Main Menu
Cyber Security
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
WatchTowr Warns of Major Data Leaks Through Developer Tools
UK Government’s Digital ID Plans Face Scrutiny Over Cost and Savings
Bloody Wolf’s Cyber Offensive: A Deep Dive into Targeted Attacks in Central Asia
Asahi Cyberattack Exposes Extensive Data Breach: A Blow to Japan’s Brewer Giant
OpenAI Scrutinizes Vendor Relationships After Mixpanel’s Data Breach
Naver’s Cryptocurrency Exchange Acquisition Marred by Cyberattack
Ex-NCSC Chief to Investigate Premature Online Leak of Budget Forecast
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
ShadowV2 Botnet Malware Exploits IoT Vulnerabilities in D-Link and TP-Link Devices
Comcast’s $1.5 Million Settlement in Data Breach Incident with FCC
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
News
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
Mitchell Langley June 1, 2025
Two critical vBulletin vulnerabilities, actively exploited in the wild, allow attackers to execute code remotely by abusing template logic and PHP’s Reflection API.
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
News
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
Andrew Doyle June 1, 2025
Exploit details for a critical Cisco IOS XE Wireless LAN Controller vulnerability (CVE-2025-20188) are now public, raising urgent concerns about remote code execution risks.
184 Million Login Credentials Exposed in Major Unprotected Database Leak
News
184 Million Login Credentials Exposed in Major Unprotected Database Leak
Andrew Doyle June 1, 2025
Over 184 million login credentials were exposed online in plain text, revealing widespread negligence in data protection and the growing threat of credential-based cyberattacks.
This Week In Cybersecurity: 26th to 30th May, 2025
Cybersecurity Newsletter
This Week In Cybersecurity: 26th to 30th May, 2025
Andrew Doyle May 30, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
Victoria’s Secret Takes Website Offline Following Security Incident
News
Victoria’s Secret Takes Website Offline Following Security Incident
Mitchell Langley May 30, 2025
Victoria’s Secret temporarily disabled its website and limited in-store services to address a cybersecurity incident. Third-party experts have been engaged; stores remain open.
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
News
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
Mitchell Langley May 30, 2025
An exposed Unimed server leaked over 14 million private patient-doctor messages, including medical data, documents, and IDs—posing major cybersecurity and privacy risks.
Russian Nuclear Facility Blueprints Exposed in Massive Security Breach
News
Russian Nuclear Facility Blueprints Exposed in Massive Security Breach
Andrew Doyle May 30, 2025
Russian nuclear facility blueprints were exposed in a public procurement database, revealing sensitive layouts of missile silos and bunkers tied to Moscow’s nuclear modernization.
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
News
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
Mitchell Langley May 30, 2025
Chinese APT41 hackers used Google Calendar to run malware operations and exfiltrate data, exploiting Calendar events for covert command-and-control and stealth communications.
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
News
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
Mitchell Langley May 29, 2025
Medusa ransomware claims a 150GB data breach at RE/MAX and demands $200K ransom. Exposed files include agent details, commissions, and internal property documents.
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
News
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
Mitchell Langley May 29, 2025
BSI warns of an unpatched flaw in Windows Server 2025 Active Directory that allows domain takeover via dMSA. Microsoft rates it moderate; Germany rates it ...
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
News
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
Andrew Doyle May 29, 2025
An exposed Azure storage bucket leaked 1.6 million customer emails from Etsy, TikTok Shop, and others, revealing names, addresses, and order data.
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
News
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
Andrew Doyle May 29, 2025
Everest ransomware group claims to have breached Jordan Kuwait Bank, stealing 11.7GB of internal data, including personal employee details, and demanding ransom by May 31. ...
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
News
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
Mitchell Langley May 29, 2025
Chaos ransomware has claimed a cyberattack on the Salvation Army, threatening to leak sensitive charity data unless demands are met. Scope and content remain undisclosed. ...
Alleged AT&T Data Breach Exposes 31 Million Records
News
Alleged AT&T Data Breach Exposes 31 Million Records
Andrew Doyle May 28, 2025
Hackers claim to have leaked 31 million AT&T user records, including tax IDs and IPs, though researchers cannot confirm the breach due to limited data ...
Russian Espionage Group ‘Laundry Bear’ Hacks Dutch Police and NATO-Aligned Targets
News
Russian Espionage Group ‘Laundry Bear’ Hacks Dutch Police and NATO-Aligned Targets
Andrew Doyle May 28, 2025
Dutch intelligence links a new Russian cyber espionage group, Laundry Bear, to attacks on NATO entities and the Dutch police targeting sensitive military and diplomatic ...
Firmware and Bootloaders Under Attack as Hackers Target Pre-OS Environments
News
Firmware and Bootloaders Under Attack as Hackers Target Pre-OS Environments
Mitchell Langley May 28, 2025
Hackers are escalating attacks on BIOS and bootloaders, exploiting pre-OS vulnerabilities to maintain persistence, evade detection, and bypass Secure Boot protections.
Everest Ransomware Gang Targets $5.4B Global Hospital Group Mediclinic
News
Everest Ransomware Gang Targets $5.4B Global Hospital Group Mediclinic
Andrew Doyle May 28, 2025
Everest ransomware gang claims cyberattack on global hospital group Mediclinic, stealing employee data and 4GB of internal files. Ransom deadline set for five days.
Rhysida Ransomware Gang Claims Cyberattack on Brazilian Chevrolet Retailer
News
Rhysida Ransomware Gang Claims Cyberattack on Brazilian Chevrolet Retailer
Mitchell Langley May 28, 2025
Rhysida ransomware gang claims to have breached Carrera, a leading Brazilian Chevrolet dealership, demanding $1 million and threatening to leak passports and contracts.
Coca-Cola Data Breach: Employee Details Leaked After Ignored Ransom Demand
News
Coca-Cola Data Breach: Employee Details Leaked After Ignored Ransom Demand
Mitchell Langley May 28, 2025
Hackers leaked Coca-Cola employee data after the company ignored Everest ransomware’s ransom demand. The breach exposed passport scans, visa documents, and personal IDs online.
Coinbase Faces Investor Lawsuit After Data Breach Exposes 69,000+ Customers
News
Coinbase Faces Investor Lawsuit After Data Breach Exposes 69,000+ Customers
Mitchell Langley May 27, 2025
Coinbase faces a class action lawsuit after a breach exposed data of over 69,000 users. Insider involvement and financial impact raise enterprise security concerns.
Albiriox Banking Trojan Poses New Threat to Android Devices
Cybersecurity
Albiriox Banking Trojan Poses New Threat to Android Devices
Andrew Doyle December 2, 2025
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Cybersecurity
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Andrew Doyle December 2, 2025
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Cybersecurity
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Andrew Doyle November 27, 2025
ShadowV2 Botnet A Test Run Amidst AWS Outage
Cybersecurity
ShadowV2 Botnet: A Test Run Amidst AWS Outage
Andrew Doyle November 27, 2025

TOP CYBERSECURITY HEADLINES

$29 Million in Bitcoin Seized from Cryptomixer Implications for Cybercrime
Cybersecurity
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
Application Security
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
Cybersecurity
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant

This Week’s Security Spotlight

South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Andrew Doyle December 2, 2025
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Cybersecurity
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Mitchell Langley November 30, 2025
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Application Security
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Andrew Doyle November 30, 2025
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Cybersecurity
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Mitchell Langley November 27, 2025
More In News
Trending
AI-Powered Phishing Campaigns Mimic Enterprise Marketing Operations
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
RansomHub Hits Michigan’s Manpower — Data Breach Exposes 140,000 Individuals
August 13, 2025
Podcasts
Germany’s Top Court Limits Police Spyware to Serious Crimes Only
August 11, 2025
Podcasts
Security Firms Warn GPT-5 Is Wide Open to Jailbreaks and Prompt Attacks
August 11, 2025

Cyber Security News

AI-Powered Villager Pen Test Tool Hits 11K Downloads, Sparks Abuse Concerns
Application Security
AI-Powered Villager Pen Test Tool Hits 11K Downloads, Sparks Abuse Concerns
October 17, 2025
Oracle E-Business Suite Hit by Cl0p Ransomware Using CVE-2025-61882
Application Security
Oracle E-Business Suite Hit by Cl0p Ransomware Using CVE-2025-61882
October 17, 2025
Microsoft Revokes 200+ Fraudulent Certificates Thwarts Rhysida Ransomware Campaign
Application Security
Microsoft Revokes 200+ Fraudulent Certificates: Thwarts Rhysida Ransomware Campaign
October 17, 2025
WatchGuard Fireware OS Vulnerability CVE-2025-9242 Enables Remote Code Execution
Application Security
WatchGuard Fireware OS Vulnerability: CVE-2025-9242 Enables Remote Code Execution
October 17, 2025
SonicWall VPN Breach Over 100 Accounts Compromised in Security Incident
Application Security
SonicWall VPN Breach: Over 100 Accounts Compromised in Security Incident
October 17, 2025
Stealit Malware Exploits Node.js Sneaky Infection via Game and VPN Installers
Application Security
Stealit Malware Exploits Node.js: Sneaky Infection via Game and VPN Installers
October 17, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
July 22, 2025
Dior is alerting U.S. customers about a data breach that exposed personal data. The cyberattack, linked to ShinyHunters, targeted LVMH brands via a third-party vendor. ...
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
July 22, 2025
A bug in ExpressVPN's Windows client leaked real IP addresses during RDP sessions. The issue, now fixed, affected traffic over port 3389 outside the VPN ...
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
July 22, 2025
A backend glitch at Ring caused customers to see unknown devices logged into their accounts, but Amazon insists there’s been no security breach or unauthorized ...
Dior Data Breach Exposes U.S. Customer Info in LVMH Vendor Attack
July 21, 2025
In this episode, we unpack the January 2025 data breach at Dior, the iconic luxury fashion house, which exposed sensitive personal information of U.S. customers—including ...
StrongestLayer Raises $5.2M to Fight AI-Powered Phishing with TRACE
July 21, 2025
In an era where generative AI is being used not just for productivity but for precision cybercrime, a San Francisco-based startup, StrongestLayer, is taking a ...
750,000 Records Exposed: Inside the TADTS Data Breach by BianLian
July 21, 2025
In July 2024, The Alcohol & Drug Testing Service (TADTS), a Texas-based company handling sensitive employment-related data, suffered a catastrophic data breach. Nearly 750,000 individuals ...
SS7 Is Still Broken: How Surveillance Firms Are Bypassing Telco Defenses
July 21, 2025
A new attack technique is exposing just how vulnerable global mobile networks remain in 2025. Cybersecurity firm Enea has discovered a surveillance operation that bypasses ...
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
July 21, 2025
Arch Linux pulled three AUR packages after discovering they delivered Chaos RAT malware through a malicious GitHub script, compromising Linux systems via community-sourced PKGBUILD files. ...
New CrushFTP Zero-Day Exploit Enables Admin Access on Unpatched Servers
July 21, 2025
CrushFTP warns of an actively exploited zero-day vulnerability (CVE-2025-54309) allowing full admin access via web interface on unpatched servers running outdated builds.
Widespread Cyberattack Exploits Microsoft SharePoint Zero-Day, Hits U.S. Agencies and Global Targets
July 21, 2025
Hackers exploited a zero-day in Microsoft SharePoint, breaching U.S. agencies, global businesses, and universities before patches were issued. Some breaches include loss of critical data. ...
Weekly Cybersecurity Newsletter: 14th to 18th August
July 19, 2025
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
July 18, 2025
BigONE cryptocurrency exchange suffered a $27 million breach involving its hot wallet. While user funds are safe, blockchain forensics reveal ongoing laundering of stolen assets. ...
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
July 18, 2025
LameHug malware uses an AI language model to craft system commands on the fly, targeting Windows machines in attacks linked to Russian-backed APT28.
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
July 18, 2025
Luxury fashion house Louis Vuitton confirmed that recent customer data breaches in the UK, South Korea, and Turkey all trace back to a single cyberattack ...
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
July 18, 2025
A critical Cisco ISE vulnerability (CVE-2025-20337) exposes systems to remote code execution and root access. Enterprises must upgrade to Patch 7 or Patch 2 immediately. ...
Chinese APT Group Salt Typhoon Breaches U.S. National Guard Network, Steals Critical Configuration Files
July 18, 2025
Salt Typhoon, a Chinese state-backed hacking group, quietly breached a U.S. Army National Guard network for nine months, stealing sensitive configuration files and credentials.
The UNFI Cyberattack: How Hackers Disrupted the U.S. Food Supply Chain
July 17, 2025
In June 2025, United Natural Foods, Inc. (UNFI)—the primary distributor for Whole Foods and tens of thousands of retailers across North America—suffered a major cyberattack ...
Zuckerberg on Trial: The $8 Billion Data Privacy Reckoning
July 17, 2025
More than five years after the Cambridge Analytica scandal, the legal and financial consequences are still playing out—this time in Delaware’s Chancery Court, where Mark ...
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US
July 17, 2025
Salt Typhoon, a Chinese cyber-espionage group, infiltrated a US state's Army National Guard network, exfiltrating sensitive data and threatening nationwide cybersecurity coordination efforts.
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity