Main Menu
Cyber Security
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
WatchTowr Warns of Major Data Leaks Through Developer Tools
UK Government’s Digital ID Plans Face Scrutiny Over Cost and Savings
Bloody Wolf’s Cyber Offensive: A Deep Dive into Targeted Attacks in Central Asia
Asahi Cyberattack Exposes Extensive Data Breach: A Blow to Japan’s Brewer Giant
OpenAI Scrutinizes Vendor Relationships After Mixpanel’s Data Breach
Naver’s Cryptocurrency Exchange Acquisition Marred by Cyberattack
Ex-NCSC Chief to Investigate Premature Online Leak of Budget Forecast
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
ShadowV2 Botnet Malware Exploits IoT Vulnerabilities in D-Link and TP-Link Devices
Comcast’s $1.5 Million Settlement in Data Breach Incident with FCC
Ransomware Gangs Adopt Skitnet Malware for Post-Exploitation Attacks in Enterprise Environments
News
Ransomware Gangs Adopt Skitnet Malware for Post-Exploitation Attacks in Enterprise Environments
Andrew Doyle May 19, 2025
Ransomware groups including BlackBasta and Cactus are using Skitnet malware for stealthy post-exploitation in enterprise networks, enabling persistence, data theft, and remote control.
How Can I Protect Myself from the M&S Cyberattack?
Blog
How Can I Protect Myself from the M&S Cyberattack?
Andrew Doyle May 19, 2025
Marks & Spencer suffered a data breach. Here’s how customers can protect themselves from phishing, fraud, and future attacks using simple, actionable online safety tips. ...
Broadcom Employee Data Leaked After Supply Chain Breach at ADP Partner
News
Broadcom Employee Data Leaked After Supply Chain Breach at ADP Partner
Andrew Doyle May 19, 2025
Broadcom employee data leaked after a ransomware attack on ADP partner Business Systems House. Sensitive files appeared on the dark web, impacting global semiconductor workers. ...
SK Telecom Data Breach Exposes Nearly 27 Million SIM Records
News
SK Telecom Data Breach Exposes Nearly 27 Million SIM Records
Mitchell Langley May 19, 2025
SK Telecom suffered a data breach impacting nearly 27 million SIM records, with malware infections across 23 servers and critical personal data left unencrypted.
This Week In Cybersecurity: May 12th to 16th, 2025
News
This Week In Cybersecurity: May 12th to 16th, 2025
Andrew Doyle May 19, 2025
"This week in cybersecurity highlights significant data breaches, vulnerabilities, and emerging threats impacting various sectors, emphasizing the need for robust security measures."
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
News
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
Andrew Doyle May 19, 2025
A cyberattack on the UK’s Legal Aid Agency exposed personal, financial, and criminal data of applicants dating back to 2010, prompting a full shutdown of ...
Ransomware Gangs Exploit SAP NetWeaver Vulnerability in Ongoing Global Attacks
News
Ransomware Gangs Exploit SAP NetWeaver Vulnerability in Ongoing Global Attacks
Mitchell Langley May 16, 2025
Ransomware groups RansomEXX and BianLian have joined global threat actors exploiting a critical SAP NetWeaver vulnerability, risking full remote system compromise for unpatched servers.
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
News
OpenAI Testing Model Context Protocol Integration for ChatGPT
Andrew Doyle May 16, 2025
OpenAI is testing Model Context Protocol support in ChatGPT, allowing secure access to third-party tools and enterprise platforms for more powerful, contextual task handling.
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
News
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
Mitchell Langley May 16, 2025
Russian-linked hackers exploited XSS flaws in Roundcube, Zimbra, and others to steal government emails globally through a no-click attack dubbed the RoundPress campaign.
North Korean Hackers TA406 Target Ukraine to Gauge Russia's Military Demands
News
North Korean Hackers TA406 Target Ukraine to Gauge Russia’s Military Demands
Mitchell Langley May 15, 2025
North Korean hackers TA406 target Ukrainian government entities to assess Russia’s war demands, using phishing, PowerShell malware, and credential theft to inform DPRK military strategy. ...
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
News
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
Mitchell Langley May 15, 2025
Bank Street College of Education exposed 500,000+ personal files via a misconfigured AWS bucket, including resumes and contact details. Risk of phishing and ID fraud ...
Dior Confirms Data Breach Exposing Chinese Customer Information
News
Dior Confirms Data Breach Exposing Chinese Customer Information
Mitchell Langley May 15, 2025
Christian Dior confirms a customer data breach affecting Chinese users. Names, contacts, and shopping data were leaked; no financial details were compromised. Investigation ongoing.
Nucor Shuts Down Production Lines Following Cybersecurity Incident
News
Nucor Shuts Down Production Lines Following Cybersecurity Incident
Mitchell Langley May 15, 2025
Nucor Corporation has shut down select production operations following a cybersecurity incident that compromised internal systems. The company is investigating and restoring operations.
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
News
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
Mitchell Langley May 15, 2025
Hackers are selling 89 million Steam user records in an apparent supply chain breach involving vendor access. Valve denies a direct Steam breach but continues ...
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
News
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
Andrew Doyle May 15, 2025
HireClick leaked over 5.7 million resume files after leaving an AWS bucket unsecured. The data exposure poses significant risks of fraud, phishing, and identity theft. ...
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
News
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
Andrew Doyle May 15, 2025
Valve denies claims of a Steam data breach, stating leaked data consists of expired SMS codes with no account credentials, passwords, or personal information.
Memphis-Shelby County Schools Joins Growing Lawsuit Against PowerSchool After Data Breach
News
Memphis-Shelby County Schools Joins Growing Lawsuit Against PowerSchool After Data Breach
Andrew Doyle May 15, 2025
Tennessee’s largest school district has filed a federal lawsuit against PowerSchool, citing breach of contract and security failures linked to a December 2023 data breach. ...
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
News
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
Andrew Doyle May 14, 2025
Russian-aligned ransomware group DragonForce hit UK retailer Co-op, exposing customer data and disrupting operations, in a hybrid cyberattack blending financial and geopolitical motives.
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
News
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
Andrew Doyle May 14, 2025
The EU launches its own vulnerability database (EUVD) to strengthen cybersecurity, reduce reliance on CVE, and ensure greater digital sovereignty across European infrastructure.
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
News
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
Mitchell Langley May 14, 2025
Twilio denies breach after leaked Steam 2FA codes appear online. Experts suspect a third-party SMS provider may be the source of the data exposure.
Albiriox Banking Trojan Poses New Threat to Android Devices
Cybersecurity
Albiriox Banking Trojan Poses New Threat to Android Devices
Andrew Doyle December 2, 2025
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Cybersecurity
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Andrew Doyle December 2, 2025
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Cybersecurity
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Andrew Doyle November 27, 2025
ShadowV2 Botnet A Test Run Amidst AWS Outage
Cybersecurity
ShadowV2 Botnet: A Test Run Amidst AWS Outage
Andrew Doyle November 27, 2025

TOP CYBERSECURITY HEADLINES

$29 Million in Bitcoin Seized from Cryptomixer Implications for Cybercrime
Cybersecurity
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
Application Security
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
Cybersecurity
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant

This Week’s Security Spotlight

South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Andrew Doyle December 2, 2025
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Cybersecurity
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Mitchell Langley November 30, 2025
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Application Security
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Andrew Doyle November 30, 2025
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Cybersecurity
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Mitchell Langley November 27, 2025
More In News
Trending
AI-Powered Phishing Campaigns Mimic Enterprise Marketing Operations
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
From Google to LVMH: ShinyHunters’ Salesforce Breaches Spark Global Ransom Crisis
August 6, 2025
Podcasts
Cisco Hit by Vishing Attack: CRM Breach Exposes Millions of User Profiles
August 6, 2025
Podcasts
Ox Security Unveils Agent Ox: AI Tool That Writes Tailored Fixes for Software Vulnerabilities
August 6, 2025

Cyber Security News

Salesforce Hacks Extortion Group Leaks Millions of Sensitive Records
Information Security
Salesforce Hacks: Extortion Group Leaks Millions of Sensitive Records
October 16, 2025
Capita Hit with £14M Fine for Data Breach Impacting 6.6M Individuals
Data Security
Capita Hit with £14M Fine for Data Breach Impacting 6.6M Individuals
October 16, 2025
U.S. Seizes $15 Billion in Bitcoin Linked to Major Pig Butchering Crypto Scam
Cybersecurity
U.S. Seizes $15 Billion in Bitcoin Linked to Major Pig Butchering Crypto Scam
October 15, 2025
Pixnapping Attack Steals MFA Codes Pixel by Pixel on Android Devices
Cybersecurity
Pixnapping Attack Steals MFA Codes Pixel by Pixel on Android Devices
October 15, 2025
Vietnam Airlines Confirms Customer Data Breach Linked to Third-Party Support Platform
Cybersecurity
Vietnam Airlines Confirms Customer Data Breach Linked to Third-Party Support Platform
October 15, 2025
Oracle Quietly Patches Zero-Day Vulnerability Revealed by ShinyHunters Leak
Cybersecurity
Oracle Quietly Patches Zero-Day Vulnerability Revealed by ShinyHunters Leak
October 15, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Qantas Breach and Beyond: Cybersecurity Risks in Australia’s Digital Supply Chains
July 10, 2025
As Australia contends with a growing wave of cybersecurity incidents, this episode explores the intersection of national privacy laws, global supply chain vulnerabilities, and public ...
Krispy Kreme Faces Class Action Lawsuit Over Breach That Exposed 160,000 Employee Records
July 10, 2025
A 2024 data breach at Krispy Kreme exposed over 160,000 employee records. A new class action lawsuit blames the company’s failure to encrypt sensitive data. ...
Iranian Hacktivists Breach Iran International and Threaten Journalists in London
July 10, 2025
Iran International suffers a massive breach by Iranian hacktivist group Handala, exposing sensitive journalist data and threatening targeted leaks against staff in London and beyond. ...
Job Seeker Data Breach Exposes 5.1 Million Resumes Through Misconfigured Cloud Storage
July 10, 2025
A misconfigured cloud storage container exposed 5.1 million resumes linked to LiveCareer, putting job seekers at high risk of identity theft and phishing attacks.
NightEagle APT Group Exploits Microsoft Exchange Zero-Day to Target China’s AI and Military Sectors
July 10, 2025
APT group NightEagle exploited a Microsoft Exchange zero-day to infiltrate Chinese AI and defense sectors, using stealthy payloads and persistent backdoors to steal sensitive data. ...
Browser Extensions Turned Trojan Overnight, Compromising 2.3 Million Users
July 10, 2025
Eighteen Chrome and Edge extensions’ updates transformed them into Trojans, compromising 2.3 million users by redirecting traffic, hijacking data, and enabling persistent access.
M&S Ransomware Attack Traced to Sophisticated Social Engineering Scheme
July 9, 2025
M&S confirmed a major ransomware attack stemmed from social engineering, leading to data theft and system shutdowns linked to DragonForce ransomware and possible third-party compromise. ...
Public EV Chargers Pose New Cybersecurity Risks to Tesla and Other Electric Vehicles
July 9, 2025
New research reveals how hackers can exploit EV public chargers—including Teslas—using man-in-the-middle attacks, unencrypted data links, and exposed SSH ports to disrupt charging networks.
Qantas Cyberattack Exposes Data of 5.7 Million Customers
July 9, 2025
The Qantas cyberattack compromised personal data of 5.7 million customers. No financial information was stolen, but names, emails, and contact details were exposed.
Android Malware ‘Anatsa’ Returns to Google Play to Target Banking Apps Across the U.S.
July 9, 2025
The Anatsa banking trojan resurfaced on Google Play, disguised as a PDF app, targeting U.S. users with credential theft overlays on popular mobile banking apps. ...
AI Deepfakes Used to Impersonate Secretary Rubio in Targeted Cyber Campaign
July 9, 2025
AI-generated deepfakes impersonating U.S. Secretary Rubio were used to contact foreign ministers and U.S. officials, with Russian actors suspected in the targeted social engineering campaign. ...
iOS Wingman App FlirtAI Exposes 160,000 Private Chat Screenshots in Major Privacy Breach
July 9, 2025
FlirtAI leaked 160,000 private chat screenshots from users seeking AI-generated responses, raising privacy concerns—especially for teenagers—due to an unprotected cloud storage bucket.
The Role of a Cyber Security Specialist in Building Cyber Resilience and Modern Defense Strategies
July 9, 2025
A cyber security specialist is central to cyber resilience and cyber risk management, ensuring modern defense mechanisms protect organizations from evolving digital threats.
Taiwan Sounds the Alarm: TikTok, WeChat, and the Chinese Data Threat
July 8, 2025
In this episode, we examine Taiwan’s growing alarm over Chinese mobile applications, especially TikTok and WeChat, in light of rising global concern over data privacy ...
The Evolution of Atomic macOS Stealer: Backdoors, Keyloggers, and Persistent Threats
July 8, 2025
This episode exposes the growing menace of Atomic macOS Stealer (AMOS) — a rapidly evolving malware-as-a-service (MaaS) platform targeting macOS users worldwide. Once seen as ...
CitrixBleed Returns: CVE-2025-5777 and the Exploitation of NetScaler Devices
July 8, 2025
In this episode, we dissect CitrixBleed 2—a newly disclosed and actively exploited vulnerability affecting Citrix NetScaler ADC and Gateway appliances. Tracked as CVE-2025-5777 (and possibly ...
SAP’s July 2025 Patch Day: Critical Flaws, CVE-2025-30012, and Ransomware Risk
July 8, 2025
In this episode, we break down SAP’s July 2025 Security Patch Day—a high-stakes moment for any enterprise relying on SAP’s core business applications. With 27 ...
Bitcoin Depot Notifies Over 26,000 Customers of Year-Old Data Breach Involving Driver’s License Information
July 8, 2025
Bitcoin Depot is alerting over 26,000 users of a 2024 data breach involving driver’s license details, after federal investigators delayed public notification for nearly a ...
‘Batavia’ Spyware Campaign Hits Russian Industrial Firms via Phishing Contracts
July 8, 2025
Batavia spyware is hitting Russian industrial firms with phishing emails posing as contracts, deploying multi-part malware to steal sensitive data and monitor infected systems.
Qantas Faces Extortion Following Cyberattack That Exposed Millions of Customer Records
July 8, 2025
Qantas confirms it’s facing extortion following a cyberattack that exposed customer data from a third-party vendor, possibly linked to Scattered Spider’s aviation sector targeting.
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity