Main Menu
Cyber Security
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
iRhythm Confirms PHI Exfiltration via Social Engineering
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
GhostTree NTFS Junctions Paralyze Windows Defender Scans
CVE-2026-2473: Vertex AI SDK Pickle Attack Enables Cross-Tenant RCE
Endpoint Security Solutions: How to Protect Every Enterprise Device
UNC6508 Abused Google Workspace Rules in Medical-Military Espionage
Three FortiSandbox CVEs Chained for Unauthenticated Root Execution
Cisco CVE-2026-20262 Added to CISA KEV; Eighth Exploited SD-WAN Flaw
LiteSpeed cPanel CVE-2026-54420 Escalates to Root on Shared Hosts
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
DOJ Seizes CFAKE.com and SOCFAKE.com in First TAKE IT DOWN Act Case
The Quarry PhaaS: IRS Lures, ConnectWise RAT, 500+ Victims
ESET Finds WIN_DRV: Earth Lusca’s First Windows SprySOCKS Rootkit
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
CVE-2026-48558 Exposes 14,000 SimpleHelp RMM Servers to Auth Bypass
ShinyHunters Claims 61M Sysco Salesforce Records in Unverified Breach
What Is Scareware? How Fake Security Warnings Lead to Real Malware
Lapsus$ Lists GitHub Internal Repos for Sale, Copilot Source Included
Nightspire Claims Blue Nile Medical and Silsbee Police as New Victims
Ukrainian Conti Developer Pleads Guilty to Ransomware Loader Coding
Awesome Motive CDN Compromised; Backdoor Served to OptinMonster Users
CVE-2026-42824: M365 Copilot SearchLeak Enables 1-Click Email Theft
Novo Nordisk Confirms Hack of Clinical Trial Biomarker Data
SearchJack: 23 Chrome Extensions Intercept 758,000 Users’ Searches
TheGentlemen Ransomware Posts 20 Victims Across 14 Countries
PromptSnatcher Extensions Stole AI Chats From 90,000 Users
Application Security
WhatsApp Files Contempt Motion Over New NSO Group Spyware Activity
Andrew Doyle June 9, 2026
WhatsApp detected new NSO Group activity violating a permanent court injunction and filed a federal contempt motion against the Israeli surveillance firm.
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Mitchell Langley June 9, 2026
TheGentlemen ransomware posted 12 victims across 8 countries in one day, including two healthcare providers with HIPAA and NHS breach notification exposure.
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Application Security
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Mitchell Langley June 9, 2026
Gogs version 0.14.3 patches a critical CVSSv4 9.4 RCE zero-day that had exposed 2,300 internet-facing servers for ten days with a public Metasploit exploit.
Cybersecurity
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
Mitchell Langley June 9, 2026
Akira, Qilin, and Nightspire claimed four victims including a port trade association, a German security firm, a youth nonprofit, and a commercial printer.
What Is Dropper Malware and How Does It Evade Detection
Blog
What Is Dropper Malware and How Does It Evade Detection
Andrew Doyle June 9, 2026
Dropper malware secretly installs payloads while evading detection. Learn how droppers work, evasion techniques, and endpoint defense strategies.
Cybersecurity
TVING Data Breach Triggers South Korean Government Probe
Mitchell Langley June 8, 2026
South Korea's largest streaming platform TVING suffered a data breach exposing user IDs, contact details, and encrypted national ID-derived identifiers.
Application Security
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Gabby Lee June 8, 2026
Depthfirst's autonomous AI security agent spent $1,000 to find 21 zero-days in FFmpeg, including an unauthenticated RCE triggered by a 183-byte packet.
Application Security
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Gabby Lee June 8, 2026
Anthropic has deployed six engineers inside NSA to operate Mythos, an AI reported capable of zero-day exploitation across major operating systems and browsers.
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
Researcher Taylor Hornby used Claude Opus 4.8 to uncover a four-year-old Zcash Orchard flaw that could have enabled undetectable counterfeit ZEC creation.
CVE Vulnerability Alerts
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
Mitchell Langley June 8, 2026
Fortinet researchers found C0XMO, a Gafgyt variant exploiting CVE-2021-27137 in DD-WRT routers, that kills rival botnets and supports 19 DDoS attack methods.
Cybersecurity
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
Mitchell Langley June 8, 2026
ShinyHunters published 234 GB of DentaQuest healthcare records for 2.6 million patients after ransom talks failed, exposing Medicaid IDs and enrollment data.
Cybersecurity
Six Ransomware Groups Post Cross-Sector Victims in Single Day
Mitchell Langley June 8, 2026
Play, Genesis, Nova, Incransom, Blackwater, and Krybit each posted victims on the same day, spanning automotive, dental, higher education, travel, and retail.
Cybersecurity
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
Mitchell Langley June 8, 2026
Payload ransomware posted Plaza Lama, Hansoll Textile, and Villea Hotels on its Tor leak site, targeting the Dominican Republic, Vietnam, and Malaysia.
CVE Vulnerability Alerts
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
Andrew Doyle June 8, 2026
SolarWinds patches actively exploited Serv-U DoS bug CVE-2026-28318 while CISA adds it to the KEV catalog and orders remediation at federal civilian agencies.
Application Security
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
Andrew Doyle June 8, 2026
Volexity found Chinese APT VerdantBamboo used new PLENET and AGENTPSD malware to maintain 18 months of undetected Microsoft 365 access via MSP compromise.
Cybersecurity
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
Andrew Doyle June 8, 2026
CoinbaseCartel posted Cambridge Mobile Telematics on its dark web leak site, threatening to expose driving behavior data for millions of insured drivers.
Cybersecurity
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
Andrew Doyle June 8, 2026
Anubis ransomware used its WIPEMODE against a US estate law firm and UK contractor; Nova claimed an Indian hospital and Securotrop hit Kriete Truck Centers.
Blog
DNS Tunneling: How Attacks Work, Detection, and Prevention
Andrew Doyle June 8, 2026
DNS tunneling hides malicious traffic inside DNS queries to evade firewalls. Learn how attacks work, how to detect them, and how to stop them.
CVE Vulnerability Alerts
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Gabby Lee June 5, 2026
Cisco disclosed CVE-2026-20245, a command injection zero-day in Catalyst SD-WAN Manager enabling root access via file upload, with no patch available.
Cybersecurity
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
Gabby Lee June 5, 2026
Five Eyes agencies warn Chinese military intelligence is using fake job listings on LinkedIn to recruit government and military insiders for espionage.
Application Security
Mastra AI npm Supply Chain Attack Hits 1.1M Weekly Downloads
Mitchell Langley June 17, 2026
Cybersecurity
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
Gabby Lee June 17, 2026
Cybersecurity
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
Mitchell Langley June 17, 2026
Cybersecurity
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Andrew Doyle June 17, 2026

TOP CYBERSECURITY HEADLINES

Application Security
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
Cybersecurity
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
Cybersecurity
iRhythm Confirms PHI Exfiltration via Social Engineering
Cybersecurity
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps

This Week’s Security Spotlight

Cybersecurity
iRhythm Confirms PHI Exfiltration via Social Engineering
Mitchell Langley June 17, 2026
Application Security
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
Mitchell Langley June 16, 2026
Application Security
PromptSnatcher Extensions Stole AI Chats From 90,000 Users
Mitchell Langley June 15, 2026
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Andrew Doyle June 12, 2026
More In News
Trending
Storm-3075 Uses ChatGPT and Claude Brands to Harvest Credentials
Fake Claude Code Installers on Google Sites Steal AI API Keys
Fake Chrome Web Store DMCA Notices Target Extension Developers
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms
October 24, 2025
Podcasts
AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces
October 24, 2025
Podcasts
Jewett-Cameron Reports Ransomware Breach Involving Encryption and Data Theft
October 23, 2025

Cyber Security News

Application Security
Lapsus$ Lists GitHub Internal Repos for Sale, Copilot Source Included
June 15, 2026
Cybersecurity
Nightspire Claims Blue Nile Medical and Silsbee Police as New Victims
June 15, 2026
Cybersecurity
Ukrainian Conti Developer Pleads Guilty to Ransomware Loader Coding
June 15, 2026
Application Security
Awesome Motive CDN Compromised; Backdoor Served to OptinMonster Users
June 15, 2026
Application Security
CVE-2026-42824: M365 Copilot SearchLeak Enables 1-Click Email Theft
June 15, 2026
Cybersecurity
Novo Nordisk Confirms Hack of Clinical Trial Biomarker Data
June 15, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
June 9, 2026
Akira, Qilin, and Nightspire claimed four victims including a port trade association, a German security firm, a youth nonprofit, and a commercial printer.
What Is Dropper Malware and How Does It Evade Detection
June 9, 2026
Dropper malware secretly installs payloads while evading detection. Learn how droppers work, evasion techniques, and endpoint defense strategies.
TVING Data Breach Triggers South Korean Government Probe
June 8, 2026
South Korea's largest streaming platform TVING suffered a data breach exposing user IDs, contact details, and encrypted national ID-derived identifiers.
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
June 8, 2026
Depthfirst's autonomous AI security agent spent $1,000 to find 21 zero-days in FFmpeg, including an unauthenticated RCE triggered by a 183-byte packet.
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
June 8, 2026
Anthropic has deployed six engineers inside NSA to operate Mythos, an AI reported capable of zero-day exploitation across major operating systems and browsers.
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
June 8, 2026
Researcher Taylor Hornby used Claude Opus 4.8 to uncover a four-year-old Zcash Orchard flaw that could have enabled undetectable counterfeit ZEC creation.
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
June 8, 2026
Fortinet researchers found C0XMO, a Gafgyt variant exploiting CVE-2021-27137 in DD-WRT routers, that kills rival botnets and supports 19 DDoS attack methods.
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
June 8, 2026
ShinyHunters published 234 GB of DentaQuest healthcare records for 2.6 million patients after ransom talks failed, exposing Medicaid IDs and enrollment data.
Six Ransomware Groups Post Cross-Sector Victims in Single Day
June 8, 2026
Play, Genesis, Nova, Incransom, Blackwater, and Krybit each posted victims on the same day, spanning automotive, dental, higher education, travel, and retail.
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
June 8, 2026
Payload ransomware posted Plaza Lama, Hansoll Textile, and Villea Hotels on its Tor leak site, targeting the Dominican Republic, Vietnam, and Malaysia.
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
June 8, 2026
SolarWinds patches actively exploited Serv-U DoS bug CVE-2026-28318 while CISA adds it to the KEV catalog and orders remediation at federal civilian agencies.
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
June 8, 2026
Volexity found Chinese APT VerdantBamboo used new PLENET and AGENTPSD malware to maintain 18 months of undetected Microsoft 365 access via MSP compromise.
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
June 8, 2026
CoinbaseCartel posted Cambridge Mobile Telematics on its dark web leak site, threatening to expose driving behavior data for millions of insured drivers.
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
June 8, 2026
Anubis ransomware used its WIPEMODE against a US estate law firm and UK contractor; Nova claimed an Indian hospital and Securotrop hit Kriete Truck Centers.
DNS Tunneling: How Attacks Work, Detection, and Prevention
June 8, 2026
DNS tunneling hides malicious traffic inside DNS queries to evade firewalls. Learn how attacks work, how to detect them, and how to stop them.
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
June 5, 2026
Cisco disclosed CVE-2026-20245, a command injection zero-day in Catalyst SD-WAN Manager enabling root access via file upload, with no patch available.
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
June 5, 2026
Five Eyes agencies warn Chinese military intelligence is using fake job listings on LinkedIn to recruit government and military insiders for espionage.
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
June 5, 2026
JFrog researchers discovered IronWorm, a Rust-based infostealer with an eBPF rootkit, injected into 36 npm packages to steal AI API keys and self-propagate.
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
June 5, 2026
AppEsteem found a Monero cryptominer bundled inside Hola Browser's Windows installer, hidden as a Windows service and excluded from Windows Defender scanning.
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
June 5, 2026
Russia's Supreme Court will consider designating Belarusian Cyber Partisans and Silent Crow as extremist groups following the 2025 Aeroflot cyberattack.
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
iRhythm Confirms PHI Exfiltration via Social Engineering
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
GhostTree NTFS Junctions Paralyze Windows Defender Scans
CVE-2026-2473: Vertex AI SDK Pickle Attack Enables Cross-Tenant RCE
Endpoint Security Solutions: How to Protect Every Enterprise Device
UNC6508 Abused Google Workspace Rules in Medical-Military Espionage
Three FortiSandbox CVEs Chained for Unauthenticated Root Execution
Cisco CVE-2026-20262 Added to CISA KEV; Eighth Exploited SD-WAN Flaw
LiteSpeed cPanel CVE-2026-54420 Escalates to Root on Shared Hosts
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
DOJ Seizes CFAKE.com and SOCFAKE.com in First TAKE IT DOWN Act Case
The Quarry PhaaS: IRS Lures, ConnectWise RAT, 500+ Victims
ESET Finds WIN_DRV: Earth Lusca’s First Windows SprySOCKS Rootkit
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
CVE-2026-48558 Exposes 14,000 SimpleHelp RMM Servers to Auth Bypass
ShinyHunters Claims 61M Sysco Salesforce Records in Unverified Breach