Cyber Security
Cybersecurity
PyStoreRAT: New JavaScript-Based RAT Distributed via GitHub
Cybersecurity experts uncover a new campaign using GitHub-hosted Python repositories to deploy PyStoreRAT, a JavaScript-based Remote Access Trojan. The threat disguises itself within repositories posing ...
Cybersecurity
Pentagon Pushes for Post-Quantum Cryptography Amid Rising Tech Tensions
In a pivotal move, the Pentagon's directive to speed up the integration of post-quantum cryptography (PQC) technology comes amid heightened technical tensions. As the U.S. ...
Cybersecurity
New Cyber Threats: Movie Downloads and Software Updates Under Siege
Cybersecurity incidents reveal a growing threat landscape as hackers infiltrate common online platforms, from movie downloads to browser extensions, leaving users vulnerable. Tech companies and ...
Cybersecurity
Zero-day Vulnerability in Gogs Leads to Hundreds of Compromised Servers
A zero-day vulnerability in Gogs, a well-known self-hosted Git service, has enabled attackers to execute remote code execution on numerous internet-facing instances, impacting hundreds of ...
Cybersecurity
Former Employee Faces Charges Over Alleged Cybersecurity Fraud: DoD Compliance in Question
Danielle Hillmer, a former Accenture executive, is facing charges for allegedly misrepresenting the Department of Defense (DoD) compliance of a cloud platform used by her ...
Cybersecurity
Microsoft Expands Vulnerability Rewards Program to Third-Party Code
Microsoft's updated program rewards security researchers for finding critical vulnerabilities in Microsoft online services, including third-party code. The initiative aims to strengthen digital defenses and ...
Application Security
Stealthy Campaign Targets Developers With Malicious VSCode Extensions
A stealth campaign has targeted developers using VSCode with 19 malware-infested extensions since February. Threat actors exploit the flexibility of VSCode extensions to distribute malicious ...
News
CyberVolk’s Return: Unpacking the Pro-Russian Hacktivist’s Ransomware Resurgence
CyberVolk, a pro-Russian hacktivist group, resurfaces with new ransomware. Despite causing alarm, they inadvertently left a method for data recovery.
Cybersecurity
Cybercrime as a Service: The New Era of Subscription-Based Attacks
Cybercriminals have adopted a subscription-based model akin to SaaS, granting low-skill hackers easy access to potent tools. Phishing kits, OTP bots, infostealer logs, and RATs ...
News
MITRE’s 2025 ATT&CK Evaluations Reveal Company Performance on Detection Rates
The 2025 ATT&CK Enterprise evaluations by MITRE reveal detailed performance metrics of eleven cybersecurity companies, highlighting their detection capabilities. Several companies achieved a 100% detection ...
Cybersecurity
LastPass Suffers Major Setback as ICO Imposes Consequences Over 2022 Data Breach
LastPass has been fined £1.2 million by the UK's Information Commissioner's Office due to a severe 2022 data breach. The breach exposed sensitive information from ...
Cybersecurity
Vulnerabilities in PCIe IDE Protocol Pose Risks to Local Systems
Security flaws in the PCIe IDE protocol in Base Specification Revision 5.0 and beyond have been discovered, which could allow local attackers to exploit systems. ...
Application Security
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
Google has implemented security measures to patch the GeminiJack vulnerability, a zero-click exploit that exposed enterprise data to potential threats through emails and calendar invites. ...
News
Spiderman Phishing Kit Poses New Threat to European Banks and Crypto Holders
Spiderman phishing kit uses cloned websites to deceive European bank and crypto customers. The fraudulent sites mimic legitimate brands, posing significant risks.
Cybersecurity
Why Insuring Keith Richards’ Fingers Highlights Risk Management in Cybersecurity
Celebrities have insured body parts like Keith Richards' fingers, echoing the importance of protecting vital assets, much like prioritizing key elements in cybersecurity.
Data Security
Docker Hub Data Exposure Puts Thousands of Containers at Risk
More than 10,000 Docker Hub container images have been found to expose sensitive data, including live credentials for production systems and CI/CD databases. The exposure ...
Cybersecurity
React2Shell Exploit Continues to Deliver Undetected Malware Families
React2Shell is exploiting a severe flaw in React Server Components to install cryptocurrency miners and introduce unseen malware families. The threats include a Linux backdoor, ...
Application Security
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Microsoft is set to bolster Teams with a new security feature that examines suspicious traffic involving external domains. This strategic enhancement is poised to assist ...
Application Security
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
Researchers identified a .NET security flaw impacting enterprise-grade solutions, urging a fix. Despite discovering the vulnerability, Microsoft has chosen not to address the issue, leading ...
Application Security
.NET Framework Vulnerability SOAPwn: Impact on Enterprise Applications
A new vulnerability dubbed SOAPwn has been discovered within the .NET Framework, posing significant risks to enterprise applications by potentially enabling remote code execution. Several ...
Cybersecurity
WantToCry Ransomware Hits SMB Ports, Evades EDR Tools
Cybersecurity
Microsoft Disrupts Fox Tempest Malware-Signing Service
TOP CYBERSECURITY HEADLINES
Cybersecurity
Deleted Google API Keys Stay Active for Up to 23 Minutes
Application Security
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Cybersecurity
Texas AG Sues Meta Over WhatsApp Encryption Claims
This Week’s Security Spotlight
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Application Security
Anthropic Silently Fixed Claude Code Null-Byte Sandbox Escape
Application Security
CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
New Cyber Threats: Movie Downloads and Software Updates Under Siege
Cybersecurity incidents reveal a growing threat landscape as hackers infiltrate common online platforms, from movie downloads to browser extensions, leaving users vulnerable. Tech companies and ...
Zero-day Vulnerability in Gogs Leads to Hundreds of Compromised Servers
A zero-day vulnerability in Gogs, a well-known self-hosted Git service, has enabled attackers to execute remote code execution on numerous internet-facing instances, impacting hundreds of ...
Former Employee Faces Charges Over Alleged Cybersecurity Fraud: DoD Compliance in Question
Danielle Hillmer, a former Accenture executive, is facing charges for allegedly misrepresenting the Department of Defense (DoD) compliance of a cloud platform used by her ...
Microsoft Expands Vulnerability Rewards Program to Third-Party Code
Microsoft's updated program rewards security researchers for finding critical vulnerabilities in Microsoft online services, including third-party code. The initiative aims to strengthen digital defenses and ...
Stealthy Campaign Targets Developers With Malicious VSCode Extensions
A stealth campaign has targeted developers using VSCode with 19 malware-infested extensions since February. Threat actors exploit the flexibility of VSCode extensions to distribute malicious ...
CyberVolk’s Return: Unpacking the Pro-Russian Hacktivist’s Ransomware Resurgence
CyberVolk, a pro-Russian hacktivist group, resurfaces with new ransomware. Despite causing alarm, they inadvertently left a method for data recovery.
Cybercrime as a Service: The New Era of Subscription-Based Attacks
Cybercriminals have adopted a subscription-based model akin to SaaS, granting low-skill hackers easy access to potent tools. Phishing kits, OTP bots, infostealer logs, and RATs ...
MITRE’s 2025 ATT&CK Evaluations Reveal Company Performance on Detection Rates
The 2025 ATT&CK Enterprise evaluations by MITRE reveal detailed performance metrics of eleven cybersecurity companies, highlighting their detection capabilities. Several companies achieved a 100% detection ...
LastPass Suffers Major Setback as ICO Imposes Consequences Over 2022 Data Breach
LastPass has been fined £1.2 million by the UK's Information Commissioner's Office due to a severe 2022 data breach. The breach exposed sensitive information from ...
Vulnerabilities in PCIe IDE Protocol Pose Risks to Local Systems
Security flaws in the PCIe IDE protocol in Base Specification Revision 5.0 and beyond have been discovered, which could allow local attackers to exploit systems. ...
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
Google has implemented security measures to patch the GeminiJack vulnerability, a zero-click exploit that exposed enterprise data to potential threats through emails and calendar invites. ...
Spiderman Phishing Kit Poses New Threat to European Banks and Crypto Holders
Spiderman phishing kit uses cloned websites to deceive European bank and crypto customers. The fraudulent sites mimic legitimate brands, posing significant risks.
Why Insuring Keith Richards’ Fingers Highlights Risk Management in Cybersecurity
Celebrities have insured body parts like Keith Richards' fingers, echoing the importance of protecting vital assets, much like prioritizing key elements in cybersecurity.
Docker Hub Data Exposure Puts Thousands of Containers at Risk
More than 10,000 Docker Hub container images have been found to expose sensitive data, including live credentials for production systems and CI/CD databases. The exposure ...
React2Shell Exploit Continues to Deliver Undetected Malware Families
React2Shell is exploiting a severe flaw in React Server Components to install cryptocurrency miners and introduce unseen malware families. The threats include a Linux backdoor, ...
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Microsoft is set to bolster Teams with a new security feature that examines suspicious traffic involving external domains. This strategic enhancement is poised to assist ...
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
Researchers identified a .NET security flaw impacting enterprise-grade solutions, urging a fix. Despite discovering the vulnerability, Microsoft has chosen not to address the issue, leading ...
.NET Framework Vulnerability SOAPwn: Impact on Enterprise Applications
A new vulnerability dubbed SOAPwn has been discovered within the .NET Framework, posing significant risks to enterprise applications by potentially enabling remote code execution. Several ...
Teen Hacker Arrested in Spain for Major Data Breach Scheme
Spanish authorities have apprehended a 19-year-old in Barcelona for allegedly stealing and attempting to sell 64 million records from nine breached companies. This significant arrest ...
Satellite Signal Interruption Causes Porsche Immobilization in Russia
Hundreds of Porsches in Russia became immobile due to satellite communication issues, sparking fears of a hack. However, Porsche asserts no breach occurred and their ...