Main Menu
Cyber Security
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
WatchTowr Warns of Major Data Leaks Through Developer Tools
UK Government’s Digital ID Plans Face Scrutiny Over Cost and Savings
Bloody Wolf’s Cyber Offensive: A Deep Dive into Targeted Attacks in Central Asia
Asahi Cyberattack Exposes Extensive Data Breach: A Blow to Japan’s Brewer Giant
OpenAI Scrutinizes Vendor Relationships After Mixpanel’s Data Breach
Naver’s Cryptocurrency Exchange Acquisition Marred by Cyberattack
Ex-NCSC Chief to Investigate Premature Online Leak of Budget Forecast
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
ShadowV2 Botnet Malware Exploits IoT Vulnerabilities in D-Link and TP-Link Devices
Comcast’s $1.5 Million Settlement in Data Breach Incident with FCC
APT40: Chinese State Sponsored APT
Resources
APT40: Chinese State Sponsored APT
Mitchell Langley June 5, 2025
APT40, also known as ATK29, BRONZE MOHAWK, G0065, GADOLINIUM, Gingham Typhoon, ISLANDDREAMS, ITG09, KRYPTONITE PANDA, Leviathan, MUDCARP, Red Ladon, TA423, TEMP.Jumper, and TEMP.Periscope, is an ...
The North Face Confirms Credential Stuffing Attack, Customer Accounts Exposed
News
The North Face Confirms Credential Stuffing Attack, Customer Accounts Exposed
Mitchell Langley June 5, 2025
The North Face warns customers of a credential stuffing attack in April that compromised account information but left payment card data untouched, thanks to tokenized ...
Cyprus Airways Data Breach: Hackers Claim Access to Real-Time Systems and Passenger Records
News
Cyprus Airways Data Breach: Hackers Claim Access to Real-Time Systems and Passenger Records
Mitchell Langley June 5, 2025
Hackers claim to have breached Cyprus Airways, stealing 41GB of passenger and staff data and maintaining real-time access to flight systems and travel information.
Gunra Ransomware Group Claims Massive Breach at American Hospital Dubai
News
Gunra Ransomware Group Claims Massive Breach at American Hospital Dubai
Andrew Doyle June 5, 2025
Gunra ransomware claims to have stolen 450 million records from American Hospital Dubai, threatening to leak the data if ransom demands are not met by ...
Cartier Cyberattack Exposes Customer Data as Retail Sector Faces Ongoing Threats
News
Cartier Cyberattack Exposes Customer Data as Retail Sector Faces Ongoing Threats
Andrew Doyle June 5, 2025
Cartier confirms a cyberattack exposed customer data as cyber threats rise across the retail sector, affecting brands like Marks & Spencer, Victoria’s Secret, and Harrods. ...
Medical Data Breach Affected Dental Service Infrastructure
News
Medical Data Breach Affected Dental Service Infrastructure
Andrew Doyle June 4, 2025
An exposed MongoDB database revealed 2.7 million patient records and 8.8 million appointments, likely linked to Gargle, a dental marketing provider, prompting HIPAA scrutiny.
GhostSec: From Hacktivist Roots to RaaS Powerhouse
Resources
GhostSec: From Hacktivist Roots to RaaS Powerhouse
Gabby Lee June 4, 2025
GhostSec evolved from anti-ISIS hacktivists into a global ransomware threat, deploying GhostLocker via RaaS and targeting critical infrastructure with sophisticated, multi-stage infiltration tactics.
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
News
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
Andrew Doyle June 4, 2025
Two malicious RubyGems imitating Fastlane plugins redirect Telegram API calls to attacker-controlled proxies, harvesting bot tokens, chat content, and sensitive developer data.
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
News
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
Mitchell Langley June 4, 2025
Victoria’s Secret has postponed its Q1 2025 earnings release due to system restoration efforts following a May 24 cyber incident affecting corporate, retail, and online ...
The Exploding Threat of Cybercrime-as-a-Service (CaaS) How it's Reshaping the Cybercrime Landscape
Blog
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Andrew Doyle June 4, 2025
The rise of Cybercrime-as-a-Service (CaaS) is transforming the threat landscape, democratizing cyberattacks and making them more frequent and diverse. This blog explores the various CaaS ...
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
News
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
Mitchell Langley June 4, 2025
Volkswagen is investigating Stormous ransomware group’s breach claims, but internal reviews show no unauthorized access or compromised data within the company’s systems so far.
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
News
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
Mitchell Langley June 4, 2025
CISA has warned U.S. agencies of active attacks exploiting a ScreenConnect vulnerability and critical flaws in ASUS routers and Craft CMS. Patches and mitigations are ...
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
News
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
Mitchell Langley June 3, 2025
The North Face has confirmed a credential stuffing attack in April, exposing customer data including names, addresses, and emails. Payment information remains unaffected.
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
News
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
Andrew Doyle June 3, 2025
North Dakota-based Nokota Packers has reportedly suffered a ransomware attack by the J Group gang, with hackers claiming to have stolen 50GB of sensitive data. ...
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
News
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
Mitchell Langley June 3, 2025
Stormous ransomware gang claims a breach at Volkswagen, but provides no sample data. Researchers find no evidence yet of compromised systems or stolen information.
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
News
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
Andrew Doyle June 3, 2025
Cartier has confirmed a cyberattack that exposed limited customer data, including names and email addresses. Sensitive financial and login information was not compromised.
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
News
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
Mitchell Langley June 3, 2025
The Russian Market has surged in popularity as a major cybercrime marketplace, offering stolen credentials harvested by info-stealer malware like Lumma and Acreed.
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
News
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
Andrew Doyle June 1, 2025
Exploit details for a critical Cisco IOS XE Wireless LAN Controller vulnerability (CVE-2025-20188) are now public, raising urgent concerns about remote code execution risks.
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
News
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
Mitchell Langley June 1, 2025
Germany has named Vitaly Kovalev, aka "Stern," as the leader of the Conti ransomware and TrickBot gangs in a major breakthrough tied to Operation Endgame. ...
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
News
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
Andrew Doyle June 1, 2025
Latrodectus malware infected over 44,000 IP addresses before Operation Endgame's global takedown, with Shadowserver warning of critical ongoing threats across infected systems.
Albiriox Banking Trojan Poses New Threat to Android Devices
Cybersecurity
Albiriox Banking Trojan Poses New Threat to Android Devices
Andrew Doyle December 2, 2025
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Cybersecurity
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Andrew Doyle December 2, 2025
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Cybersecurity
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Andrew Doyle November 27, 2025
ShadowV2 Botnet A Test Run Amidst AWS Outage
Cybersecurity
ShadowV2 Botnet: A Test Run Amidst AWS Outage
Andrew Doyle November 27, 2025

