Main Menu
Cyber Security
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Massachusetts Hospital Faces Service Interruptions Amid Cyberattack
FleetWave Users Left Without Service After Chevin Takes Platform Offline
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
Covert PDF Exploitation: Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Microsoft’s Communication Breakdown Leaves Developers Locked Out Without Warning
Google Enhances Chrome Security with Device Bound Session Credentials
New Bypass Technique Bypasses Apple’s AI Safeguards
ChipSoft’s Website Goes Offline After Ransomware Attack While Email Stays Operational
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat
Docker Engine Vulnerability CVE-2026-34040 Allows Attackers to Bypass Authorization
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
Anthropic’s Claude Mythos Could Protect Critical Software — or Power the Next Wave of Cyberattacks
Trent AI Emerges From Stealth With $13 Million in Funding
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Automated Pentesting Tools Fall Short Past the “PoC Cliff”
Critical Flowise Vulnerability Puts Systems at Risk of Code Execution
Exchange Online Mailbox Access Issues Impact Outlook Users
Shadow AI and Zero-Click Exploits Are Reshaping Mobile Security Threats
Third-Party Vendors Are the New Breach Vector Organizations Should Fear
Critical ShareFile Flaws Open the Door to Unauthenticated RCE
DeepLoad Malware Poses a Multifaceted Threat with Credential Theft and Extension Installation
News
DeepLoad Malware Poses a Multifaceted Threat with Credential Theft and Extension Installation
Andrew Doyle April 2, 2026
New malware named DeepLoad threatens cybersecurity by deploying a malicious browser extension and spreading via USB drives to steal credentials.
Hasbro Targeted in a Recent Cybersecurity Incident
Cybersecurity
Hasbro Targeted in a Recent Cybersecurity Incident
Andrew Doyle April 2, 2026
Toy manufacturer Hasbro investigates potential data compromise following a cyberattack.
Google Patches Exploited Zero-Day Among 21 Chrome Vulnerabilities
Application Security
Google Patches Exploited Zero-Day Among 21 Chrome Vulnerabilities
Andrew Doyle April 2, 2026
Google addresses 21 vulnerabilities, including a zero-day in Chrome's Dawn component.
FBI Cautions on Security Threats from Chinese Mobile Applications
Cybersecurity
FBI Cautions on Security Threats from Chinese Mobile Applications
Andrew Doyle April 2, 2026
The FBI alerts users about data privacy issues connected to Chinese mobile applications, urging caution.
VBS File Campaign Uses WhatsApp for Multi-Stage Malware Deployment
Application Security
VBS File Campaign Uses WhatsApp for Multi-Stage Malware Deployment
Mitchell Langley April 2, 2026
New campaign exploits WhatsApp to spread Visual Basic Script files, forming a multi-stage infection chain.
Android Malware NoVoice Found Hiding Across 50 Apps on Google Play
Application Security
Android Malware NoVoice Found Hiding Across 50 Apps on Google Play
Gabby Lee April 2, 2026
Android malware NoVoice was stealthily embedded in over 50 apps on Google Play.
UK Government Allocates £630,000 for Digital Identity Card Discussion
Cybersecurity
UK Government Allocates £630,000 for Digital Identity Card Discussion
Andrew Doyle April 2, 2026
The UK government is investing £630,000 in a panel to examine digital identity card plans, aiming for diverse perspectives and trade-offs.
Hacker Charged in $55 Million Cryptocurrency Heist Involving Smart Contract Exploit
Cybersecurity
Hacker Charged in $55 Million Cryptocurrency Heist Involving Smart Contract Exploit
Mitchell Langley April 2, 2026
Investigators uncover how Jonathan Spalletta leveraged smart contract vulnerabilities, resulting in a major cryptocurrency theft that brought down the...
UNC1069 Linked to Axios NPM Supply Chain Attack for Financial Intrusion
Cybersecurity
UNC1069 Linked to Axios NPM Supply Chain Attack for Financial Intrusion
Mitchell Langley April 2, 2026
Google attributes Axios npm attack to North Korean threat group UNC1069, aiming for financial theft.
The Doctor No Problem Is Changing the Face of Enterprise Security
Cybersecurity
The “Doctor No” Problem Is Changing the Face of Enterprise Security
Gabby Lee April 2, 2026
The controversial "Doctor No" role in security operations highlights a shift from mere obstruction to strategic decision-making.
Open VSX Bug Allowed Malicious VS Code Extensions Into the Registry
Cybersecurity
Open VSX Bug Allowed Malicious VS Code Extensions Into the Registry
Mitchell Langley April 1, 2026
Cybersecurity experts reveal details of an Open VSX scanning flaw that allowed malicious VS Code extensions to pass vetting and enter the registry.
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
Cybersecurity
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
Mitchell Langley April 1, 2026
OpenAI initiates a bug bounty program to uncover and mitigate abuse and safety vulnerabilities.
New Phishing Techniques Threaten TikTok Business Account Security
News
New Phishing Techniques Threaten TikTok Business Account Security
Andrew Doyle April 1, 2026
Cybercriminals use phishing tactics to hijack TikTok business accounts.
US and UK Seek Advanced Tech to Counter Underwater Drone Threats
Cybersecurity
US and UK Seek Advanced Tech to Counter Underwater Drone Threats
Gabby Lee April 1, 2026
US and UK aim to strengthen maritime defense against underwater drones.
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
Cybersecurity
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
Andrew Doyle April 1, 2026
AFC Ajax confirms a significant data breach that exposed vulnerabilities in its internal systems, enabling unauthorized access.
TP-Link Routers Receive Patches for High-Severity Security Flaws
Cybersecurity
TP-Link Routers Receive Patches for High-Severity Security Flaws
Mitchell Langley April 1, 2026
TP-Link patches high-severity router flaws that could enable authentication bypass, arbitrary command execution, and configuration file decryption.
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
Cybersecurity
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
Gabby Lee April 1, 2026
Cloudflare-themed attack uses ClickFix tactics to deliver Python-based Infiniti stealer on macOS systems.
Infinity Stealer Malware Takes Aim at macOS Systems
Cybersecurity
Infinity Stealer Malware Takes Aim at macOS Systems
Andrew Doyle March 31, 2026
New malware, Infinity Stealer, targeting macOS via Python payload compiled with Nuitka.
Iranian Hackers Breach FBI Director's Personal Email Account
Cybersecurity
Iranian Hackers Breach FBI Director’s Personal Email Account
Mitchell Langley March 31, 2026
Iranian-backed hackers penetrated FBI director's email, leaked sensitive information online.
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
News
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
Gabby Lee March 31, 2026
Russian-based TA446 group wields DarkSword to compromise iOS devices, escalating cybersecurity threats.
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Cybersecurity
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Mitchell Langley April 10, 2026
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Cybersecurity
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Gabby Lee April 10, 2026
Chaos Malware Expands Its Reach to Cloud Deployments
Cybersecurity
Chaos Malware Expands Its Reach to Cloud Deployments
Gabby Lee April 10, 2026
Qilin Ransomware Group Targets German Political Party Die Linke
News
Qilin Ransomware Group Targets German Political Party Die Linke
Mitchell Langley April 7, 2026

TOP CYBERSECURITY HEADLINES

Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
Cybersecurity
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Application Security
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
Cybersecurity
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Cybersecurity
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking

This Week’s Security Spotlight

New Bypass Technique Bypasses Apple's AI Safeguards
Application Security
New Bypass Technique Bypasses Apple’s AI Safeguards
Gabby Lee April 10, 2026
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Cybersecurity
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Mitchell Langley April 8, 2026
Bogus Traffic Violation Text Scam Targeting Americans
News
Bogus Traffic Violation Text Scam Targeting Americans
Andrew Doyle April 7, 2026
Apple Rolls Out DarkSword Exploit Protection to More Devices
Cybersecurity
Apple Rolls Out DarkSword Exploit Protection to More Devices
Mitchell Langley April 3, 2026
More In News
Trending
Bogus Traffic Violation Text Scam Targeting Americans
EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts
Ukrainian CERT Impersonated in Phishing Campaign Distributing AGEWHEEZE
New Phishing Techniques Threaten TikTok Business Account Security

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Toys “R” Us Canada Confirms Customer Data Breach After Dark Web Leak
October 24, 2025
Podcasts
Kyocera’s Motex Lanscope Hit by Active Attacks: Critical 9.8 Exploit Enables Remote Code Execution
October 24, 2025
Podcasts
BIND 9 Emergency Patches: ISC Fixes High-Severity Cache Poisoning and DoS Flaws
October 24, 2025

Cyber Security News

Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Cybersecurity
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
April 8, 2026
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
Cybersecurity
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
April 8, 2026
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat
Cybersecurity
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat
April 8, 2026
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
CVE Vulnerability Alerts
Docker Engine Vulnerability CVE-2026-34040 Allows Attackers to Bypass Authorization
April 8, 2026
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
Cybersecurity
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
April 8, 2026
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
Cybersecurity
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
April 8, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
FBI Cautions on Security Threats from Chinese Mobile Applications
April 2, 2026
The FBI alerts users about data privacy issues connected to Chinese mobile applications, urging caution.
VBS File Campaign Uses WhatsApp for Multi-Stage Malware Deployment
April 2, 2026
New campaign exploits WhatsApp to spread Visual Basic Script files, forming a multi-stage infection chain.
Android Malware NoVoice Found Hiding Across 50 Apps on Google Play
April 2, 2026
Android malware NoVoice was stealthily embedded in over 50 apps on Google Play.
UK Government Allocates £630,000 for Digital Identity Card Discussion
April 2, 2026
The UK government is investing £630,000 in a panel to examine digital identity card plans, aiming for diverse perspectives and trade-offs.
Hacker Charged in $55 Million Cryptocurrency Heist Involving Smart Contract Exploit
April 2, 2026
Investigators uncover how Jonathan Spalletta leveraged smart contract vulnerabilities, resulting in a major cryptocurrency theft that brought down the...
UNC1069 Linked to Axios NPM Supply Chain Attack for Financial Intrusion
April 2, 2026
Google attributes Axios npm attack to North Korean threat group UNC1069, aiming for financial theft.
The “Doctor No” Problem Is Changing the Face of Enterprise Security
April 2, 2026
The controversial "Doctor No" role in security operations highlights a shift from mere obstruction to strategic decision-making.
Open VSX Bug Allowed Malicious VS Code Extensions Into the Registry
April 1, 2026
Cybersecurity experts reveal details of an Open VSX scanning flaw that allowed malicious VS Code extensions to pass vetting and enter the registry.
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
April 1, 2026
OpenAI initiates a bug bounty program to uncover and mitigate abuse and safety vulnerabilities.
New Phishing Techniques Threaten TikTok Business Account Security
April 1, 2026
Cybercriminals use phishing tactics to hijack TikTok business accounts.
US and UK Seek Advanced Tech to Counter Underwater Drone Threats
April 1, 2026
US and UK aim to strengthen maritime defense against underwater drones.
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
April 1, 2026
AFC Ajax confirms a significant data breach that exposed vulnerabilities in its internal systems, enabling unauthorized access.
TP-Link Routers Receive Patches for High-Severity Security Flaws
April 1, 2026
TP-Link patches high-severity router flaws that could enable authentication bypass, arbitrary command execution, and configuration file decryption.
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
April 1, 2026
Cloudflare-themed attack uses ClickFix tactics to deliver Python-based Infiniti stealer on macOS systems.
Infinity Stealer Malware Takes Aim at macOS Systems
March 31, 2026
New malware, Infinity Stealer, targeting macOS via Python payload compiled with Nuitka.
Iranian Hackers Breach FBI Director’s Personal Email Account
March 31, 2026
Iranian-backed hackers penetrated FBI director's email, leaked sensitive information online.
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
March 31, 2026
Russian-based TA446 group wields DarkSword to compromise iOS devices, escalating cybersecurity threats.
European Commission Responds to Cloud Infrastructure Cyberattack
March 31, 2026
The European Commission contained a cyberattack affecting its cloud infrastructure, ensuring no internal network disruption to Europa.eu websites.
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
March 31, 2026
Security flaw in Smart Slider 3 WordPress plugin risks unauthorized file access across more than 800,000 websites.
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
March 31, 2026
Apple is urging iOS and iPadOS users to update their devices immediately due to active web-based security threats.
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Massachusetts Hospital Faces Service Interruptions Amid Cyberattack
FleetWave Users Left Without Service After Chevin Takes Platform Offline
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
Covert PDF Exploitation: Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Microsoft’s Communication Breakdown Leaves Developers Locked Out Without Warning
Google Enhances Chrome Security with Device Bound Session Credentials
New Bypass Technique Bypasses Apple’s AI Safeguards
ChipSoft’s Website Goes Offline After Ransomware Attack While Email Stays Operational
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat