Main Menu
Cyber Security
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies
RoguePlanet Zero-Day Gives Attackers SYSTEM on Patched Windows
Ivanti Sentry CVE-2026-10520 Actively Exploited, Devices Backdoored
Langflow CVE-2026-5027: Path Traversal Becomes Unauthenticated RCE
WorldLeaks Claims Apple Supplier Tata Electronics and Two More Firms
What is Cloud Detection and Response (CDR) and How Does it Work
Google Patches 5th Chrome Zero-Day; V8 Flaw Chains for OS Access
LiteLLM CVE-2026-42271 Added to CISA KEV: AI API Keys at Risk
France’s Tchap Messaging App Breached, 643K Messages Exposed
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Exploit Published for Linux Kernel nf_tables CVE-2026-23111
The ShinyHunters and Their Voice Phishing Tactics Target Okta, Microsoft, and Google
News
The ShinyHunters and Their Voice Phishing Tactics Target Okta, Microsoft, and Google
Mitchell Langley January 28, 2026
ShinyHunters are deploying voice phishing to breach SSO accounts and access corporate data in platforms like Okta, Microsoft, and Google. This tactic aids in stealing ...
Windows 11 Boot Failures After Patch Tuesday Updates
Application Security
Windows 11 Boot Failures After Patch Tuesday Updates
Andrew Doyle January 28, 2026
Recent updates from January 2026 rendered some Windows 11 devices unusable, throwing an “UNMOUNTABLE_BOOT_VOLUME” error. Microsoft is actively examining these issues and working on a ...
US Cybersecurity Agency Opts Out of RSA Conference While Jen Easterly Plans Attendance
Cybersecurity
US Cybersecurity Agency Opts Out of RSA Conference While Jen Easterly Plans Attendance
Mitchell Langley January 28, 2026
The US Cybersecurity and Infrastructure Security Agency (CISA) confirmed it will not be attending the upcoming RSA Conference in March. However, new RSA CEO and ...
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026
Researchers have uncovered the Osiris ransomware, deployed in a late 2025 cyberattack targeting a Southeast Asian food service franchise. Utilizing BYOVD tactics and exploiting the ...
UK Home Office Invests Heavily in Tech to Mitigate Channel Immigration Challenges
Cybersecurity
UK Home Office Invests Heavily in Tech to Mitigate Channel Immigration Challenges
Mitchell Langley January 28, 2026
The UK Home Office embarks on a £100 million investment in cutting-edge technology to address the complex challenges posed by the influx of small boats ...
CISA Identifies Critical Broadcom VMware vCenter Vulnerability CVE-2024-37079
CVE Vulnerability Alerts
CISA Identifies Critical Broadcom VMware vCenter Vulnerability CVE-2024-37079
Gabby Lee January 28, 2026
CISA has added a significant vulnerability, CVE-2024-37079, found in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog. This move emphasizes the critical nature ...
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Nike is investigating a possible security breach as the WorldLeaks cybercrime group claims to have accessed and stolen sensitive data. The hackers are threatening to ...
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
News
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
Mitchell Langley January 28, 2026
A sophisticated phishing operation has emerged in Russia, deploying ransomware and Amnesia RAT through business-themed documents. Attackers ingeniously disguise malware as routine files, posing a ...
North Korean Hacker Group Deploys AI-Powered Malware Targeting Blockchain Developers
News
North Korean Hacker Group Deploys AI-Powered Malware Targeting Blockchain Developers
Gabby Lee January 28, 2026
The North Korean APT group known as Konni has refined its strategies by employing AI-driven malware to specifically target developers in the blockchain industry. This ...
Major Cyber Assault by Sandworm Against Poland's Grid Averted
Cybersecurity
Major Cyber Assault by Sandworm Against Poland’s Grid Averted
Gabby Lee January 28, 2026
In a significant report, Poland's energy minister disclosed an attempted cyber attack by Sandworm on the nation's power infrastructure. The offensive, deemed the most extensive ...
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
Microsoft has confirmed a coding error in the Outlook mobile app that may cause it to crash on iPad devices. The bug significantly impacts users ...
Emerging Threats Cloudflare WAF Bypass and Snap Store Malware
Cybersecurity
Emerging Threats: Cloudflare WAF Bypass and Snap Store Malware
Andrew Doyle January 28, 2026
Recent developments in cybersecurity reveal a Cloudflare WAF bypass, Cannonical's Snap Store malware, and the termination of Curl's bug bounty program. Explore how these issues ...
Fortinet's FortiCloud SSO Exploitation Raises Concerns Despite Patches
Cybersecurity
Fortinet’s FortiCloud SSO Exploitation Raises Concerns Despite Patches
Andrew Doyle January 28, 2026
Concerns have arisen following the recent identification of exploitation attempts targeting Fortinet's FortiCloud single sign-on (SSO) capabilities. Even though patches were released, attackers have leveraged ...
Automation in Cyberattacks A New Era for CISOs to Prepare For
Cybersecurity
Automation in Cyberattacks: A New Era for CISOs to Prepare For
Mitchell Langley January 28, 2026
Cybercriminals are on the brink of automating their attack workflows end-to-end. CISOs need to anticipate and prepare for these changes to effectively defend against increasingly ...
Malicious VSCode Extensions Infiltrate Marketplace
Application Security
Malicious VSCode Extensions Infiltrate Marketplace
Gabby Lee January 28, 2026
Two rogue extensions in Microsoft's Visual Studio Code (VSCode) Marketplace have been identified, accumulating 1.5 million installations. These extensions are designed to exfiltrate sensitive developer ...
New CISA Alert Active Exploitation of Critical Vulnerabilities in Enterprise Tools
Cybersecurity
New CISA Alert: Active Exploitation of Critical Vulnerabilities in Enterprise Tools
Gabby Lee January 28, 2026
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert about the active exploitation of vulnerabilities in software from Versa, Zimbra, the Vite frontend ...
Venezuelan Nationals Convicted in ATM Jackpotting Scheme to Face Deportation
Cybersecurity
Venezuelan Nationals Convicted in ATM Jackpotting Scheme to Face Deportation
Andrew Doyle January 28, 2026
Two Venezuelan nationals convicted for an ATM jackpotting scheme will be deported after serving prison sentences. The scheme involved sophisticated cyber tactics to exploit ATM ...
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
Cybersecurity
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
Mitchell Langley January 28, 2026
ShinyHunters has taken credit for a phishing operation targeting Okta's platform, reportedly compromising Crunchbase and Betterment systems. This breach has potentially far-reaching consequences for security ...
Popular Curl Project Discontinues Bug Bounty Program due to Poor Quality Reports
Cybersecurity
Popular Curl Project Discontinues Bug Bounty Program due to Poor Quality Reports
Andrew Doyle January 28, 2026
Curl is terminating its bug bounty on HackerOne due to the burden of AI-generated reports. The increase in low-quality submissions has made managing the program ...
Click-Fraud Trojan Uses Machine Learning to Evade Detection
Cybersecurity
Click-Fraud Trojan Uses Machine Learning to Evade Detection
Mitchell Langley January 28, 2026
Researchers at Dr.Web have identified a new Android click-fraud trojan using TensorFlow.js for more advanced ad interactions, bypassing conventional script tactics.
Application Security
Chrome 149 Patches 28 Flaws, Including 12 Use-After-Free Bugs
Gabby Lee June 12, 2026
Cybersecurity
Kyushu Electric Loses Drive With Data on 10.9M Customers
Mitchell Langley June 12, 2026
Blog
Triple Extortion Ransomware: How It Works and How to Stop It
Andrew Doyle June 12, 2026
Cybersecurity
Europol Dismantles AudiA6 Crypto Laundering Service
Gabby Lee June 12, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Application Security
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
Application Security
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers

This Week’s Security Spotlight

Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Andrew Doyle June 12, 2026
Application Security
SAP Patches CVSS 9.9 SAML Flaw and ABAP Memory Corruption
Andrew Doyle June 10, 2026
Application Security
Veeam CVE-2026-44963 Exposes Backup Servers to Low-Privilege RCE
Gabby Lee June 10, 2026
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
More In News
Trending
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Cloud Computing Heist: $3.5 Million Fraud Leads to Prison for Fake Crypto Influencer
August 19, 2025
Podcasts
Embassy Espionage: Kimsuky and Suspected Chinese Partners Deploy XenoRAT in Seoul
August 19, 2025
Podcasts
GSMA Confirms Flaws: Researchers Unveil Dangerous 5G Sniffing and Injection Attack
August 19, 2025

Cyber Security News

Cybersecurity
Ghostwriter APT Deploys Cobalt Strike in Geofenced Ukraine Campaign
May 19, 2026
Application Security
OpenAI Confirms Breach via Mini Shai-Hulud npm Supply Chain Attack
May 19, 2026
Cybersecurity
KongTuke IAB Uses Microsoft Teams to Deploy ModeloRAT in 5 Minutes
May 19, 2026
Application Security
node-ipc npm Package Hid Credential Stealer Across Three Versions
May 19, 2026
Application Security
PraisonAI CVE-2026-44338 Exploited 3h44m After Public Disclosure
May 19, 2026
Application Security
Burst Statistics CVE-2026-8181 Draws 7,400 Attacks in 24 Hours
May 19, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Osiris Ransomware Disables Security Tools in Novel Attack
January 28, 2026
Researchers have uncovered the Osiris ransomware, deployed in a late 2025 cyberattack targeting a Southeast Asian food service franchise. Utilizing BYOVD tactics and exploiting the ...
UK Home Office Invests Heavily in Tech to Mitigate Channel Immigration Challenges
January 28, 2026
The UK Home Office embarks on a £100 million investment in cutting-edge technology to address the complex challenges posed by the influx of small boats ...
CISA Identifies Critical Broadcom VMware vCenter Vulnerability CVE-2024-37079
January 28, 2026
CISA has added a significant vulnerability, CVE-2024-37079, found in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog. This move emphasizes the critical nature ...
Nike Investigates Breach as Hackers Threaten Data Disclosure
January 28, 2026
Nike is investigating a possible security breach as the WorldLeaks cybercrime group claims to have accessed and stolen sensitive data. The hackers are threatening to ...
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
January 28, 2026
A sophisticated phishing operation has emerged in Russia, deploying ransomware and Amnesia RAT through business-themed documents. Attackers ingeniously disguise malware as routine files, posing a ...
North Korean Hacker Group Deploys AI-Powered Malware Targeting Blockchain Developers
January 28, 2026
The North Korean APT group known as Konni has refined its strategies by employing AI-driven malware to specifically target developers in the blockchain industry. This ...
Major Cyber Assault by Sandworm Against Poland’s Grid Averted
January 28, 2026
In a significant report, Poland's energy minister disclosed an attempted cyber attack by Sandworm on the nation's power infrastructure. The offensive, deemed the most extensive ...
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
January 28, 2026
Microsoft has confirmed a coding error in the Outlook mobile app that may cause it to crash on iPad devices. The bug significantly impacts users ...
Emerging Threats: Cloudflare WAF Bypass and Snap Store Malware
January 28, 2026
Recent developments in cybersecurity reveal a Cloudflare WAF bypass, Cannonical's Snap Store malware, and the termination of Curl's bug bounty program. Explore how these issues ...
Fortinet’s FortiCloud SSO Exploitation Raises Concerns Despite Patches
January 28, 2026
Concerns have arisen following the recent identification of exploitation attempts targeting Fortinet's FortiCloud single sign-on (SSO) capabilities. Even though patches were released, attackers have leveraged ...
Automation in Cyberattacks: A New Era for CISOs to Prepare For
January 28, 2026
Cybercriminals are on the brink of automating their attack workflows end-to-end. CISOs need to anticipate and prepare for these changes to effectively defend against increasingly ...
Malicious VSCode Extensions Infiltrate Marketplace
January 28, 2026
Two rogue extensions in Microsoft's Visual Studio Code (VSCode) Marketplace have been identified, accumulating 1.5 million installations. These extensions are designed to exfiltrate sensitive developer ...
New CISA Alert: Active Exploitation of Critical Vulnerabilities in Enterprise Tools
January 28, 2026
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert about the active exploitation of vulnerabilities in software from Versa, Zimbra, the Vite frontend ...
Venezuelan Nationals Convicted in ATM Jackpotting Scheme to Face Deportation
January 28, 2026
Two Venezuelan nationals convicted for an ATM jackpotting scheme will be deported after serving prison sentences. The scheme involved sophisticated cyber tactics to exploit ATM ...
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
January 28, 2026
ShinyHunters has taken credit for a phishing operation targeting Okta's platform, reportedly compromising Crunchbase and Betterment systems. This breach has potentially far-reaching consequences for security ...
Popular Curl Project Discontinues Bug Bounty Program due to Poor Quality Reports
January 28, 2026
Curl is terminating its bug bounty on HackerOne due to the burden of AI-generated reports. The increase in low-quality submissions has made managing the program ...
Click-Fraud Trojan Uses Machine Learning to Evade Detection
January 28, 2026
Researchers at Dr.Web have identified a new Android click-fraud trojan using TensorFlow.js for more advanced ad interactions, bypassing conventional script tactics.
FortiGate Firewalls Fall Victim to Security Breaches Despite Patches
January 28, 2026
Attackers are intruding into FortiGate firewalls by manipulating configurations and bypassing single sign-on protections. Administrators report persistent security issues, even after applying the latest security ...
SmarterMail Vulnerability Exploited to Reset Admin Passwords
January 28, 2026
Attackers exploit a serious vulnerability (CVE-2026-23760) in SmarterMail, allowing malicious actors to bypass authentication and reset admin passwords.
Cybercriminals Exploit Microsoft SharePoint to Target Energy Sector
January 28, 2026
Microsoft SharePoint services are being manipulated by attackers targeting energy-sector companies. Harvesting credentials paves the way for control of corporate emails, after which phishing emails ...
Kyushu Electric Loses Drive With Data on 10.9M Customers
Anthropic Disputes Jailbreak Claim Against Claude Fable 5
Six Proto6 Flaws in protobuf.js Enable Node.js RCE
npm v12 Disables Auto-Run Scripts to Cut Supply Chain Risk
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Novo Nordisk Discloses Breach of Clinical Trials Patient Data
Europol Dismantles AudiA6 Crypto Laundering Service
Three LangGraph Flaws Chain to Remote Code Execution
OnyxC2 Stealer Targets 200+ Apps for $250 Per Month
Maine AG Portal Abused to Post Fabricated Breach Notices
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
OpenSSL Patches 16 Flaws Including Heap Use-After-Free RCE Risk
Akira Claims Industrial Finisher, NJ Country Club, Architecture Firm
Chaos Ransomware Lists Airespring as Iranian False-Flag History Looms
Shai-Hulud Hades Wave Poisons 29 Bioinformatics PyPI Packages
Oracle PeopleSoft CVE-2026-35273: ShinyHunters Breaches 100+ Orgs
Nottingham University Breach Exposes Data on 454,600 Students
FBI Seizes 13 Chinese Spy Sites Targeting U.S. Clearance Holders
China-Linked JDY Botnet Hits 1,500 Devices Targeting U.S. Military
CISA BOD 26-04 Mandates 3-Day Patch Window for Federal Agencies