Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
DHS Cuts 27M Cybersecurity Support Impact on 19,000 Local Governments
Cybersecurity
DHS Cuts $27M Cybersecurity Support: Impact on 19,000 Local Governments
Gabby Lee September 4, 2025
The Department of Homeland Security (DHS) will halt $27 million in annual federal funding for the Multi-State Information Sharing and ...
TamperedChef Infostealer Delivered Through Fraudulent PDF Editor Ads
Cybersecurity
TamperedChef Infostealer Delivered Through Fraudulent PDF Editor Ads
Andrew Doyle September 3, 2025
Cybercriminals used fraudulent Google Ads to spread a fake PDF Editor app delivering TamperedChef infostealer, leveraging code-signing certificates, residential proxy enrollment
Amazon Disrupts Midnight Blizzard Campaign Targeting Microsoft 365
Application Security
Amazon Disrupts Midnight Blizzard Campaign Targeting Microsoft 365
Andrew Doyle September 3, 2025
Amazon disrupted a Midnight Blizzard campaign where Russian hackers used compromised websites, fake Cloudflare pages, and Microsoft device code abuse to target enterprise Microsoft 365 ...
Zscaler Data Breach Exposes Customer Information After Salesloft Drift Compromise
Application Security
Zscaler Data Breach Exposes Customer Information After Salesloft Drift Compromise
Gabby Lee September 3, 2025
Zscaler confirmed a Salesforce data breach linked to the Salesloft Drift compromise, exposing customer information but not its core services. The incident highlights escalating OAuth ...
Hackers Threaten Google with Data Leak Unless it Fires Threat Intelligence Employees
Cybersecurity
Hackers Threaten Google with Data Leak Unless it Fires Threat Intelligence Employees
Mitchell Langley September 3, 2025
Hackers calling themselves Scattered LapSus Hunters threatened to leak Google databases unless two employees are dismissed, linking their demand to recent Salesforce-driven phishing attacks.
SK Telecom Fined 96.9M After Data Breach Hits 23M Users
Cybersecurity
SK Telecom Hit with Record US$96.9 Million Fine After Data Breach Exposes 23 Million Users
Gabby Lee September 3, 2025
SK Telecom has been fined $96.9 million after a breach exposed 23 million users’ data, marking the largest privacy penalty ever imposed on a South ...
Hackers Leak Sensitive Healthcare Data of 433,000 U.S. Doctors
Cybersecurity
Hackers Leak Sensitive Healthcare Data of 433,000 U.S. Doctors
Andrew Doyle September 3, 2025
Hackers leaked data on 433,000 U.S. doctors, exposing names, addresses, and emails. Experts warn of phishing, identity theft, and ransomware risks targeting healthcare professionals and ...
Tea App Data Breach Exposes Sensitive Images
Cybersecurity
Tea App Data Breach Exposes Sensitive Images
Gabby Lee September 2, 2025
Tea Dating Advice confirmed a July 2025 breach affecting 4,244 users, exposing sensitive PII, identity documents, and private images, raising concerns over larger-scale data exposure.
NCSC Warns of Malware Campaign Using Fake PDF Editors
Application Security
NCSC Warns of Malware Campaign Using Fake PDF Editors
Mitchell Langley September 2, 2025
The NCSC uncovered a malware campaign using fake PDF editors and manual finder tools to turn devices into residential proxies, enabling criminals to mask their ...
TransUnion Data Breach Exposes Personal Information of 4.4 Million
Cybersecurity
TransUnion Data Breach Exposes Personal Information of 4.4 Million
Gabby Lee September 2, 2025
TransUnion confirmed a cyberattack exposing data of over 4.4 million U.S. consumers, tied to Salesforce breaches attributed to ShinyHunters and UNC6395 extortion groups.
Brokewell Android Malware Spread Through Fake TradingView Ads
Application Security
Brokewell Android Malware Spread Through Fake TradingView Ads
Andrew Doyle September 2, 2025
Cybercriminals are exploiting Meta’s ad network to push fake TradingView Premium apps that secretly install Brokewell malware on Android devices, stealing data and hijacking user ...
SentinelOne Q3 Revenue Jumps 22 Amid Cybersecurity Surge
Cybersecurity
SentinelOne Q3 Revenue Jumps 22% Amid Cybersecurity Surge
Andrew Doyle September 2, 2025
SentinelOne has raised its annual revenue forecast amid surging demand for AI-driven cybersecurity. With its Singularity platform and growing ARR surpassing $1 billion, the company ...
