Main Menu
Cyber Security
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
News
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
Mitchell Langley May 21, 2025
Cellcom confirms a cyberattack caused week-long service outages across Wisconsin and Michigan, impacting calls and SMS; personal data reportedly not compromised.
VanHelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
News
VanHelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
Mitchell Langley May 21, 2025
VanHelsing ransomware's builder and affiliate panel source code leaked after a former developer tried to sell it, prompting the gang to release it themselves.
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
News
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
Andrew Doyle May 20, 2025
Scattered Spider used third-party TCS employee credentials to breach M&S systems, exposing customer data and costing over £1 billion in market value and lost profits. ...
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
News
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
Mitchell Langley May 20, 2025
Fake KeePass installers promoted via Bing ads delivered Cobalt Strike and stole credentials, ultimately leading to ESXi ransomware attacks linked to Black Basta affiliates.
TeleMessage Breach Exposes U.S. Government Messaging Data, 410GB Archive Published by DDoSecrets
News
TeleMessage Breach Exposes U.S. Government Messaging Data, 410GB Archive Published by DDoSecrets
Mitchell Langley May 20, 2025
Hackers exploited a flaw in TeleMessage’s TM SGNL app, exposing U.S. official communications. DDoSecrets published 410GB of chat logs and metadata from the breach.
Arla Foods Cyberattack Disrupts German Production Site, Causes Delivery Delays
News
Arla Foods Cyberattack Disrupts German Production Site, Causes Delivery Delays
Andrew Doyle May 20, 2025
Arla Foods confirmed a cyberattack at its Upahl production site in Germany, disrupting operations and causing delivery delays. No data theft has been confirmed.
O2 Flaw Leaked Customer Geolocation Data to Any Caller
News
O2 Flaw Leaked Customer Geolocation Data to Any Caller
Andrew Doyle May 20, 2025
O2 exposed customers’ real-time locations via VoLTE call metadata. A researcher found SIP headers leaking geolocation and device data. The issue is now resolved.
Coinbase Insider Breach Exposes Customer Data and Government IDs; $20M Ransom Rejected
News
Coinbase Insider Breach Exposes Customer Data and Government IDs; $20M Ransom Rejected
Andrew Doyle May 19, 2025
Coinbase Insider Breach revealed that rogue support agents aided a cyberattack stealing customer data and government IDs. The attackers demanded $20 million, but Coinbase refused ...
Hackers Target VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own Berlin 2025
News
Hackers Target VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own Berlin 2025
Mitchell Langley May 19, 2025
Researchers at Pwn2Own Berlin 2025 earned $695,000 for exploiting zero-day flaws in VMware ESXi, Microsoft SharePoint, Firefox, and AI platforms.
Adidas and Dior Confirm Customer Data Breaches Following Targeted Cyberattacks
News
Adidas and Dior Confirm Customer Data Breaches Following Targeted Cyberattacks
Mitchell Langley May 19, 2025
Adidas and Dior confirmed data breaches affecting customer information in Korea and China. Both brands reported no financial data exposure and began notifying affected individuals. ...
Ransomware Gangs Adopt Skitnet Malware for Post-Exploitation Attacks in Enterprise Environments
News
Ransomware Gangs Adopt Skitnet Malware for Post-Exploitation Attacks in Enterprise Environments
Andrew Doyle May 19, 2025
Ransomware groups including BlackBasta and Cactus are using Skitnet malware for stealthy post-exploitation in enterprise networks, enabling persistence, data theft, and remote control.
Broadcom Employee Data Leaked After Supply Chain Breach at ADP Partner
News
Broadcom Employee Data Leaked After Supply Chain Breach at ADP Partner
Andrew Doyle May 19, 2025
Broadcom employee data leaked after a ransomware attack on ADP partner Business Systems House. Sensitive files appeared on the dark web, impacting global semiconductor workers. ...
SK Telecom Data Breach Exposes Nearly 27 Million SIM Records
News
SK Telecom Data Breach Exposes Nearly 27 Million SIM Records
Mitchell Langley May 19, 2025
SK Telecom suffered a data breach impacting nearly 27 million SIM records, with malware infections across 23 servers and critical personal data left unencrypted.
This Week In Cybersecurity: May 12th to 16th, 2025
News
This Week In Cybersecurity: May 12th to 16th, 2025
Andrew Doyle May 19, 2025
"This week in cybersecurity highlights significant data breaches, vulnerabilities, and emerging threats impacting various sectors, emphasizing the need for robust security measures."
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
News
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
Andrew Doyle May 19, 2025
A cyberattack on the UK’s Legal Aid Agency exposed personal, financial, and criminal data of applicants dating back to 2010, prompting a full shutdown of ...
Ransomware Gangs Exploit SAP NetWeaver Vulnerability in Ongoing Global Attacks
News
Ransomware Gangs Exploit SAP NetWeaver Vulnerability in Ongoing Global Attacks
Mitchell Langley May 16, 2025
Ransomware groups RansomEXX and BianLian have joined global threat actors exploiting a critical SAP NetWeaver vulnerability, risking full remote system compromise for unpatched servers.
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
News
OpenAI Testing Model Context Protocol Integration for ChatGPT
Andrew Doyle May 16, 2025
OpenAI is testing Model Context Protocol support in ChatGPT, allowing secure access to third-party tools and enterprise platforms for more powerful, contextual task handling.
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
News
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
Mitchell Langley May 16, 2025
Russian-linked hackers exploited XSS flaws in Roundcube, Zimbra, and others to steal government emails globally through a no-click attack dubbed the RoundPress campaign.
North Korean Hackers TA406 Target Ukraine to Gauge Russia's Military Demands
News
North Korean Hackers TA406 Target Ukraine to Gauge Russia’s Military Demands
Mitchell Langley May 15, 2025
North Korean hackers TA406 target Ukrainian government entities to assess Russia’s war demands, using phishing, PowerShell malware, and credential theft to inform DPRK military strategy. ...
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
News
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
Mitchell Langley May 15, 2025
Bank Street College of Education exposed 500,000+ personal files via a misconfigured AWS bucket, including resumes and contact details. Risk of phishing and ID fraud ...
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Syed Arslan May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle April 21, 2025

TOP CYBERSECURITY HEADLINES

Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
News
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
News
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
News
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
News
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang

SECURITYWEEK INDUSTRY EXPERTS

Medical Data Breach Affected Dental Service Infrastructure
News
Medical Data Breach Affected Dental Service Infrastructure
Andrew Doyle June 4, 2025
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
News
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
Andrew Doyle June 4, 2025
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
News
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
Mitchell Langley June 4, 2025
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
News
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
Mitchell Langley June 4, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Inside the AVCheck Takedown: How Law Enforcement Disrupted a Key Cybercrime Tool
June 2, 2025
Podcasts
Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers
May 30, 2025
Podcasts
ConnectWise Breach: Nation-State Exploits CVE-2025-3935 in ScreenConnect
May 30, 2025

Cyber Security News

Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Cybersecurity
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
April 18, 2025
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Cybersecurity
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
April 16, 2025
Hacker Forum 'Cracked' Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Cybersecurity
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
April 14, 2025
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Cybersecurity
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
April 14, 2025
Fall River Public Schools Responds to Cybersecurity Breach
Cybersecurity
Fall River Public Schools Responds to Cybersecurity Breach
April 9, 2025
COBIT 2019 vs. COBIT 5 What’s New and Why It Matters
Blog
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
April 4, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
The Great Screenshot Scandal: Microsoft Recall and Signal’s DRM Shield
May 26, 2025
In this episode, we dive deep into the growing tension between AI innovation and data privacy through the lens of a major controversy: Microsoft’s Windows ...
Bumblebee Malware Returns: IT Pros Targeted Through SEO Poisoning and Typosquatting
May 26, 2025
In this episode, we break down the resurgence of the Bumblebee malware loader and its latest distribution method: blackhat SEO campaigns and trojanized software installers. ...
Cetus Protocol Hit by $223 Million Cryptocurrency Heist, $5M Bounty Offered
May 26, 2025
Hackers stole $223 million from Cetus Protocol via a blockchain exploit. The platform offers a whitehat deal and $5 million bounty to recover stolen funds. ...
FBI Warns of Luna Moth Tactics: Inside the Silent Ransom Group’s Law Firm Attacks
May 26, 2025
In this episode, we dive into the evolving tactics of the Silent Ransom Group (SRG)—also known as Luna Moth—a cybercriminal outfit that has shifted from ...
Qilin Ransomware Gang Targets Luxury Jet Firm Elit Avia, Leaks Staff Documents
May 26, 2025
Ransomware group Qilin posts alleged staff data from Elit Avia, including passport photos, raising security concerns for employees at the luxury private jet operator.
Operation Endgame Dismantles 300 Servers in Global Ransomware Infrastructure Crackdown
May 26, 2025
Operation Endgame dismantled 300 servers and 650 domains supporting ransomware campaigns, while U.S. authorities indicted 16 cybercriminals tied to DanaBot malware and botnet operations.
Stormous Ransomware Gang Posts French Government Credentials on Dark Web
May 26, 2025
Stormous ransomware gang published email and password data allegedly tied to French government bodies, raising concerns over outdated security practices and ongoing exposure risks.
Ransomware Attack on Kettering Health Forces Mass Procedure Cancellations and Exposes Patient Safety Risks
May 26, 2025
A ransomware attack on Kettering Health forced mass cancellations across 120+ medical sites, exposing patient safety risks and prompting scam attempts targeting sensitive patient data. ...
Trust Exploited: Unpacking the macOS Malware Attacking Ledger Wallets
May 23, 2025
A growing cyber threat is targeting macOS users who rely on Ledger cold wallets to secure their cryptocurrency. In this episode, we dissect the anti-Ledger ...
This Week In Cybersecurity: 19th to 23rd May, 2025
May 23, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
$21M Seized and DanaBot, Qakbot, and Bumblebee Disrupted in Operation Endgame Takedown
May 23, 2025
In this episode, we break down the latest and most impactful phase of Operation Endgame, the international law enforcement campaign targeting the backbone of the ...
From TikTok to Total Compromise: The Rise of Social Media Infostealers
May 23, 2025
In this episode, we dive into the alarming surge of infostealer malware campaigns leveraging social media platforms, particularly TikTok, as their distribution vector. Threat actors ...
BlackLock Ransomware Group Claims Breach of Toho, But Evidence Falls Short
May 23, 2025
Cybercriminal group BlackLock claims to have breached Japanese film giant Toho, but researchers found no credible data, casting doubt on the authenticity of the attack. ...
Chinese Hackers Exploit Ivanti EPMM Zero-Day to Breach Government Agencies
May 23, 2025
Chinese hackers exploited a zero-day flaw in Ivanti EPMM to breach global government systems. Immediate patching and security monitoring are strongly advised.
Coca-Cola Investigates Alleged Data Breach Tied to Everest Ransomware Group
May 23, 2025
Hackers from the Everest group claim to have leaked Coca-Cola employee and HR data, including PII and internal documents, potentially tied to a Middle East ...
iOS Sleep App Exposes Personal and Health Data of Over 25,000 Users
May 23, 2025
Sleep Journey iOS app exposed over 25,000 users' personal and health data due to a misconfigured Firebase database, posing significant privacy and security risks.
Chinese Hackers Exploit Cityworks Zero-Day to Breach U.S. Local Government Systems
May 23, 2025
Hackers from the Everest group claim to have leaked Coca-Cola employee and HR data, including PII and internal documents, potentially tied to a Middle East ...
Kettering Health Breached: What the Interlock Ransomware Group Did and Why It Matters
May 22, 2025
In this episode, we dive into the ransomware attack that struck Kettering Health, a major healthcare provider, and the evolving tactics of the Interlock ransomware ...
Deepfake Threats, Mobile Biometrics, and the Future of Trust
May 22, 2025
As digital deception evolves, so must our defenses. In this episode, we dive deep into the escalating battle for trust in our increasingly connected world. ...
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
May 22, 2025
Quantum hacking is no longer science fiction. This in-depth guide explores post-quantum security, quantum-resistant cryptography, and how to protect your business from future cyber threats.
Chrome Under Fire: Three Zero-Days, One Month, and Nation-State Exploits
Medical Data Breach Affected Dental Service Infrastructure
Australia Forces Transparency: The World’s First Mandatory Ransomware Payment Reporting Law
$25M for AI Email Security: Trustifi’s Big Bet on the MSP Market
GhostSec: From Hacktivist Roots to RaaS Powerhouse
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
Google Chrome vs. Failing CAs: The Policy Behind the Distrust
CVE-2025-48827 & 48828: How vBulletin’s API and Template Engine Got Weaponized
JINX-0132: How Cryptojackers Hijacked DevOps Infrastructure via Nomad and Docker
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
Multi-Stage Phishing Attacks Now Use Google Infrastructure—Here’s How
Password Hashes Leaked via Linux Crash Handlers: The Truth Behind CVE-2025-5054 & 4598