure: How Law Enforcement Traced Illicit Funds Across Borders
June 22, 2025
A staggering $225 million in illicit cryptocurrency was recently seized by U.S. authorities in what has become the largest digital asset recovery in Secret Service ...
Inside CVE-2025-23121: Veeam RCE Flaw Opens Door to Ransomware
June 22, 2025
Ransomware groups are no longer just encrypting data — they’re going straight for the backups. And if those backups aren’t properly protected, recovery becomes impossible, ...
Fasana’s Collapse: How One Ransomware Attack Crippled a German Manufacturer
June 21, 2025
Ransomware just bankrupted a 100-year-old manufacturer—and the world should take notice. In this episode, we dissect the cyberattack that brought down Fasana, a German paper ...
Inside the 16 Billion Credential Leak: The Infostealer Engine Behind the Biggest Breach Yet
June 21, 2025
In this episode, we break down the true scale and mechanics behind the largest credential leak ever recorded—over 16 billion login credentials, most of them ...
Over 1,500 Minecraft Users Infected in Stargazers Ghost Malware Campaign
June 20, 2025
A malware distribution network hiding in plain sight — on GitHub. This episode unpacks the Stargazers Ghost Network, a massive Distribution-as-a-Service (DaaS) infrastructure run by ...
Oxford City Council Breach Exposes 21 Years of Data
June 20, 2025
State and local governments are under cyber siege. In this episode, we break down how and why these public institutions have become top targets for ...
Weaponized GitHub Repositories: How Banana Squad and Water Curse Are Hitting Devs
June 20, 2025
Cybercriminals are increasingly turning GitHub into a malware distribution network. In this episode, we unpack two of the most alarming recent campaigns: Water Curse and ...
Chain IQ Breach Exposes UBS & Pictet Employee Data: A Supply Chain Failure
June 20, 2025
A single vendor was compromised — and suddenly, internal records from UBS, Pictet, Manor, and Implenia were leaked. The Chain IQ cyberattack is a textbook ...
Citrix NetScaler Flaws Expose Enterprise Networks: CVE-2025-5349 & CVE-2025-5777
June 19, 2025
Two newly disclosed critical vulnerabilities—CVE-2025-5349 and CVE-2025-5777—have put Citrix NetScaler ADC and Gateway deployments at serious risk, exposing enterprise environments to potential data breaches and ...
GerriScary: How CVE-2025-1568 Threatened Google’s Open-Source Supply Chain
June 19, 2025
CVE-2025-1568, dubbed “GerriScary”, has shaken the open-source ecosystem by exposing a fundamental weakness in Google’s Gerrit code review system—one that could have enabled attackers to ...
Cisco & Atlassian Under Fire: High-Severity Flaws and What’s at Risk
June 19, 2025
Cisco and Atlassian have both released urgent security advisories in response to newly discovered high-severity vulnerabilities—and the implications are serious. Cisco’s firmware flaws impact Meraki ...
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
June 19, 2025
A key figure behind Ryuk ransomware’s initial network intrusions has been extradited to the U.S., marking a major step in global efforts against ransomware operations. ...
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
June 19, 2025
A data breach at Episource has compromised the personal and medical information of over 5.4 million individuals in a targeted January 2025 cyberattack.