Main Menu
Cyber Security
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
News
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
Mitchell Langley May 29, 2025
BSI warns of an unpatched flaw in Windows Server 2025 Active Directory that allows domain takeover via dMSA. Microsoft rates it moderate; Germany rates it ...
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
News
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
Andrew Doyle May 29, 2025
An exposed Azure storage bucket leaked 1.6 million customer emails from Etsy, TikTok Shop, and others, revealing names, addresses, and order data.
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
News
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
Andrew Doyle May 29, 2025
Everest ransomware group claims to have breached Jordan Kuwait Bank, stealing 11.7GB of internal data, including personal employee details, and demanding ransom by May 31. ...
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
News
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
Mitchell Langley May 29, 2025
Chaos ransomware has claimed a cyberattack on the Salvation Army, threatening to leak sensitive charity data unless demands are met. Scope and content remain undisclosed. ...
Alleged AT&T Data Breach Exposes 31 Million Records
News
Alleged AT&T Data Breach Exposes 31 Million Records
Andrew Doyle May 28, 2025
Hackers claim to have leaked 31 million AT&T user records, including tax IDs and IPs, though researchers cannot confirm the breach due to limited data ...
Russian Espionage Group ‘Laundry Bear’ Hacks Dutch Police and NATO-Aligned Targets
News
Russian Espionage Group ‘Laundry Bear’ Hacks Dutch Police and NATO-Aligned Targets
Andrew Doyle May 28, 2025
Dutch intelligence links a new Russian cyber espionage group, Laundry Bear, to attacks on NATO entities and the Dutch police targeting sensitive military and diplomatic ...
Firmware and Bootloaders Under Attack as Hackers Target Pre-OS Environments
News
Firmware and Bootloaders Under Attack as Hackers Target Pre-OS Environments
Mitchell Langley May 28, 2025
Hackers are escalating attacks on BIOS and bootloaders, exploiting pre-OS vulnerabilities to maintain persistence, evade detection, and bypass Secure Boot protections.
Everest Ransomware Gang Targets $5.4B Global Hospital Group Mediclinic
News
Everest Ransomware Gang Targets $5.4B Global Hospital Group Mediclinic
Andrew Doyle May 28, 2025
Everest ransomware gang claims cyberattack on global hospital group Mediclinic, stealing employee data and 4GB of internal files. Ransom deadline set for five days.
Rhysida Ransomware Gang Claims Cyberattack on Brazilian Chevrolet Retailer
News
Rhysida Ransomware Gang Claims Cyberattack on Brazilian Chevrolet Retailer
Mitchell Langley May 28, 2025
Rhysida ransomware gang claims to have breached Carrera, a leading Brazilian Chevrolet dealership, demanding $1 million and threatening to leak passports and contracts.
Coca-Cola Data Breach: Employee Details Leaked After Ignored Ransom Demand
News
Coca-Cola Data Breach: Employee Details Leaked After Ignored Ransom Demand
Mitchell Langley May 28, 2025
Hackers leaked Coca-Cola employee data after the company ignored Everest ransomware’s ransom demand. The breach exposed passport scans, visa documents, and personal IDs online.
Coinbase Faces Investor Lawsuit After Data Breach Exposes 69,000+ Customers
News
Coinbase Faces Investor Lawsuit After Data Breach Exposes 69,000+ Customers
Mitchell Langley May 27, 2025
Coinbase faces a class action lawsuit after a breach exposed data of over 69,000 users. Insider involvement and financial impact raise enterprise security concerns.
Global Data Breach Exposes 184 Million Credentials from Major Tech and Government Platforms
News
Global Data Breach Exposes 184 Million Credentials from Major Tech and Government Platforms
Andrew Doyle May 27, 2025
A global data breach exposed 184 million credentials from tech, government, and banking platforms, highlighting serious risks of credential stuffing, phishing, and ransomware attacks.
Healthcare Data Breaches Hit Providers in Four U.S. States, Impacting Over 60,000 Individuals
News
Healthcare Data Breaches Hit Providers in Four U.S. States, Impacting Over 60,000 Individuals
Andrew Doyle May 27, 2025
Healthcare data breaches in NJ, PA, IA, and LA compromise sensitive information of over 60,000 individuals, including Social Security numbers and health records.
U.S. and Allies Release Security Guidance to Protect AI Models from Tampering and Exploitation
News
U.S. and Allies Release Security Guidance to Protect AI Models from Tampering and Exploitation
Mitchell Langley May 27, 2025
The U.S. and allies urge stronger protections for AI systems, warning that data tampering and system vulnerabilities pose rising risks to critical infrastructure.
Adidas Confirms Third-Party Data Breach Exposing Global Customer Information
News
Adidas Confirms Third-Party Data Breach Exposing Global Customer Information
Mitchell Langley May 27, 2025
Adidas confirms a third-party data breach involving customer service data. No payment information was leaked, but global exposure is possible due to Adidas' vast reach. ...
Cetus Protocol Hit by $223 Million Cryptocurrency Heist, $5M Bounty Offered
News
Cetus Protocol Hit by $223 Million Cryptocurrency Heist, $5M Bounty Offered
Mitchell Langley May 26, 2025
Hackers stole $223 million from Cetus Protocol via a blockchain exploit. The platform offers a whitehat deal and $5 million bounty to recover stolen funds. ...
Qilin Ransomware Gang Targets Luxury Jet Firm Elit Avia, Leaks Staff Documents
News
Qilin Ransomware Gang Targets Luxury Jet Firm Elit Avia, Leaks Staff Documents
Andrew Doyle May 26, 2025
Ransomware group Qilin posts alleged staff data from Elit Avia, including passport photos, raising security concerns for employees at the luxury private jet operator.
Operation Endgame Dismantles 300 Servers in Global Ransomware Infrastructure Crackdown
News
Operation Endgame Dismantles 300 Servers in Global Ransomware Infrastructure Crackdown
Mitchell Langley May 26, 2025
Operation Endgame dismantled 300 servers and 650 domains supporting ransomware campaigns, while U.S. authorities indicted 16 cybercriminals tied to DanaBot malware and botnet operations.
Stormous Ransomware Gang Posts French Government Credentials on Dark Web
News
Stormous Ransomware Gang Posts French Government Credentials on Dark Web
Andrew Doyle May 26, 2025
Stormous ransomware gang published email and password data allegedly tied to French government bodies, raising concerns over outdated security practices and ongoing exposure risks.
Ransomware Attack on Kettering Health Forces Mass Procedure Cancellations and Exposes Patient Safety Risks
News
Ransomware Attack on Kettering Health Forces Mass Procedure Cancellations and Exposes Patient Safety Risks
Gabby Lee May 26, 2025
A ransomware attack on Kettering Health forced mass cancellations across 120+ medical sites, exposing patient safety risks and prompting scam attempts targeting sensitive patient data. ...
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
Gabby Lee June 10, 2025
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025

TOP CYBERSECURITY HEADLINES

Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
News
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
News
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
News
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
News
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach

SECURITYWEEK INDUSTRY EXPERTS

170K-Record Database Exposes Unencrypted PII from Real Estate Sector
News
170K-Record Database Exposes Unencrypted PII from Real Estate Sector
Andrew Doyle June 24, 2025
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
News
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
Mitchell Langley June 24, 2025
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
News
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
Mitchell Langley June 24, 2025
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
News
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
Mitchell Langley June 24, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Oxford City Council Breach Exposes 21 Years of Data
June 20, 2025
Podcasts
Weaponized GitHub Repositories: How Banana Squad and Water Curse Are Hitting Devs
June 20, 2025
Podcasts
Chain IQ Breach Exposes UBS & Pictet Employee Data: A Supply Chain Failure
June 20, 2025

Cyber Security News

Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Cybersecurity
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
April 14, 2025
Fall River Public Schools Responds to Cybersecurity Breach
Cybersecurity
Fall River Public Schools Responds to Cybersecurity Breach
April 9, 2025
COBIT 2019 vs. COBIT 5 What’s New and Why It Matters
Blog
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
April 4, 2025
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
Blog
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
April 4, 2025
ChatGPT is Down Worldwide Impacting Millions
Cybersecurity
ChatGPT is Down Worldwide Impacting Millions
April 3, 2025
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
Cybersecurity
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
March 25, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
June 11, 2025
Ivanti patched three high-severity vulnerabilities in Workspace Control caused by hardcoded cryptographic keys, which exposed SQL and environment credentials to local authenticated attackers.
Texas Dept. of Transportation Breach Exposes 300,000 Crash Records in May 2025
June 11, 2025
TxDOT suffered a breach on May 12, 2025, leaking 300,000 crash reports. Stolen data includes driver’s license numbers, insurance info, and crash details.
Mirai Botnet Exploits Wazuh Servers via Remote Code Execution Vulnerability
June 11, 2025
A critical RCE flaw in Wazuh servers is being exploited by Mirai botnet variants, allowing attackers to execute Python code through malicious API requests.
FIN6 Hackers Target Recruiters with Fake Job Seekers and Malware-Loaded Resumes
June 11, 2025
FIN6 hackers are impersonating job seekers to infiltrate recruiter systems, delivering the More_Eggs malware via AWS-hosted resume sites and phishing tactics on LinkedIn and Indeed. ...
4,000+ Fake Sites Used in Scam Marketplace Ads on Facebook to Impersonate Top Retail Brands
June 11, 2025
A scam network using over 4,000 fake websites is impersonating Amazon, Birkenstock, and more, pushing fraudulent Facebook Marketplace ads and stealing user data.
Bert Ransomware Group Claims Data Theft from Global Port Agency S5
June 11, 2025
Ransomware gang Bert claims to have stolen 140GB of sensitive data from S5 Agency World, a maritime logistics firm with operations in 360+ ports globally. ...
Inside the React Native NPM Supply Chain Breach: 16 Packages, 1 Million+ Downloads, and a RAT in the Code
June 10, 2025
In this episode, we break down the massive supply chain attack that rocked the React Native ecosystem beginning on June 6, 2025. Over 16 NPM ...
INC Ransomware: Master of Double Extortion
June 10, 2025
INC Ransomware is a sophisticated and relatively new cybercriminal group known for its targeted ransomware attacks against corporate and organizational networks. They exhibit a high ...
Mirai Strikes Again: Spring4Shell, Wazuh, and TBK DVRs Exploited in Live Campaigns
June 10, 2025
In this episode, we dive into the latest wave of active Mirai botnet campaigns exploiting high-severity remote code execution (RCE) vulnerabilities in critical enterprise and ...
UNFI Breach: How One Cyberattack Shook the North American Food Supply
June 10, 2025
On June 5, 2025, United Natural Foods Inc. (UNFI)—North America’s largest publicly traded wholesale food distributor and primary supplier for Whole Foods—was struck by a ...
Ticketmaster Data from Snowflake Attack Appears Briefly on Arkana Security Extortion Site
June 10, 2025
Old Ticketmaster data stolen in the 2024 Snowflake attack was briefly relisted for sale by Arkana Security, sparking confusion over a possible new breach.
Ransomware Attack on Sensata Technologies Leads to Data Breach Impacting Employee Information
June 10, 2025
Sensata Technologies confirms employee data was stolen in a ransomware breach that impacted operations and exposed sensitive personal and financial details from current and former ...
United Natural Foods Cyberattack Disrupts Operations Across North America
June 10, 2025
United Natural Foods, a key supplier to Whole Foods, suffered a cyberattack that disrupted customer orders and forced systems offline as investigations and recovery efforts ...
Over 84,000 Roundcube Webmail Servers Exposed to Actively Exploited Remote Code Flaw
June 10, 2025
Over 84,000 Roundcube webmail servers remain exposed to a critical RCE flaw (CVE-2025-49113) despite a June 2025 patch fixing the vulnerability.
SentinelOne Targeted in Sophisticated China-Linked Supply Chain Attack Attempt
June 10, 2025
Chinese threat actors linked to APT15 and APT41 attempted to compromise SentinelOne through a third-party logistics provider using ShadowPad and GOREshell malware in a global ...
Scattered Spider: A Web of Social Engineering
June 9, 2025
Scattered Spider, also known as UNC3944, is a financially motivated cybercriminal group known for its sophisticated social engineering tactics and ability to navigate cloud environments.
Malware-as-Code: The Rise of DaaS on GitHub and the Collapse of Open-Source Trust
June 6, 2025
In this episode, we dissect one of the most sophisticated ongoing cybercrime trends—malware campaigns weaponizing GitHub repositories to compromise developers, gamers, and even rival hackers. ...
Hacker Claims Massive Claro, Movistar Data Breach — Companies Dispute Authenticity
June 6, 2025
A hacker claims to sell data from Claro and Movistar, affecting over 35 million users, but telecom companies dispute the breach or question its legitimacy. ...
The New Era of AI in Cybersecurity: How AI-Generated Malware is Shaping Threats
June 6, 2025
The integration of artificial intelligence (AI) into both cybercrime and cybersecurity has created a pivotal shift. This blog delves into the dangers of AI-generated malware, ...
ClickFix: How Fake Browser Errors Became the Internet’s Most Dangerous Trap
June 5, 2025
In this episode, we dive deep into ClickFix, also tracked as ClearFix or ClearFake—a highly effective and deceptive malware delivery tactic that emerged in early ...
AT&T, Verizon, and Beyond: How Salt Typhoon Targets Global Telcos
Anubis Ransomware: A Destructive, Cross-Platform Threat
Fake Microsoft, Netflix, & Apple Support: The Scam Lurking in Google Search
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
From Malware to Court: Qilin Ransomware’s ‘Call a Lawyer’ Tactic
Zero-Click, Zero-Warning: The FreeType Flaw Behind a Spyware Surge
The Insurance Industry Under Fire: Anatomy of the Aflac Cyber Incident
The Nucor Cyberattack: How Ransomware Threatens American Steel
Inside the $225M Crypto Seizure: How Law Enforcement Traced Illicit Funds Across Borders
Inside CVE-2025-23121: Veeam RCE Flaw Opens Door to Ransomware
Fasana’s Collapse: How One Ransomware Attack Crippled a German Manufacturer