Main Menu
Cyber Security
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
WatchTowr Warns of Major Data Leaks Through Developer Tools
UK Government’s Digital ID Plans Face Scrutiny Over Cost and Savings
Bloody Wolf’s Cyber Offensive: A Deep Dive into Targeted Attacks in Central Asia
Asahi Cyberattack Exposes Extensive Data Breach: A Blow to Japan’s Brewer Giant
OpenAI Scrutinizes Vendor Relationships After Mixpanel’s Data Breach
Naver’s Cryptocurrency Exchange Acquisition Marred by Cyberattack
Ex-NCSC Chief to Investigate Premature Online Leak of Budget Forecast
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
ShadowV2 Botnet Malware Exploits IoT Vulnerabilities in D-Link and TP-Link Devices
Comcast’s $1.5 Million Settlement in Data Breach Incident with FCC
Global Crackdown Dismantles Lumma Infostealer Malware Network, Seizes 2,300 Domains
News
Global Crackdown Dismantles Lumma Infostealer Malware Network, Seizes 2,300 Domains
Andrew Doyle May 22, 2025
Authorities and private sector partners have dismantled the infrastructure of the Lumma Infostealer malware, a dominant player in the malware-as-a-service (MaaS) ecosystem.
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
News
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
Mitchell Langley May 22, 2025
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
EU Sanctions Stark Industries and Leadership for Supporting Russian Cyber Operations
News
EU Sanctions Stark Industries and Leadership for Supporting Russian Cyber Operations
Andrew Doyle May 22, 2025
The EU has sanctioned Stark Industries and its leadership for enabling Russian cyber operations, disinformation, and infrastructure support used in attacks against European interests.
Serviceaide Data Leak Exposes Health Records of Over 480,000 Catholic Health Patients
News
Serviceaide Data Leak Exposes Health Records of Over 480,000 Catholic Health Patients
Mitchell Langley May 21, 2025
Serviceaide exposed over 480,000 Catholic Health patients' records due to a misconfigured Elasticsearch database, putting sensitive personal and medical data at risk.
Coinbase Data Breach Exposes Personal Information of 69,461 Customers in Contractor-Driven Incident
News
Coinbase Data Breach Exposes Personal Information of 69,461 Customers in Contractor-Driven Incident
Andrew Doyle May 21, 2025
Coinbase confirms a data breach involving overseas contractors that exposed personal and financial information of 69,461 users, prompting fears of social engineering and financial fraud. ...
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Cybersecurity
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Andrew Doyle May 21, 2025
A supply chain attack on RVTools delivered Bumblebee malware through a trojanized installer, compromising virtualization admins and enabling follow-on ransomware or data exfiltration attacks.
Over 100 Malicious Chrome Extensions Found Masquerading as AI Tools, VPNs, and Crypto Utilities
News
Over 100 Malicious Chrome Extensions Found Masquerading as AI Tools, VPNs, and Crypto Utilities
Mitchell Langley May 21, 2025
A massive and ongoing campaign involving over 100 malicious Chrome extensions has been uncovered, with threat actors deploying browser add-ons ...
Tesco, Aldi Supplier Peter Green Chilled Hit by Ransomware, Disrupting UK Retail Supply Chains
News
Tesco, Aldi Supplier Peter Green Chilled Hit by Ransomware, Disrupting UK Retail Supply Chains
Andrew Doyle May 21, 2025
UK logistics firm Peter Green Chilled suffered a ransomware attack, disrupting deliveries for Tesco, Aldi, and Sainsbury’s amid a rising wave of supply chain cyberattacks. ...
PowerSchool Hacker Pleads Guilty to Student Data Extortion Scheme
News
PowerSchool Hacker Pleads Guilty to Student Data Extortion Scheme
Andrew Doyle May 21, 2025
A 19-year-old hacker has pleaded guilty to breaching PowerSchool and extorting millions by threatening to leak sensitive data on over 71 million students and teachers. ...
SK Telecom Malware Breach Lasted 3 Years, Exposed 27 Million Phone Numbers
News
SK Telecom Malware Breach Lasted 3 Years, Exposed 27 Million Phone Numbers
Mitchell Langley May 21, 2025
SK Telecom’s malware breach exposed 27 million phone numbers over three years via a supply chain attack targeting its security affiliate SK Shieldus.
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
News
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
Mitchell Langley May 21, 2025
Cellcom confirms a cyberattack caused week-long service outages across Wisconsin and Michigan, impacting calls and SMS; personal data reportedly not compromised.
VanHelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
News
VanHelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
Mitchell Langley May 21, 2025
VanHelsing ransomware's builder and affiliate panel source code leaked after a former developer tried to sell it, prompting the gang to release it themselves.
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
News
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
Andrew Doyle May 20, 2025
Scattered Spider used third-party TCS employee credentials to breach M&S systems, exposing customer data and costing over £1 billion in market value and lost profits. ...
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
News
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
Mitchell Langley May 20, 2025
Fake KeePass installers promoted via Bing ads delivered Cobalt Strike and stole credentials, ultimately leading to ESXi ransomware attacks linked to Black Basta affiliates.
TeleMessage Breach Exposes U.S. Government Messaging Data, 410GB Archive Published by DDoSecrets
News
TeleMessage Breach Exposes U.S. Government Messaging Data, 410GB Archive Published by DDoSecrets
Mitchell Langley May 20, 2025
Hackers exploited a flaw in TeleMessage’s TM SGNL app, exposing U.S. official communications. DDoSecrets published 410GB of chat logs and metadata from the breach.
Arla Foods Cyberattack Disrupts German Production Site, Causes Delivery Delays
News
Arla Foods Cyberattack Disrupts German Production Site, Causes Delivery Delays
Andrew Doyle May 20, 2025
Arla Foods confirmed a cyberattack at its Upahl production site in Germany, disrupting operations and causing delivery delays. No data theft has been confirmed.
O2 Flaw Leaked Customer Geolocation Data to Any Caller
News
O2 Flaw Leaked Customer Geolocation Data to Any Caller
Andrew Doyle May 20, 2025
O2 exposed customers’ real-time locations via VoLTE call metadata. A researcher found SIP headers leaking geolocation and device data. The issue is now resolved.
Coinbase Insider Breach Exposes Customer Data and Government IDs; $20M Ransom Rejected
News
Coinbase Insider Breach Exposes Customer Data and Government IDs; $20M Ransom Rejected
Andrew Doyle May 19, 2025
Coinbase Insider Breach revealed that rogue support agents aided a cyberattack stealing customer data and government IDs. The attackers demanded $20 million, but Coinbase refused ...
Hackers Target VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own Berlin 2025
News
Hackers Target VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own Berlin 2025
Mitchell Langley May 19, 2025
Researchers at Pwn2Own Berlin 2025 earned $695,000 for exploiting zero-day flaws in VMware ESXi, Microsoft SharePoint, Firefox, and AI platforms.
Adidas and Dior Confirm Customer Data Breaches Following Targeted Cyberattacks
News
Adidas and Dior Confirm Customer Data Breaches Following Targeted Cyberattacks
Mitchell Langley May 19, 2025
Adidas and Dior confirmed data breaches affecting customer information in Korea and China. Both brands reported no financial data exposure and began notifying affected individuals. ...
Albiriox Banking Trojan Poses New Threat to Android Devices
Cybersecurity
Albiriox Banking Trojan Poses New Threat to Android Devices
Andrew Doyle December 2, 2025
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Cybersecurity
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Andrew Doyle December 2, 2025
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Cybersecurity
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Andrew Doyle November 27, 2025
ShadowV2 Botnet A Test Run Amidst AWS Outage
Cybersecurity
ShadowV2 Botnet: A Test Run Amidst AWS Outage
Andrew Doyle November 27, 2025

TOP CYBERSECURITY HEADLINES

$29 Million in Bitcoin Seized from Cryptomixer Implications for Cybercrime
Cybersecurity
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
Application Security
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
Cybersecurity
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant

This Week’s Security Spotlight

South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Andrew Doyle December 2, 2025
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Cybersecurity
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Mitchell Langley November 30, 2025
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Application Security
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Andrew Doyle November 30, 2025
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Cybersecurity
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Mitchell Langley November 27, 2025
More In News
Trending
AI-Powered Phishing Campaigns Mimic Enterprise Marketing Operations
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Air France–KLM Data Breach Exposes Customer Info via Compromised Third-Party Platform
August 7, 2025
Podcasts
Critical Flaws in CyberArk Conjur and HashiCorp Vault Put Enterprise Secrets at Risk
August 7, 2025
Podcasts
Prompt Injection Nightmare: Critical AI Vulnerabilities in ChatGPT, Copilot, Gemini & More
August 7, 2025

Cyber Security News

Sotheby’s Confirms Data Breach Exposing Financial Information
Cybersecurity
Sotheby’s Confirms Data Breach Exposing Financial Information
October 16, 2025
Fake LastPass and Bitwarden “Breach Alerts” Lead to PC Hijacks via Remote Access Tools
Cybersecurity
Fake LastPass and Bitwarden “Breach Alerts” Lead to PC Hijacks via Remote Access Tools
October 16, 2025
ICTBroadcast Servers Under Threat Cookie Vulnerability Enables Remote Code Execution
Application Security
ICTBroadcast Servers Under Threat: Cookie Vulnerability Enables Remote Code Execution
October 16, 2025
SAP NetWeaver Patch Released for CVSS 10.0 Deserialization Flaw Vulnerability
Application Security
SAP NetWeaver Patch Released for CVSS 10.0 Deserialization Flaw Vulnerability
October 16, 2025
Redis Releases Update to Fix CVE-2025-49844 Critical RCE Vulnerability
Network Security
Redis Releases Update to Fix CVE-2025-49844 Critical RCE Vulnerability
October 16, 2025
Industrial Control at Risk Red Lion RTU Vulnerabilities Score 10.0 CVSS
Application Security
Industrial Control at Risk: Red Lion RTU Vulnerabilities Score 10.0 CVSS
October 16, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
SafePay Ransomware: LockBit’s Lonewolf Ghost
July 15, 2025
SafePay is a centralized ransomware group leveraging LockBit-derived code, stealthy infiltration, and rapid encryption—targeting SMEs and MSPs globally without using affiliates or public channels.
Saudi Industrial Giant Rezayat Group Listed on Dark Web After Alleged Everest Ransomware Breach
July 15, 2025
Saudi-based Rezayat Group has allegedly been breached by the Everest ransomware gang, with hackers claiming to have stolen 10GB of sensitive corporate and client data. ...
Gigabyte Firmware Vulnerabilities Expose Over 240 Motherboards to Stealth UEFI Malware Attacks
July 15, 2025
Gigabyte motherboards face critical firmware flaws that enable stealthy UEFI malware to bypass Secure Boot, posing long-term risks to systems in enterprise and industrial environments. ...
Interlock Ransomware Now Deploying FileFix to Deliver RAT Payloads via Social Engineering
July 15, 2025
Interlock Ransomware Switches to FileFix for Stealthy RAT Delivery The Interlock ransomware operation has adopted a new delivery mechanism known as FileFix, using it to ...
Louis Vuitton UK Confirms Customer Data Breach Amid Growing Wave of Retail Cyberattacks
July 15, 2025
Louis Vuitton UK confirms a data breach exposing customer PII, marking the latest in a string of high-profile retail cyberattacks across the country this year. ...
Elmo’s X Account Hacked: Hacker Incite Violence Against Jews and Trump and Mentions Epstein Files
July 15, 2025
Elmo’s official X account was hijacked by a hacker who posted antisemitic slurs and inflammatory content about Trump and Jeffrey Epstein, sparking widespread outrage online. ...
Google Gemini Email Summary Flaw Enables Hidden Phishing Attacks
July 14, 2025
A hidden prompt injection flaw in Google Gemini allows attackers to plant invisible phishing instructions in emails, triggering deceptive summaries without links or attachments.
Alabama City of Gardendale Allegedly Hit by INC Ransom Gang in Data Breach
July 14, 2025
The City of Gardendale, Alabama, has allegedly suffered a ransomware breach, with threat actors claiming to have stolen 50GB of sensitive municipal and citizen data. ...
Critical Vulnerabilities Discovered in Adobe Acrobat Reader and ASUS Armoury Crate
July 14, 2025
Four high-severity security flaws were found in ASUS Armoury Crate and Adobe Acrobat Reader, exposing millions of users to potential system hijacking and data theft ...
Nippon Steel Hit by Zero-Day Attack, Sensitive Data Believed Stolen
July 14, 2025
Nippon Steel confirms a zero-day cyberattack in March exposed sensitive information belonging to customers, employees, and partners, raising concerns over escalating threats to industrial firms. ...
Wing FTP Server Under Active Exploitation Following Critical RCE Vulnerability Disclosure
July 14, 2025
Hackers are actively exploiting a critical remote code execution vulnerability in Wing FTP Server, just one day after technical details became public, targeting enterprise systems ...
TikTok, China, and the EU: The Battle Over Data Sovereignty
July 11, 2025
In this episode, we explore the mounting scrutiny TikTok faces over its handling of European user data, with the EU’s Data Protection Commission (DPC) launching ...
WSUS Meltdown: Global Sync Failures and the Shift Toward Cloud Patch Management
July 11, 2025
Windows Server Update Services (WSUS) has long been a cornerstone of enterprise patch management—but recent global synchronization failures have raised serious questions about its future ...
Booz Allen Invests in Corsha: Defending Machine-to-Machine Communication at Scale
July 11, 2025
As the cybersecurity landscape shifts toward hyperautomation and AI-driven autonomy, a new frontier has emerged: the identity and access security of machines. In this episode, ...
Cracking eSIM: Exposing the Hidden Threats in Next-Gen Mobile Security
July 11, 2025
eSIM technology has transformed the way we connect—but has it also introduced new vulnerabilities into the heart of modern telecommunications? In this deep-dive episode, we ...
Hackers Trojanize Legitimate Mac Developer Tools with ZuRu Malware
July 11, 2025
Hackers are embedding ZuRu malware into legitimate Mac developer apps like Termius, compromising systems with persistent backdoors and targeting environments lacking strong endpoint protection.
Russian Basketball Player Arrested in France for Alleged Role in Ransomware Operations
July 11, 2025
Former Penn State basketball player Daniil Kasatkin is facing extradition to the U.S. after being arrested in France for allegedly acting as a ransomware gang ...
McDonald’s Massive AI-Linked Breach Sparks Industry Concerns Over Data Security and Governance
July 11, 2025
A data breach affecting 60 million McDonald’s job applicants has reignited debate over AI’s data handling risks, with experts urging stronger fundamentals in data security. ...
PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution Risks
July 11, 2025
Bluetooth flaws in OpenSynergy’s BlueSDK expose vehicles from Mercedes, Volkswagen, and Skoda to over-the-air attacks, enabling remote access and potential movement into critical systems.
Say Goodbye to Manual Identity Processes and Hello to Scalable IAM Automation
July 11, 2025
Manual identity processes expose your business to risk. Discover how scalable IAM automation transforms user access, improves compliance, and eliminates operational bottlenecks.
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity