Main Menu
Cyber Security
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Tech Giants Invest $12.5 Million in Open Source Software Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Stryker’s Internal Microsoft Environment Was Breached Last Week
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
How AI Is Making Financial Fraud 4.5 Times More Profitable
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
FBI Seeks Gamer Help in Steam Malware Investigation
Shadow AI Is Quietly Spreading Across SaaS Environments
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
VENON Banking Malware Targets Brazilian Users With Rust-Based Code
Apple Releases iOS and iPadOS Updates to Patch Coruna Exploits
Veeam Software Fixes Critical RCE Vulnerabilities in Backup & Replication Solution
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
International Operation Dismantles the Dangerous SocksEscort Proxy Service
Apple Patches Older iPhones and iPads Against Coruna Exploit Kit Attacks
Cybercriminals Target Airline Loyalty Programs: A New Threat to Travelers
Global Arrests Made in a Social Media Scam Targeting Thousands
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
Microsoft Enhances Quick Machine Recovery and Smart App Control in Windows Insider Build
Application Security
Microsoft Enhances Quick Machine Recovery and Smart App Control in Windows Insider Build
Andrew Doyle November 9, 2025
Microsoft’s latest Windows Insider build introduces major upgrades to Quick Machine Recovery and Smart App Control, enhancing system restoration speed and flexibility. The updates simplify ...
Malicious NuGet Packages Found With Time-Delay Payloads Targeting Databases and ICS Devices
Application Security
Malicious NuGet Packages Found With Time-Delay Payloads Targeting Databases and ICS Devices
Gabby Lee November 9, 2025
Security researchers uncovered malicious NuGet packages embedded with time-delayed payloads set to activate in 2027–2028, targeting enterprise software and industrial systems. The stealthy implants exploit ...
LANDFALL Spyware Exploited Samsung Galaxy Zero-Day in Targeted Middle East Attacks
CVE Vulnerability Alerts
LANDFALL Spyware Exploited Samsung Galaxy Zero-Day in Targeted Middle East Attacks
Andrew Doyle November 9, 2025
A zero-day flaw in Samsung Galaxy devices (CVE-2025-21042) was exploited to deploy LANDFALL spyware across the Middle East, enabling full device compromise and covert data ...
AI-Generated Malicious VS Code Extension Raises Concerns Over Marketplace Security
Application Security
AI-Generated Malicious VS Code Extension Raises Concerns Over Marketplace Security
Andrew Doyle November 7, 2025
A malicious Visual Studio Code extension mimicking “pyms-folders” was found on Microsoft’s marketplace, encrypting user files in a ransomware-like attack. Researchers believe the extension was ...
Cisco Warns of New Attack Variant Exploiting Secure Firewall ASA and FTD Vulnerabilities
CVE Vulnerability Alerts
Cisco Warns of New Attack Variant Exploiting Secure Firewall ASA and FTD Vulnerabilities
Mitchell Langley November 6, 2025
Cisco has warned of a new attack variant targeting its Secure Firewall ASA and FTD devices, exploiting CVE-2025-20333 and CVE-2025-20362 in tandem for remote code ...
ClickFix Malware Evolves New Tactics Use Video Guides and Timers to Increase Infection Rates
Cybersecurity
ClickFix Malware Evolves: New Tactics Use Video Guides and Timers to Increase Infection Rates
Mitchell Langley November 6, 2025
The ClickFix malware campaign is redefining social engineering by tricking users into manually infecting their systems through fake video guides, countdown timers, and OS-specific commands. ...
Clop Ransomware Group Adds The Washington Post to Leak Site After Alleged Breach
News
Clop Ransomware Group Adds The Washington Post to Leak Site After Alleged Breach
Mitchell Langley November 6, 2025
The Clop ransomware gang has claimed responsibility for a cyberattack on The Washington Post, adding the newspaper to its dark web leak site amid ongoing ...
Nevada Completes Full Recovery from Devastating Statewide Ransomware Attack
Cybersecurity
Nevada Completes Full Recovery from Devastating Statewide Ransomware Attack
Gabby Lee November 6, 2025
Nevada has fully restored operations across 60 state agencies nearly a year after a massive ransomware attack crippled public services in August 2023. The state ...
Truffle Security Secures $25 Million to Expand Secrets Scanning Capabilities
Application Security
Truffle Security Secures $25 Million to Expand Secrets Scanning Capabilities
Andrew Doyle November 6, 2025
Truffle Security has raised $25 million in Series A funding led by Decibel to expand its enterprise-grade secrets detection and remediation platform. Evolving from its ...
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack
Cybersecurity
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack
Gabby Lee November 6, 2025
The U.S. Congressional Budget Office has confirmed a cybersecurity incident involving unauthorized access to its network, with early evidence pointing to a foreign threat actor. ...
Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
Application Security
Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
Mitchell Langley November 6, 2025
Researchers at Tenable uncovered seven security flaws in OpenAI’s ChatGPT, including critical vulnerabilities in the GPT-4o model that exposed memory-stored user data and allowed web ...
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Cybersecurity
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Gabby Lee November 6, 2025
Executive Russian hacking group Sandworm has hit Ukraine’s grain sector with destructive wiper malware, targeting economic infrastructure in attacks now reaching beyond government and energy ...
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
Cybersecurity
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
Andrew Doyle November 6, 2025
Hackers allegedly breached Russia’s Radon nuclear waste plant, stealing testing data, user information, and employee details, raising national security concerns over access to sensitive nuclear ...
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
Cybersecurity
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
Mitchell Langley November 6, 2025
A misconfigured third-party database exposed over 50,000 Stanford Health Care and Hillsboro Medical Center staff records, including payroll data, emails, and hashed passwords, increasing phishing ...
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
Cybersecurity
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
Gabby Lee November 6, 2025
The Qilin ransomware gang claims to have stolen data from Habib Bank AG Zurich, exposing sensitive customer details and internal source code.
Cybersecurity
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
Andrew Doyle November 6, 2025
A global survey found 82 percent of large financial-services organisations reported a data breach or leak in the past year, signalling pervasive cyber-risk across the ...
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
News
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
Mitchell Langley November 6, 2025
The U.S. Treasury has sanctioned eight North Korea-linked individuals and entities accused of laundering funds from cyberattacks to finance Pyongyang’s weapons programs. The move targets ...
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Application Security
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Gabby Lee November 6, 2025
Microsoft has added a new web-based feature to the Microsoft Store that lets users create a single installer for multiple apps. The enhancement simplifies deployments, ...
Malware Learns to Think Google Warns of AI-Powered Evasive Techniques
Cybersecurity
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
Andrew Doyle November 6, 2025
Google has uncovered AI-driven malware capable of mutating its code during execution, evading traditional detection tools. By embedding machine learning models directly into payloads, attackers ...
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
News
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
Mitchell Langley November 6, 2025
The Gootloader malware gang has resurfaced after months of inactivity, reviving its signature SEO poisoning attacks. By manipulating search results to distribute malicious downloads through ...
Software Supply Chains Are the New Frontline for Cyber Risk
Cybersecurity
Software Supply Chains Are the New Frontline for Cyber Risk
Gabby Lee March 19, 2026
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
Cybersecurity
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
Andrew Doyle March 18, 2026
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
News
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Andrew Doyle March 18, 2026
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Cybersecurity
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Mitchell Langley March 18, 2026

TOP CYBERSECURITY HEADLINES

New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
Cybersecurity
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Cybersecurity
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Cybersecurity
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Application Security
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages

This Week’s Security Spotlight

Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Cybersecurity
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Andrew Doyle March 13, 2026
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Andrew Doyle March 12, 2026
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Mitchell Langley March 12, 2026
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
More In News
Trending
Targeted Phishing Attack Breaches Security Firm Executive
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure
Phishing Warnings as LastPass Users Get Targeted by Fake Alerts

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
U.S. Sanctions Grinex, the Russian Crypto Exchange Born from Garantex’s Ashes
August 15, 2025
Podcasts
Canadian House of Commons Breach Tied to Microsoft SharePoint Zero-Day
August 15, 2025
Podcasts
Norwegian Authorities Blame Pro-Russian Hackers for Critical Infrastructure Breach
August 15, 2025

Cyber Security News

ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
Cybersecurity
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
January 28, 2026
Popular Curl Project Discontinues Bug Bounty Program due to Poor Quality Reports
Cybersecurity
Popular Curl Project Discontinues Bug Bounty Program due to Poor Quality Reports
January 28, 2026
Click-Fraud Trojan Uses Machine Learning to Evade Detection
Cybersecurity
Click-Fraud Trojan Uses Machine Learning to Evade Detection
January 28, 2026
FortiGate Firewalls Fall Victim to Security Breaches Despite Patches
Application Security
FortiGate Firewalls Fall Victim to Security Breaches Despite Patches
January 28, 2026
SmarterMail Vulnerability Exploited to Reset Admin Passwords
Application Security
SmarterMail Vulnerability Exploited to Reset Admin Passwords
January 28, 2026
Cybercriminals Exploit Microsoft SharePoint to Target Energy Sector
Application Security
Cybercriminals Exploit Microsoft SharePoint to Target Energy Sector
January 28, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
LANDFALL Spyware Exploited Samsung Galaxy Zero-Day in Targeted Middle East Attacks
November 9, 2025
A zero-day flaw in Samsung Galaxy devices (CVE-2025-21042) was exploited to deploy LANDFALL spyware across the Middle East, enabling full device compromise and covert data ...
AI-Generated Malicious VS Code Extension Raises Concerns Over Marketplace Security
November 7, 2025
A malicious Visual Studio Code extension mimicking “pyms-folders” was found on Microsoft’s marketplace, encrypting user files in a ransomware-like attack. Researchers believe the extension was ...
Cisco Warns of New Attack Variant Exploiting Secure Firewall ASA and FTD Vulnerabilities
November 6, 2025
Cisco has warned of a new attack variant targeting its Secure Firewall ASA and FTD devices, exploiting CVE-2025-20333 and CVE-2025-20362 in tandem for remote code ...
ClickFix Malware Evolves: New Tactics Use Video Guides and Timers to Increase Infection Rates
November 6, 2025
The ClickFix malware campaign is redefining social engineering by tricking users into manually infecting their systems through fake video guides, countdown timers, and OS-specific commands. ...
Clop Ransomware Group Adds The Washington Post to Leak Site After Alleged Breach
November 6, 2025
The Clop ransomware gang has claimed responsibility for a cyberattack on The Washington Post, adding the newspaper to its dark web leak site amid ongoing ...
Nevada Completes Full Recovery from Devastating Statewide Ransomware Attack
November 6, 2025
Nevada has fully restored operations across 60 state agencies nearly a year after a massive ransomware attack crippled public services in August 2023. The state ...
Truffle Security Secures $25 Million to Expand Secrets Scanning Capabilities
November 6, 2025
Truffle Security has raised $25 million in Series A funding led by Decibel to expand its enterprise-grade secrets detection and remediation platform. Evolving from its ...
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack
November 6, 2025
The U.S. Congressional Budget Office has confirmed a cybersecurity incident involving unauthorized access to its network, with early evidence pointing to a foreign threat actor. ...
Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
November 6, 2025
Researchers at Tenable uncovered seven security flaws in OpenAI’s ChatGPT, including critical vulnerabilities in the GPT-4o model that exposed memory-stored user data and allowed web ...
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
November 6, 2025
Executive Russian hacking group Sandworm has hit Ukraine’s grain sector with destructive wiper malware, targeting economic infrastructure in attacks now reaching beyond government and energy ...
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
November 6, 2025
Hackers allegedly breached Russia’s Radon nuclear waste plant, stealing testing data, user information, and employee details, raising national security concerns over access to sensitive nuclear ...
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
November 6, 2025
A misconfigured third-party database exposed over 50,000 Stanford Health Care and Hillsboro Medical Center staff records, including payroll data, emails, and hashed passwords, increasing phishing ...
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
November 6, 2025
The Qilin ransomware gang claims to have stolen data from Habib Bank AG Zurich, exposing sensitive customer details and internal source code.
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
November 6, 2025
A global survey found 82 percent of large financial-services organisations reported a data breach or leak in the past year, signalling pervasive cyber-risk across the ...
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
November 6, 2025
The U.S. Treasury has sanctioned eight North Korea-linked individuals and entities accused of laundering funds from cyberattacks to finance Pyongyang’s weapons programs. The move targets ...
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
November 6, 2025
Microsoft has added a new web-based feature to the Microsoft Store that lets users create a single installer for multiple apps. The enhancement simplifies deployments, ...
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
November 6, 2025
Google has uncovered AI-driven malware capable of mutating its code during execution, evading traditional detection tools. By embedding machine learning models directly into payloads, attackers ...
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
November 6, 2025
The Gootloader malware gang has resurfaced after months of inactivity, reviving its signature SEO poisoning attacks. By manipulating search results to distribute malicious downloads through ...
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
November 6, 2025
Hyundai AutoEver America is now investigating a data breach that led to unauthorized access to sensitive personal information belonging to employees and contractors. The automotive ...
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
November 6, 2025
SonicWall has attributed its 2023 security breach to a suspected state-sponsored APT group that accessed firewall configuration backups. While no personal data was exposed, the ...
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Tech Giants Invest $12.5 Million in Open Source Software Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Stryker’s Internal Microsoft Environment Was Breached Last Week
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
Phishing Attack Hits Intuitive’s Internal IT Business Systems
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
How AI Is Making Financial Fraud 4.5 Times More Profitable
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Targeted Phishing Attack Breaches Security Firm Executive