TOP CYBERSECURITY HEADLINES

$29 Million in Bitcoin Seized from Cryptomixer Implications for Cybercrime
Cybersecurity
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
Application Security
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
Cybersecurity
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant

This Week’s Security Spotlight

South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Andrew Doyle December 2, 2025
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Cybersecurity
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Mitchell Langley November 30, 2025
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Application Security
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Andrew Doyle November 30, 2025
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Cybersecurity
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Mitchell Langley November 27, 2025
More In News
Trending
AI-Powered Phishing Campaigns Mimic Enterprise Marketing Operations
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Allianz Life Breach: 2.8 Million Records Leaked in Salesforce Hack
August 13, 2025
Podcasts
Charon Ransomware Targets Middle East Government and Aviation Sectors
August 13, 2025
Podcasts
August 2025 Patch Tuesday: Microsoft and Adobe Fix Over 170 Security Flaws
August 13, 2025

Cyber Security News

ConnectWise Automate Patches Critical Flaws Allowing AitM and Malicious Updates
Application Security
ConnectWise Automate Patches Critical Flaws Allowing AitM and Malicious Updates
October 20, 2025
Netcore Cloud Data Leak 13TB Breach Exposes 40 Billion Records
Data Security
Netcore Cloud Data Leak: 13TB Breach Exposes 40 Billion Records
October 20, 2025
F5 Releases Urgent BIG-IP Patches After Stolen Vulnerability Breach
Cybersecurity
F5 Releases Urgent BIG-IP Patches After Stolen Vulnerability Breach
October 20, 2025
Microsoft Patches Highest-Severity ASP.NET Core Flaw Enabling Remote Code Execution
Application Security
Microsoft Patches Highest-Severity ASP.NET Core Flaw Enabling Remote Code Execution
October 20, 2025
Europe Endures 300 Daily Cyberattacks Geopolitical Tensions Fuel Digital Risk
Cybersecurity
Europe Endures 300 Daily Cyberattacks: Geopolitical Tensions Fuel Digital Risk
October 20, 2025
US Power Grid at Risk Unified Cybersecurity Framework Urged to Combat Industrial Vulnerabilities
Cybersecurity
US Power Grid at Risk: Unified Cybersecurity Framework Urged to Combat Industrial Vulnerabilities
October 20, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Clorox Sues Cognizant Over $356M Cyberattack: Who’s Really to Blame?
July 24, 2025
In one of the most dramatic cybersecurity legal battles of the past year, Clorox has filed a lawsuit against IT services giant Cognizant, accusing the ...
HeroDevs Secures $125M to Extend Life of Critical Open Source Software
July 24, 2025
In this episode, we dive deep into HeroDevs’ recent $125 million strategic growth investment, a move that signals a major expansion in the fight against ...
UK Moves to Ban Ransomware Payments for Public Sector and Critical Infrastructure
July 23, 2025
In a landmark move to disrupt the financial engine powering ransomware attacks, the United Kingdom is pushing forward with legislation that would ban ransom payments ...
New SysAid Vulnerabilities Added to CISA’s KEV List: XXE Flaws Could Enable RCE
July 23, 2025
Two newly added vulnerabilities in SysAid’s On-Prem IT support software — CVE-2025-2775 and CVE-2025-2776 — have officially joined the Cybersecurity and Infrastructure Security Agency (CISA)’s ...
Chinese Espionage Groups Target SharePoint Servers in Large-Scale Exploitation Campaigns
July 23, 2025
Microsoft links SharePoint attacks to three Chinese espionage groups, urging immediate patching as critical vulnerabilities enable full server compromise without authentication.
Lumma Stealer Returns: Malware-as-a-Service Resurges After Global Takedown
July 23, 2025
In this episode, we unpack the rapid and concerning resurgence of Lumma Stealer, a sophisticated Malware-as-a-Service (MaaS) platform, just months after a major international takedown. ...
Cisco ISE Critical Flaws Now Actively Exploited: No Workarounds, Just Root Access
July 23, 2025
Hackers are actively exploiting a trio of critical zero-day vulnerabilities in Cisco’s Identity Services Engine (ISE) and Passive Identity Connector (ISE-PIC), prompting urgent patching directives ...
Interlock Ransomware Escalates Attacks on North America and Europe, Warns CISA
July 23, 2025
CISA and FBI warn that Interlock ransomware is accelerating attacks across North America and Europe, targeting healthcare and critical infrastructure with advanced RATs and extortion ...
AMEOS Healthcare Network Confirms Cyberattack, Patient and Employee Data Potentially Exposed
July 23, 2025
AMEOS Group, a leading healthcare provider in Central Europe, has confirmed a data breach affecting patients, employees, and partners. Investigation and containment measures are ongoing. ...
Scammers Exploit Net Financing and Corporate Identities to Steal High-Value Tech Equipment
July 23, 2025
Scammers posing as real businesses use stolen corporate identities and net financing to order expensive equipment—vanishing with goods before invoices come due.
Naval Group Suffers Cyberattack: Hackers Claim Access to French Warship Combat Systems
July 23, 2025
Naval Group, France’s top warship builder, is allegedly breached by hackers claiming access to combat systems source code, raising serious national security concerns.
ToolShell: SharePoint Zero-Day Chain Gives Hackers Full Remote Access
July 22, 2025
A new wave of zero-day attacks—collectively known as ToolShell—is actively targeting Microsoft SharePoint servers, with two vulnerabilities (CVE-2025-53770 and CVE-2025-53771) allowing unauthenticated remote code execution ...
Ransomware Attack Destroys 158-Year-Old Firm After Weak Password Breach
July 22, 2025
A weak employee password allowed ransomware hackers to cripple 158-year-old logistics firm KNP, causing 700 job losses and highlighting the growing threat of ransomware attacks. ...
Veeam Recovery Orchestrator Locks Out Users After MFA Rollout in Faulty Update
July 22, 2025
Veeam Recovery Orchestrator's latest update causes user lockouts after enabling MFA. A fix is available, but affected users must contact support for remediation.
CVE-2025-54309: CrushFTP Zero-Day Exploited in Global Admin Access Attacks
July 22, 2025
A critical zero-day vulnerability in CrushFTP (CVE-2025-54309) is being actively exploited, giving attackers administrative access to over a thousand unpatched servers globally. This severe security ...
Dell Breach by World Leaks: Extortion Attempt Hits Demo Platform
July 22, 2025
Dell Technologies is the latest target in a growing trend of data extortion attacks as threat actors pivot away from traditional ransomware. The cybercrime group ...
Termite Ransomware: The Silent Invader
July 22, 2025
Termite ransomware, active since at least late 2024, targets high-profile organizations. Recent victims include Blue Yonder and Zschimmer & Schwarz, highlighting its broad reach and ...
Ransomware-as-a-Service (RaaS): The Industrialization of Cybercrime and What Enterprises Must Do
July 22, 2025
Ransomware-as-a-Service (RaaS) enables cybercriminals to launch attacks at scale. Learn how it works, why it’s dangerous, and how enterprises can defend and recover effectively.
Critical VPN Vulnerability: ExpressVPN Exposed IPs via RDP Misrouting
July 22, 2025
A critical vulnerability in ExpressVPN’s Windows client has put a spotlight on the often-overlooked dangers of debug code making its way into production software. This ...
California Engineer Admits to Stealing U.S. Missile Detection Secrets for China
July 22, 2025
A California engineer admitted to stealing top-secret U.S. missile tracking technology and funneling it to China, exposing a deep insider espionage operation.
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity