Cyber Security
Application Security
IDEsaster: Uncovering Security Flaws in AI-Powered IDEs
In an alarming revelation, over 30 security vulnerabilities in AI-powered Integrated Development Environments (IDEs) have been uncovered, potentially impacting countless developers. The collective vulnerabilities have ...
CVE Vulnerability Alerts
Critical RSC Vulnerability Added to CISA’s KEV Catalog Due to Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a serious flaw impacting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV) catalog. ...
CVE Vulnerability Alerts
React2Shell Vulnerability Exposes Over 77,000 IPs Worldwide
Over 77,000 Internet-exposed IP addresses are endangered by the critical React2Shell vulnerability, CVE-2025-55182. Attackers have already compromised over 30 organizations, spanning diverse industry sectors. This ...
Cybersecurity
FBI Warns of Social Media Images Exploited for Virtual Kidnapping Scams
Criminals are exploiting social media images, altering them for use in virtual kidnapping and extortion scams. The FBI warns the public about these deceptive practices ...
CVE Vulnerability Alerts
Apache Tika Vulnerability CVE-2025-66516 Exposes Systems to Critical Risks
Apache Tika users face critical risks due to a severe vulnerability allowing XML external entity (XXE) attacks. With a CVSS score of 10.0, the flaw ...
Endpoint Security
GlobalProtect Logins and SonicWall APIs Come Under Fire from Hacking Campaign
A sophisticated hacking campaign launched on December 2, 2025, is targeting Palo Alto's GlobalProtect portals and SonicWall's SonicOS API endpoints. Involving over 7,000 IPs linked ...
Endpoint Security
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
ASUS has verified a disruption resulting from a third-party breach. The Everest ransomware group has claimed responsibility, asserting they compromised companies like ASUS, ArcSoft, and ...
Cybersecurity
India Reverses Decision on Mandating Preinstalled Cybersecurity App on Smartphones
In a surprising turn, the Indian government has withdrawn its directive for smartphone manufacturers to preinstall the “Sanchar Saathi” app. This move follows privacy concerns ...
Cybersecurity
Virginia Brothers Face Conspiracy Charges Over Alleged Data Theft and Database Destruction
Two brothers in Virginia are accused of conspiring to steal sensitive information and destroy government databases post-termination from their roles as federal contractors. The charges, ...
Cybersecurity
Russia Orders Block on FaceTime and Snapchat Amid Security Concerns
Russian agency Roskomnadzor has blocked access to Apple's FaceTime and Snapchat, alleging their use to coordinate terrorism. Experts suggest this move affects digital communication and ...
Data Security
Inotiv Reports Massive Data Breach Impacting Thousands
Inotiv, a major research organization, disclosed a ransomware attack that exposed personal, financial, and medical information of over 9,500 individuals. The breach underscores the persistent ...
Cybersecurity
Agentic Security Fortifies Its Position with $130 Million Funding Round
Agentic Security has secured a substantial $130 million in funding, underscoring the growing demand for innovative cybersecurity solutions. The new capital aims to bolster the ...
Cybersecurity
Porsche Owners in Russia Face Unexpected Disruption: Satellite Security System Malfunction
Porsche cars in several Russian cities experienced engine shutdowns after the failure of the satellite security system, leaving owners and dealers scrambling for solutions. The ...
Cybersecurity
Hackers Breach Marquis: A Fintech Data Nightmare
In a critical security breach, hackers infiltrated Marquis, a fintech firm, compromising personal and financial data of more than 780,000 individuals. The data breach highlights ...
Cybersecurity
AI Used to Delete Government Databases in Breach of Cybersecurity Protocols
Twin brothers, already known for hacking offenses, used remaining access to federal databases to erase nearly 100 systems via AI soon after being terminated. This ...
Application Security
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware: CISA’s Critical Alert
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to network defenders concerning Chinese threat actors using Brickstorm malware to compromise VMware vSphere ...
Cybersecurity
Silver Fox Impersonates Russian Hackers in Tactical SEO Poisoning Campaign
Silver Fox orchestrates deceptive tactics by emulating a Russian hacking group in an SEO poisoning campaign, targeting Chinese organizations. Utilizing Microsoft Teams lures, the campaign ...
Cybersecurity
Intellexa’s Predator Spyware Exploits Zero-click ‘Aladdin’ Mechanism in Targeted Attacks
Intellexa's Predator spyware employs a zero-click infection method named 'Aladdin,' allowing malware to spread via malicious ads. The sophistication of this method underscores the evolving ...
News
DragonForce Ransomware: A New Collaboration in Cybercrime
The combined force of DragonForce and English-speaking hackers brings sophisticated social engineering to ransomware attacks. Discover the advancement and implication of this collaboration in the ...
Cybersecurity
Niobium Secures $23 Million to Advance Homomorphic Encryption
Niobium, a cybersecurity startup, secures $23 million to enhance its homomorphic encryption technologies. The investment aims to accelerate the development of second-generation platforms, ensuring sophisticated ...
Cybersecurity
WantToCry Ransomware Hits SMB Ports, Evades EDR Tools
Cybersecurity
Microsoft Disrupts Fox Tempest Malware-Signing Service
TOP CYBERSECURITY HEADLINES
Cybersecurity
Deleted Google API Keys Stay Active for Up to 23 Minutes
Application Security
Chromium Service Worker PoC Exploit Published for 42-Month-Old Bug
Cybersecurity
Texas AG Sues Meta Over WhatsApp Encryption Claims
This Week’s Security Spotlight
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Application Security
Anthropic Silently Fixed Claude Code Null-Byte Sandbox Escape
Application Security
CVE-2026-3102: ExifTool Image Injection Runs Shell Commands on macOS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
React2Shell Vulnerability Exposes Over 77,000 IPs Worldwide
Over 77,000 Internet-exposed IP addresses are endangered by the critical React2Shell vulnerability, CVE-2025-55182. Attackers have already compromised over 30 organizations, spanning diverse industry sectors. This ...
FBI Warns of Social Media Images Exploited for Virtual Kidnapping Scams
Criminals are exploiting social media images, altering them for use in virtual kidnapping and extortion scams. The FBI warns the public about these deceptive practices ...
Apache Tika Vulnerability CVE-2025-66516 Exposes Systems to Critical Risks
Apache Tika users face critical risks due to a severe vulnerability allowing XML external entity (XXE) attacks. With a CVSS score of 10.0, the flaw ...
GlobalProtect Logins and SonicWall APIs Come Under Fire from Hacking Campaign
A sophisticated hacking campaign launched on December 2, 2025, is targeting Palo Alto's GlobalProtect portals and SonicWall's SonicOS API endpoints. Involving over 7,000 IPs linked ...
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
ASUS has verified a disruption resulting from a third-party breach. The Everest ransomware group has claimed responsibility, asserting they compromised companies like ASUS, ArcSoft, and ...
India Reverses Decision on Mandating Preinstalled Cybersecurity App on Smartphones
In a surprising turn, the Indian government has withdrawn its directive for smartphone manufacturers to preinstall the “Sanchar Saathi” app. This move follows privacy concerns ...
Virginia Brothers Face Conspiracy Charges Over Alleged Data Theft and Database Destruction
Two brothers in Virginia are accused of conspiring to steal sensitive information and destroy government databases post-termination from their roles as federal contractors. The charges, ...
Russia Orders Block on FaceTime and Snapchat Amid Security Concerns
Russian agency Roskomnadzor has blocked access to Apple's FaceTime and Snapchat, alleging their use to coordinate terrorism. Experts suggest this move affects digital communication and ...
Inotiv Reports Massive Data Breach Impacting Thousands
Inotiv, a major research organization, disclosed a ransomware attack that exposed personal, financial, and medical information of over 9,500 individuals. The breach underscores the persistent ...
Agentic Security Fortifies Its Position with $130 Million Funding Round
Agentic Security has secured a substantial $130 million in funding, underscoring the growing demand for innovative cybersecurity solutions. The new capital aims to bolster the ...
Porsche Owners in Russia Face Unexpected Disruption: Satellite Security System Malfunction
Porsche cars in several Russian cities experienced engine shutdowns after the failure of the satellite security system, leaving owners and dealers scrambling for solutions. The ...
Hackers Breach Marquis: A Fintech Data Nightmare
In a critical security breach, hackers infiltrated Marquis, a fintech firm, compromising personal and financial data of more than 780,000 individuals. The data breach highlights ...
AI Used to Delete Government Databases in Breach of Cybersecurity Protocols
Twin brothers, already known for hacking offenses, used remaining access to federal databases to erase nearly 100 systems via AI soon after being terminated. This ...
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware: CISA’s Critical Alert
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to network defenders concerning Chinese threat actors using Brickstorm malware to compromise VMware vSphere ...
Silver Fox Impersonates Russian Hackers in Tactical SEO Poisoning Campaign
Silver Fox orchestrates deceptive tactics by emulating a Russian hacking group in an SEO poisoning campaign, targeting Chinese organizations. Utilizing Microsoft Teams lures, the campaign ...
Intellexa’s Predator Spyware Exploits Zero-click ‘Aladdin’ Mechanism in Targeted Attacks
Intellexa's Predator spyware employs a zero-click infection method named 'Aladdin,' allowing malware to spread via malicious ads. The sophistication of this method underscores the evolving ...
DragonForce Ransomware: A New Collaboration in Cybercrime
The combined force of DragonForce and English-speaking hackers brings sophisticated social engineering to ransomware attacks. Discover the advancement and implication of this collaboration in the ...
Niobium Secures $23 Million to Advance Homomorphic Encryption
Niobium, a cybersecurity startup, secures $23 million to enhance its homomorphic encryption technologies. The investment aims to accelerate the development of second-generation platforms, ensuring sophisticated ...
Aisuru Botnet: New DDoS Attack Record Set at 29.7 Tbps
Over the past three months, the formidable Aisuru botnet has executed more than 1,300 DDoS attacks, one of which reached a staggering peak of 29.7 ...
Water Saci Threat Actor Evolves Tactics with Sophisticated Infection Chain
The Water Saci threat actor has evolved its tactics, utilizing an advanced infection chain with HTML Application files and PDFs. These methods are used to ...