U.S. and Allies Expose Salt Typhoon Cyber Espionage Network
Cybersecurity
U.S. and Allies Expose Salt Typhoon Cyber Espionage Network
Mitchell Langley September 2, 2025
A sweeping international advisory accuses Chinese tech firms of fueling cyber espionage campaigns tied to Salt Typhoon and related groups. The attacks span telecom networks, ...
Senator Wyden Demands Independent Cybersecurity Review of Federal Courts
Cybersecurity
Senator Wyden Demands Independent Cybersecurity Review of Federal Courts
Gabby Lee September 2, 2025
A wave of breaches exposing sealed court records and confidential informant data has drawn sharp criticism of the judiciary’s outdated IT. Senator Ron Wyden is ...
FEMA Fires 24 Staff After DHS Cybersecurity Audit Uncovers Major Failures
Endpoint Security
FEMA Fires 24 Staff After DHS Cybersecurity Audit Uncovers Major Failures
Andrew Doyle September 2, 2025
A DHS audit prompted FEMA to fire 24 staff, including top IT leaders, over cybersecurity failures such as weak authentication and outdated protocols, highlighting federal ...
Maryland’s Paratransit Ransomware Strike Cyberattack Disrupts Disabled Transit Services
News
Maryland’s Paratransit Ransomware Strike: Cyberattack Disrupts Disabled Transit Services
Mitchell Langley September 2, 2025
A ransomware attack on Maryland’s Mobility paratransit system has disrupted critical transportation for disabled residents, blocking new reservations and rebookings. While core transit services remain ...
Critical SharePoint Zero-Day Exploited Immediate Steps Against CVE-2025-53770 Vulnerability
Application Security
Critical SharePoint Zero-Day Exploited: Immediate Steps Against CVE-2025-53770 Vulnerability
Gabby Lee September 2, 2025
A critical zero-day in Microsoft SharePoint, tracked as CVE-2025-53770, is being widely exploited in espionage and ransomware campaigns. Dubbed “ToolShell,” the flaw enables unauthenticated remote ...
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
Cybersecurity
Storm-0501 Shifts From On-Premises Ransomware to Cloud-Based Extortion
Gabby Lee August 28, 2025
Microsoft warns Storm-0501 now focuses on cloud-native extortion: exfiltrating data, destroying backups, and encrypting cloud storage rather than encrypting on-premises endpoints.
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Cybersecurity
CPAP Data Breach Exposes 90k Records of Military-Linked Customers
Andrew Doyle August 28, 2025
CPAP’s systems were breached in December 2024, exposing names, SSNs, and protected health information for over 90,000 individuals including military beneficiaries.
Healthcare Services Group Data Breach Impacts 624,000 Individuals After 2024 Network Intrusion
Cybersecurity
Healthcare Services Group Data Breach Impacts 624,000 Individuals After 2024 Network Intrusion
Mitchell Langley August 28, 2025
Healthcare Services Group reports a late-2024 intrusion that exposed personal data for 624,000 people; company offers identity protection and continues forensic investigations.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
From Google to LVMH: ShinyHunters’ Salesforce Breaches Spark Global Ransom Crisis
August 6, 2025
Podcasts
Cisco Hit by Vishing Attack: CRM Breach Exposes Millions of User Profiles
August 6, 2025
Podcasts
Ox Security Unveils Agent Ox: AI Tool That Writes Tailored Fixes for Software Vulnerabilities
August 6, 2025

Cyber Security News

Cyber Raid on Jaguar Land Rover August Attack Leads to Theft of Sensitive Information
Information Security
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
December 16, 2025
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Application Security
Google Finds China and Iran Actors Exploiting React2Shell Flaws
December 16, 2025
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
CVE Vulnerability Alerts
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
December 16, 2025
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
Data Security
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
December 16, 2025
Google Chrome Extension With Millions of Users May Be Compromising Privacy
Application Security
Google Chrome Extension With Millions of Users May Be Compromising Privacy
December 16, 2025
Militant Groups Experiment With AI, Amplifying Threats
Cybersecurity
Militant Groups Experiment With AI, Amplifying Threats
December 16, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Farmer Bros. Reveals Data Breach Affecting Over 14,000 Individuals
September 23, 2025
Farmer Bros. confirmed a breach affecting over 14,000 people; filings show unauthorized access in late 2023 and identity monitoring offered amid a ransomware claim.
UK Arrests Scattered Spider Teens Linked to TfL Cyberattack
September 23, 2025
UK police arrest two teens tied to Scattered Spider and the 2024 TfL cyberattack, linking them to global breaches, U.S. healthcare attacks, and $115M in ...
ShinyHunters Claims 1.5 Billion Salesforce Records
September 23, 2025
ShinyHunters claims 1.5 billion Salesforce records stolen from 760 companies after attackers harvested Salesloft Drift OAuth tokens, exposing CRM, case data, and secrets.
Hello Gym Phone Service Exposes 1.6 Million Audio Recordings Containing Member Data
September 23, 2025
A public storage repository exposed 1,605,345 gym call recordings managed by Hello Gym, revealing PII and billing details and creating risks for targeted fraud and ...
Lotte Card Confirms Data Breach Exposing 2.97 Million Customers
September 23, 2025
Lotte Card confirmed a breach exposing 2.97 million customers; 280,000 had full card data leaked. Company pledges compensation and steps to reissue cards.
Hackers Use SEO Poisoning to Deliver Malware through Fake Apps
September 23, 2025
Researchers warn SEO-poisoning campaigns push trojanized Signal, WhatsApp and Chrome installers that bundle legitimate apps with Hiddengh0st and Winos malware for long-term surveillance.
Panama’s Finance Ministry Confirms Cyberattack as INC Ransom Claims Massive Data Theft
September 23, 2025
Panama’s MEF confirms a cyberattack but says systems remain safe. INC Ransom claims stealing financial data, emails, and documents, posting samples on its dark web ...
HybridPetya Ransomware Bypasses UEFI Secure Boot
September 23, 2025
ESET found HybridPetya, a Petya-style ransomware that exploits CVE-2024-7344 to bypass UEFI Secure Boot, install a bootkit, encrypt MFT clusters, and demand Bitcoin.
Microsoft Fairwater Center: Hyperscale AI Hub Coming to Wisconsin
September 23, 2025
Microsoft is building Fairwater, a hyperscale AI data center in Wisconsin with clustered NVIDIA GPUs, closed-loop liquid cooling, and a Datacenter Academy for local workforce ...
SystemBC Turns Infected VPS Hosts Into Global Proxy Highway
September 23, 2025
SystemBC leverages vulnerable commercial VPS hosts to run a 1,500-node proxy botnet that serves scraping, proxy resale, and high-volume criminal traffic globally.
Clarins Listed by Everest Ransomware Gang on Dark Web Post
September 23, 2025
Paris-headquartered luxury skincare maker Clarins has been named on a dark web leak page run by the Everest ransomware gang, which claims to have obtained ...
Hackers Claim Breach of Italian Post, Researchers Disagree
September 23, 2025
Hackers claim to have breached Poste Italiane, but researchers say the data is recycled from older leaks with fabricated fields, meaning no new compromise actually ...
New Kid Warlock Steps Up Ransomware Attacks with SharePoint Exploits
September 23, 2025
Warlock — tracked as Storm 2603 and GOLD SALEM — has surged since March 2025, exploiting SharePoint and other enterprise flaws and listing dozens of ...
Hundreds of NPM Packages Compromised in Self-Replicating Supply Chain Attack
September 23, 2025
A worm-style supply chain attack has compromised hundreds of NPM packages, harvesting npm tokens and secrets while propagating across popular JavaScript libraries and developer scopes.
Baltimore Medical System Claimed by Brain Cipher Ransomware
September 23, 2025
Brain Cipher claims several terabytes stolen from Baltimore Medical System, posting large server and database samples; impact could include medical identity theft for thousands of ...
Hackers Now Going Straight to the Source — Company Data Backups
September 22, 2025
Hackers are increasingly targeting company backups, with 18% of breaches linked to backup attacks — crippling recovery efforts and highlighting the urgent need for secure, ...
Hackers Claim Attack on the US’s Biggest Sushi Supplier — Again?
September 22, 2025
Ransomware gang Lynx claims to have stolen True World Group data, posting invoices and employee records—raising fears of a new breach and business, identity risks.
FBI Issues Guidance as Fraudsters Pose as IC3 to Extort Victims
September 22, 2025
The FBI has issued a warning to the public about a cyber campaign impersonating the Internet Crime Complaint Center (IC3), using spoofed websites to trick ...
Fraudulent GitHub Repos Spread Atomic Stealer Malware Targeting macOS Users
September 22, 2025
A new cyber campaign is actively targeting macOS users with the Atomic Stealer (AMOS) malware, leveraging fake GitHub repositories disguised as legitimate software downloads. Security ...
Netskope’s IPO Raises $908M: SASE Leader Surges 18% on First Trading Day
September 22, 2025
Netskope, a California-based cybersecurity firm specializing in secure access service edge (SASE) solutions, has officially gone public in one of the largest cybersecurity IPOs of ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited