Main Menu
Cyber Security
LinkedIn’s Browser Extension Draws Corporate Espionage Allegations
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Juniper Networks Addresses Critical Junos OS Vulnerabilities
GlassWorm Campaign Deploys New Zig Dropper to Target Developer IDEs
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
$100 Million AI Initiative Targets Hidden Vulnerabilities in Open Source Software
AI Browser Extensions Pose a Hidden Risk to Network Security
Critical Marimo Vulnerability Is Now Being Actively Exploited for Credential Theft
Cybercriminals Target Venice’s Flood Control Systems, Exposing Dangerous Gaps in Urban Security
Adobe Addresses Critical Flaw in Acrobat Reader with Emergency Updates
Emerging Threats in Malware: Recent Developments in Software Vulnerabilities
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
CPUID Website Was Briefly Compromised to Spread Remote Access Trojan
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Chaos Malware Expands Its Reach to Cloud Deployments
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Massachusetts Hospital Faces Service Interruptions Amid Cyberattack
FleetWave Users Left Without Service After Chevin Takes Platform Offline
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
Covert PDF Exploitation: Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Microsoft’s Communication Breakdown Leaves Developers Locked Out Without Warning
Google Enhances Chrome Security with Device Bound Session Credentials
New Bypass Technique Bypasses Apple’s AI Safeguards
Hasbro Targeted in a Recent Cybersecurity Incident
Cybersecurity
Hasbro Targeted in a Recent Cybersecurity Incident
Andrew Doyle April 2, 2026
Toy manufacturer Hasbro investigates potential data compromise following a cyberattack.
Google Patches Exploited Zero-Day Among 21 Chrome Vulnerabilities
Application Security
Google Patches Exploited Zero-Day Among 21 Chrome Vulnerabilities
Andrew Doyle April 2, 2026
Google addresses 21 vulnerabilities, including a zero-day in Chrome's Dawn component.
FBI Cautions on Security Threats from Chinese Mobile Applications
Cybersecurity
FBI Cautions on Security Threats from Chinese Mobile Applications
Andrew Doyle April 2, 2026
The FBI alerts users about data privacy issues connected to Chinese mobile applications, urging caution.
VBS File Campaign Uses WhatsApp for Multi-Stage Malware Deployment
Application Security
VBS File Campaign Uses WhatsApp for Multi-Stage Malware Deployment
Mitchell Langley April 2, 2026
New campaign exploits WhatsApp to spread Visual Basic Script files, forming a multi-stage infection chain.
Android Malware NoVoice Found Hiding Across 50 Apps on Google Play
Application Security
Android Malware NoVoice Found Hiding Across 50 Apps on Google Play
Gabby Lee April 2, 2026
Android malware NoVoice was stealthily embedded in over 50 apps on Google Play.
UK Government Allocates £630,000 for Digital Identity Card Discussion
Cybersecurity
UK Government Allocates £630,000 for Digital Identity Card Discussion
Andrew Doyle April 2, 2026
The UK government is investing £630,000 in a panel to examine digital identity card plans, aiming for diverse perspectives and trade-offs.
Hacker Charged in $55 Million Cryptocurrency Heist Involving Smart Contract Exploit
Cybersecurity
Hacker Charged in $55 Million Cryptocurrency Heist Involving Smart Contract Exploit
Mitchell Langley April 2, 2026
Investigators uncover how Jonathan Spalletta leveraged smart contract vulnerabilities, resulting in a major cryptocurrency theft that brought down the...
UNC1069 Linked to Axios NPM Supply Chain Attack for Financial Intrusion
Cybersecurity
UNC1069 Linked to Axios NPM Supply Chain Attack for Financial Intrusion
Mitchell Langley April 2, 2026
Google attributes Axios npm attack to North Korean threat group UNC1069, aiming for financial theft.
The Doctor No Problem Is Changing the Face of Enterprise Security
Cybersecurity
The “Doctor No” Problem Is Changing the Face of Enterprise Security
Gabby Lee April 2, 2026
The controversial "Doctor No" role in security operations highlights a shift from mere obstruction to strategic decision-making.
Open VSX Bug Allowed Malicious VS Code Extensions Into the Registry
Cybersecurity
Open VSX Bug Allowed Malicious VS Code Extensions Into the Registry
Mitchell Langley April 1, 2026
Cybersecurity experts reveal details of an Open VSX scanning flaw that allowed malicious VS Code extensions to pass vetting and enter the registry.
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
Cybersecurity
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
Mitchell Langley April 1, 2026
OpenAI initiates a bug bounty program to uncover and mitigate abuse and safety vulnerabilities.
New Phishing Techniques Threaten TikTok Business Account Security
News
New Phishing Techniques Threaten TikTok Business Account Security
Andrew Doyle April 1, 2026
Cybercriminals use phishing tactics to hijack TikTok business accounts.
US and UK Seek Advanced Tech to Counter Underwater Drone Threats
Cybersecurity
US and UK Seek Advanced Tech to Counter Underwater Drone Threats
Gabby Lee April 1, 2026
US and UK aim to strengthen maritime defense against underwater drones.
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
Cybersecurity
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
Andrew Doyle April 1, 2026
AFC Ajax confirms a significant data breach that exposed vulnerabilities in its internal systems, enabling unauthorized access.
TP-Link Routers Receive Patches for High-Severity Security Flaws
Cybersecurity
TP-Link Routers Receive Patches for High-Severity Security Flaws
Mitchell Langley April 1, 2026
TP-Link patches high-severity router flaws that could enable authentication bypass, arbitrary command execution, and configuration file decryption.
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
Cybersecurity
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
Gabby Lee April 1, 2026
Cloudflare-themed attack uses ClickFix tactics to deliver Python-based Infiniti stealer on macOS systems.
Infinity Stealer Malware Takes Aim at macOS Systems
Cybersecurity
Infinity Stealer Malware Takes Aim at macOS Systems
Andrew Doyle March 31, 2026
New malware, Infinity Stealer, targeting macOS via Python payload compiled with Nuitka.
Iranian Hackers Breach FBI Director's Personal Email Account
Cybersecurity
Iranian Hackers Breach FBI Director’s Personal Email Account
Mitchell Langley March 31, 2026
Iranian-backed hackers penetrated FBI director's email, leaked sensitive information online.
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
News
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
Gabby Lee March 31, 2026
Russian-based TA446 group wields DarkSword to compromise iOS devices, escalating cybersecurity threats.
European Commission Responds to Cloud Infrastructure Cyberattack
Cybersecurity
European Commission Responds to Cloud Infrastructure Cyberattack
Andrew Doyle March 31, 2026
The European Commission contained a cyberattack affecting its cloud infrastructure, ensuring no internal network disruption to Europa.eu websites.
JanelaRAT - Continuing Threat to Latin American Financial Institutions
Cybersecurity
JanelaRAT: Continuing Threat to Latin American Financial Institutions
Mitchell Langley April 14, 2026
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
Cybersecurity
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
Gabby Lee April 13, 2026
JanelaRAT - Continuing Threat to Latin American Financial Institutions
Cybersecurity
JanelaRAT: Continuing Threat to Latin American Financial Institutions
Mitchell Langley April 14, 2026
LucidRook Malware Targets Taiwanese Universities and NGOs
News
LucidRook Malware Targets Taiwanese Universities and NGOs
Gabby Lee April 13, 2026

TOP CYBERSECURITY HEADLINES

Information Theft Revolutionized - No Local Decryption in This Security Threat
Cybersecurity
Information Theft Revolutionized: No Local Decryption in This Security Threat
Booking.com Confirms Unauthorized Access Compromising User Data
Application Security
Booking.com Confirms Unauthorized Access Compromising User Data
LinkedIn's Browser Extension Draws Corporate Espionage Allegations
Application Security
LinkedIn’s Browser Extension Draws Corporate Espionage Allegations
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Application Security
OpenAI Responds to Supply Chain Attack Affecting macOS Security

This Week’s Security Spotlight

OpenAI Responds to Supply Chain Attack Affecting macOS Security
Application Security
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Andrew Doyle April 14, 2026
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
Cybersecurity
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
Mitchell Langley April 13, 2026
New Bypass Technique Bypasses Apple's AI Safeguards
Application Security
New Bypass Technique Bypasses Apple’s AI Safeguards
Gabby Lee April 10, 2026
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Cybersecurity
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Mitchell Langley April 8, 2026
More In News
Trending
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Bogus Traffic Violation Text Scam Targeting Americans
EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms
October 24, 2025
Podcasts
AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces
October 24, 2025
Podcasts
Jewett-Cameron Reports Ransomware Breach Involving Encryption and Data Theft
October 23, 2025

Cyber Security News

Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
Cybersecurity
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
April 10, 2026
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Application Security
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
April 10, 2026
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
Cybersecurity
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
April 10, 2026
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
Application Security
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
April 10, 2026
Covert PDF Exploitation Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
Cybersecurity
Covert PDF Exploitation: Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
April 10, 2026
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Cybersecurity
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
April 10, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
VBS File Campaign Uses WhatsApp for Multi-Stage Malware Deployment
April 2, 2026
New campaign exploits WhatsApp to spread Visual Basic Script files, forming a multi-stage infection chain.
Android Malware NoVoice Found Hiding Across 50 Apps on Google Play
April 2, 2026
Android malware NoVoice was stealthily embedded in over 50 apps on Google Play.
UK Government Allocates £630,000 for Digital Identity Card Discussion
April 2, 2026
The UK government is investing £630,000 in a panel to examine digital identity card plans, aiming for diverse perspectives and trade-offs.
Hacker Charged in $55 Million Cryptocurrency Heist Involving Smart Contract Exploit
April 2, 2026
Investigators uncover how Jonathan Spalletta leveraged smart contract vulnerabilities, resulting in a major cryptocurrency theft that brought down the...
UNC1069 Linked to Axios NPM Supply Chain Attack for Financial Intrusion
April 2, 2026
Google attributes Axios npm attack to North Korean threat group UNC1069, aiming for financial theft.
The “Doctor No” Problem Is Changing the Face of Enterprise Security
April 2, 2026
The controversial "Doctor No" role in security operations highlights a shift from mere obstruction to strategic decision-making.
Open VSX Bug Allowed Malicious VS Code Extensions Into the Registry
April 1, 2026
Cybersecurity experts reveal details of an Open VSX scanning flaw that allowed malicious VS Code extensions to pass vetting and enter the registry.
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
April 1, 2026
OpenAI initiates a bug bounty program to uncover and mitigate abuse and safety vulnerabilities.
New Phishing Techniques Threaten TikTok Business Account Security
April 1, 2026
Cybercriminals use phishing tactics to hijack TikTok business accounts.
US and UK Seek Advanced Tech to Counter Underwater Drone Threats
April 1, 2026
US and UK aim to strengthen maritime defense against underwater drones.
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
April 1, 2026
AFC Ajax confirms a significant data breach that exposed vulnerabilities in its internal systems, enabling unauthorized access.
TP-Link Routers Receive Patches for High-Severity Security Flaws
April 1, 2026
TP-Link patches high-severity router flaws that could enable authentication bypass, arbitrary command execution, and configuration file decryption.
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
April 1, 2026
Cloudflare-themed attack uses ClickFix tactics to deliver Python-based Infiniti stealer on macOS systems.
Infinity Stealer Malware Takes Aim at macOS Systems
March 31, 2026
New malware, Infinity Stealer, targeting macOS via Python payload compiled with Nuitka.
Iranian Hackers Breach FBI Director’s Personal Email Account
March 31, 2026
Iranian-backed hackers penetrated FBI director's email, leaked sensitive information online.
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
March 31, 2026
Russian-based TA446 group wields DarkSword to compromise iOS devices, escalating cybersecurity threats.
European Commission Responds to Cloud Infrastructure Cyberattack
March 31, 2026
The European Commission contained a cyberattack affecting its cloud infrastructure, ensuring no internal network disruption to Europa.eu websites.
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
March 31, 2026
Security flaw in Smart Slider 3 WordPress plugin risks unauthorized file access across more than 800,000 websites.
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
March 31, 2026
Apple is urging iOS and iPadOS users to update their devices immediately due to active web-based security threats.
CareCloud Responds to a Potential Data Security Breach
March 31, 2026
CareCloud investigates potential data breach in its electronic health record system, raising cybersecurity concerns.
Information Theft Revolutionized: No Local Decryption in This Security Threat
Booking.com Confirms Unauthorized Access Compromising User Data
LinkedIn’s Browser Extension Draws Corporate Espionage Allegations
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Juniper Networks Addresses Critical Junos OS Vulnerabilities
GlassWorm Campaign Deploys New Zig Dropper to Target Developer IDEs
LucidRook Malware Targets Taiwanese Universities and NGOs
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
$100 Million AI Initiative Targets Hidden Vulnerabilities in Open Source Software
AI Browser Extensions Pose a Hidden Risk to Network Security
Critical Marimo Vulnerability Is Now Being Actively Exploited for Credential Theft
Cybercriminals Target Venice’s Flood Control Systems, Exposing Dangerous Gaps in Urban Security
Adobe Addresses Critical Flaw in Acrobat Reader with Emergency Updates
Emerging Threats in Malware: Recent Developments in Software Vulnerabilities
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
CPUID Website Was Briefly Compromised to Spread Remote Access Trojan
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Chaos Malware Expands Its Reach to Cloud Deployments
APT28 Deploys PRISMEX Malware Against Ukraine and Its Allies
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks