Cyber Security
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
Hackers Claim 64 Million T-Mobile Records Leaked Online
News
Hackers Claim 64 Million T-Mobile Records Leaked Online
Hackers claim to have leaked 64 million T-Mobile records online, including sensitive personal and device data. The breach may contain new data unseen in past ...
Qilin Ransomware Claims Asefa Attack: 210GB of Data Leaked Including FC Barcelona Insurance Files
News
Qilin Ransomware Claims Asefa Attack: 210GB of Data Leaked Including FC Barcelona Insurance Files
Qilin ransomware group claims to have stolen 210GB of sensitive data from Spanish insurer Asefa, including internal documents and a Camp Nou insurance plan.
Spyware Scandal Expands as Second Italian Journalist Targeted with Paragon Surveillance Tool
News
Spyware Scandal Expands as Second Italian Journalist Targeted with Paragon Surveillance Tool
Citizen Lab confirms Paragon spyware targeted a second journalist at Fanpage, deepening Italy’s political surveillance controversy and raising new concerns over investigative oversight.
Food Delivery App GonnaOrder Leaked Customer Names, Addresses, and Order Info for Nearly Two Years
News
Food Delivery App GonnaOrder Leaked Customer Names, Addresses, and Order Info for Nearly Two Years
A misconfigured Kafka Broker on GonnaOrder’s platform exposed customer names, phone numbers, and delivery details across Europe from August 2022 to May 2025.
Ransomware Attack on Mastery Schools Exposes Thousands of Sensitive Records, Including Credit Card and Biometric Data
News
Ransomware Attack on Mastery Schools Exposes Thousands of Sensitive Records, Including Credit Card and Biometric Data
A ransomware breach at Mastery Schools in Philadelphia exposed sensitive personal and financial records, affecting over 37,000 individuals including students, staff, and families.
Headero App Data Leak Exposes Over Four Million Sensitive User Records, Including GPS and Sexual Preferences
News
Headero App Data Leak Exposes Over Four Million Sensitive User Records, Including GPS and Sexual Preferences
A misconfigured database tied to the Headero dating app exposed over four million sensitive user records, including GPS coordinates, explicit chat logs, and STD statuses. ...
Erie Insurance Cyberattack Causes System-Wide Disruptions and Portal Outages
News
Erie Insurance Cyberattack Causes System-Wide Disruptions and Portal Outages
Erie Insurance confirms a cyberattack as the source of major service disruptions since June 7, affecting customer access, claims processing, and business operations.
Mental Health Provider Mount Rogers Targeted by INC Ransom, Internal Documents and Personal Details Leaked
News
Mental Health Provider Mount Rogers Targeted by INC Ransom, Internal Documents and Personal Details Leaked
Ransomware group INC Ransom breached Mount Rogers Community Services, leaking internal files, personal emails, and invoices from the mental health provider's systems.
Texas Dept. of Transportation Breach Exposes 300,000 Crash Records in May 2025
News
Texas Dept. of Transportation Breach Exposes 300,000 Crash Records in May 2025
TxDOT suffered a breach on May 12, 2025, leaking 300,000 crash reports. Stolen data includes driver’s license numbers, insurance info, and crash details.
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
Endpoint Security
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
Ivanti patched three high-severity vulnerabilities in Workspace Control caused by hardcoded cryptographic keys, which exposed SQL and environment credentials to local authenticated attackers.
Mirai Botnet Exploits Wazuh Servers via Remote Code Execution Vulnerability
News
Mirai Botnet Exploits Wazuh Servers via Remote Code Execution Vulnerability
A critical RCE flaw in Wazuh servers is being exploited by Mirai botnet variants, allowing attackers to execute Python code through malicious API requests.
FIN6 Hackers Target Recruiters with Fake Job Seekers and Malware-Loaded Resumes
News
FIN6 Hackers Target Recruiters with Fake Job Seekers and Malware-Loaded Resumes
FIN6 hackers are impersonating job seekers to infiltrate recruiter systems, delivering the More_Eggs malware via AWS-hosted resume sites and phishing tactics on LinkedIn and Indeed. ...
4,000+ Fake Sites Used in Scam Marketplace Ads on Facebook to Impersonate Top Retail Brands
News
4,000+ Fake Sites Used in Scam Marketplace Ads on Facebook to Impersonate Top Retail Brands
A scam network using over 4,000 fake websites is impersonating Amazon, Birkenstock, and more, pushing fraudulent Facebook Marketplace ads and stealing user data.
Bert Ransomware Group Claims Data Theft from Global Port Agency S5
News
Bert Ransomware Group Claims Data Theft from Global Port Agency S5
Ransomware gang Bert claims to have stolen 140GB of sensitive data from S5 Agency World, a maritime logistics firm with operations in 360+ ports globally. ...
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
INC Ransomware is a sophisticated and relatively new cybercriminal group known for its targeted ransomware attacks against corporate and organizational networks. They exhibit a high ...
Ticketmaster Data from Snowflake Attack Appears Briefly on Arkana Security Extortion Site
News
Ticketmaster Data from Snowflake Attack Appears Briefly on Arkana Security Extortion Site
Old Ticketmaster data stolen in the 2024 Snowflake attack was briefly relisted for sale by Arkana Security, sparking confusion over a possible new breach.
Ransomware Attack on Sensata Technologies Leads to Data Breach Impacting Employee Information
News
Ransomware Attack on Sensata Technologies Leads to Data Breach Impacting Employee Information
Sensata Technologies confirms employee data was stolen in a ransomware breach that impacted operations and exposed sensitive personal and financial details from current and former ...
United Natural Foods Cyberattack Disrupts Operations Across North America
News
United Natural Foods Cyberattack Disrupts Operations Across North America
United Natural Foods, a key supplier to Whole Foods, suffered a cyberattack that disrupted customer orders and forced systems offline as investigations and recovery efforts ...
Over 84,000 Roundcube Webmail Servers Exposed to Actively Exploited Remote Code Flaw
News
Over 84,000 Roundcube Webmail Servers Exposed to Actively Exploited Remote Code Flaw
Over 84,000 Roundcube webmail servers remain exposed to a critical RCE flaw (CVE-2025-49113) despite a June 2025 patch fixing the vulnerability.
SentinelOne Targeted in Sophisticated China-Linked Supply Chain Attack Attempt
News
SentinelOne Targeted in Sophisticated China-Linked Supply Chain Attack Attempt
Chinese threat actors linked to APT15 and APT41 attempted to compromise SentinelOne through a third-party logistics provider using ShadowPad and GOREshell malware in a global ...

TOP CYBERSECURITY HEADLINES

SECURITYWEEK INDUSTRY EXPERTS

Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
McLaren Health Care has suffered a major data breach, exposing sensitive personal and medical data of 743,000 individuals, following a history of ransomware incidents.
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
Insurance giant Aflac has confirmed a breach involving sensitive personal and health data, part of a broader wave of attacks linked to the Scattered Spider ...
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
Taiwan-based crypto exchange BitoPro has linked the $11 million theft from its platform to the North Korean Lazarus Group, citing attack similarities and forensic evidence. ...
From Malware to Court: Qilin Ransomware’s ‘Call a Lawyer’ Tactic
In this episode, we take a deep dive into the Qilin ransomware group — now regarded as the world’s leading ransomware-as-a-service (RaaS) operation — and ...
Zero-Click, Zero-Warning: The FreeType Flaw Behind a Spyware Surge
In this episode, we dive deep into the story behind CVE-2025-27363, a critical zero-click vulnerability in the widely used FreeType font rendering library. Initially discovered ...
The Insurance Industry Under Fire: Anatomy of the Aflac Cyber Incident
In this episode, we take a deep dive into the June 2025 cyberattack on Aflac, one of the latest strikes in a growing wave of ...
The Nucor Cyberattack: How Ransomware Threatens American Steel
In May 2025, a ransomware attack forced Nucor — one of America’s largest steel producers — to halt its metal production operations. This wasn’t just ...
Inside the $225M Crypto Seizure: How Law Enforcement Traced Illicit Funds Across Borders
A staggering $225 million in illicit cryptocurrency was recently seized by U.S. authorities in what has become the largest digital asset recovery in Secret Service ...
Inside CVE-2025-23121: Veeam RCE Flaw Opens Door to Ransomware
Ransomware groups are no longer just encrypting data — they’re going straight for the backups. And if those backups aren’t properly protected, recovery becomes impossible, ...
Fasana’s Collapse: How One Ransomware Attack Crippled a German Manufacturer
Ransomware just bankrupted a 100-year-old manufacturer—and the world should take notice. In this episode, we dissect the cyberattack that brought down Fasana, a German paper ...
Inside the 16 Billion Credential Leak: The Infostealer Engine Behind the Biggest Breach Yet
In this episode, we break down the true scale and mechanics behind the largest credential leak ever recorded—over 16 billion login credentials, most of them ...
Over 1,500 Minecraft Users Infected in Stargazers Ghost Malware Campaign
A malware distribution network hiding in plain sight — on GitHub. This episode unpacks the Stargazers Ghost Network, a massive Distribution-as-a-Service (DaaS) infrastructure run by ...
Oxford City Council Breach Exposes 21 Years of Data
State and local governments are under cyber siege. In this episode, we break down how and why these public institutions have become top targets for ...
Weaponized GitHub Repositories: How Banana Squad and Water Curse Are Hitting Devs
Cybercriminals are increasingly turning GitHub into a malware distribution network. In this episode, we unpack two of the most alarming recent campaigns: Water Curse and ...
Chain IQ Breach Exposes UBS & Pictet Employee Data: A Supply Chain Failure
A single vendor was compromised — and suddenly, internal records from UBS, Pictet, Manor, and Implenia were leaked. The Chain IQ cyberattack is a textbook ...
Citrix NetScaler Flaws Expose Enterprise Networks: CVE-2025-5349 & CVE-2025-5777
Two newly disclosed critical vulnerabilities—CVE-2025-5349 and CVE-2025-5777—have put Citrix NetScaler ADC and Gateway deployments at serious risk, exposing enterprise environments to potential data breaches and ...
GerriScary: How CVE-2025-1568 Threatened Google’s Open-Source Supply Chain
CVE-2025-1568, dubbed “GerriScary”, has shaken the open-source ecosystem by exposing a fundamental weakness in Google’s Gerrit code review system—one that could have enabled attackers to ...
Cisco & Atlassian Under Fire: High-Severity Flaws and What’s at Risk
Cisco and Atlassian have both released urgent security advisories in response to newly discovered high-severity vulnerabilities—and the implications are serious. Cisco’s firmware flaws impact Meraki ...
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
A key figure behind Ryuk ransomware’s initial network intrusions has been extradited to the U.S., marking a major step in global efforts against ransomware operations. ...
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
A data breach at Episource has compromised the personal and medical information of over 5.4 million individuals in a targeted January 2025 cyberattack.
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
FBI Issues Alert as Cybercriminals Impersonate Health Fraud Investigators to Steal Patient Data
Johnson Controls Begins Notifying Individuals Impacted by 2023 Ransomware Attack
Ransomware Attack on Swiss Government Vendor Leads to Massive Data Leak
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
Canada Orders Hikvision to Shut Down National Operations Over Security Concerns
Chrome’s Latest Zero-Day: CVE-2025-6554 and Remote Code Execution Risks
Russia’s 16KB Curtain: Cloudflare Throttling and the Future of the RuNet
Ahold Delhaize Data Breach: 2.2 Million Employee Records Exposed
This Week In Cybersecurity: 23rd June to 27th June
Why Canada Banned Hikvision: National Security vs. Geopolitics
INC Ransomware: TTPs, Impact and Mitigation
Scattered Spider Takes Flight: Inside the Cybercrime Group’s Move into Aviation
Cyberattack on Hannaford Exposes Data of Over 2.2 Million, Including 95,000 Mainers
Data Breaches at Sheffield City Council Surge to Three-Year High Amid Growing Cybersecurity Concerns
Scattered Spider Ransomware Group Turns Its Focus to North American Airlines
Scattered Spider Expands Attacks to Aviation and Transportation Sectors
Massive Data Breach Hits U.S. Federal Bureau of Prisons, Exposes Sensitive Inmate Information
Fortnite and the FTC: How Epic Games Misled Players into Unwanted Purchases
Microsoft 365 Direct Send Exploited: How Phishing Emails Masquerade as Internal Messages