Main Menu
Cyber Security
OFAC Sanctions Nobitex, Iran’s Largest Crypto Exchange
Burst Statistics CVE-2026-8181 Under Mass Exploitation
Acer Wave 7 Routers Carry Two Max-Severity Zero-Days
Public PoC Released for Cisco Unified CM SSRF Bug
TheGentlemen and Genesis Ransomware Hit Two US Clinics
CISA Faces $700M More Cuts as Mullin Signals Restructure
DragonForce and Nitrogen Ransomware Hit Three Continents
AI Tool Uncovers Two-Year-Old Redis RCE CVE-2026-23479
CISA to Issue Binding AI Security Directive This Week
AI Worm Exploits 73.8% of Test Enterprise Network with Free Model
Fake Claude Code Installers on Google Sites Steal AI API Keys
Fake Chrome Web Store DMCA Notices Target Extension Developers
Commission Proposes $11 Billion Dedicated US Cyber Force Branch
KillSec Ransomware Hits Indian Teaching Hospital and Mexican Insurer
Nova Ransomware Apologizes for CIS Rule Violation, Bans Affiliate
Trump Signs Executive Order for National Security Review of AI Models
Huntress Discloses Windows Search URI Flaw That Leaks NTLMv2 Hashes
Qilin Ransomware Claims Six Victims Across Five Countries in Two Days
APT73 Bashe Ransomware Claims Armenia’s Ministry of Internal Affairs
Russia’s FSB Claims Foreign Spies Installed Phone Surveillance Malware
Europol Operation KRATOS 2 Dismantles 9 Illegal Streaming Crime Groups
CVE-2026-8206 Kirki Plugin Exploited; 500,000 WordPress Sites at Risk
CVE-2026-0826 (CVSS 9.2): Unauthenticated RCE in HP Poly VoIP Phones
Sophos: AI Ransomware Toolkit Uses Claude Opus 4.5 for EDR Evasion
CISA Adds CVE-2024-21182 Oracle WebLogic to KEV; Feds Have 3 Days
CVE-2026-49975 HTTP/2 Bomb Hits nginx, Apache, Envoy, and Cloudflare
VS Code Zero-Day Exposes GitHub OAuth Tokens; No Patch Available
Google Patches Android Zero-Day CVE-2025-48595 Under Active Exploit
Red Hat npm Packages Backdoored with Miasma Credential Worm
Meta AI Chatbot Flaw Lets Attackers Hijack Instagram Accounts
Cybersecurity
PAN-OS CVE-2026-0257 Exploited Just 4 Days After Public Disclosure
Gabby Lee June 1, 2026
CVE-2026-0257, a PAN-OS GlobalProtect authentication bypass, saw active exploitation begin just four days after public disclosure, with attacks ongoing for weeks.
Cybersecurity
Dutch Police Seize 200+ Servers in 17-Million-Device Botnet Takedown
Gabby Lee June 1, 2026
Dutch law enforcement dismantled a botnet of 17 million compromised devices by seizing over 200 command-and-control servers in a major coordinated takedown with hosting provider ...
Application Security
Gogs CVSS 9.4 RCE Zero-Day Has No Patch and a Metasploit Module
Gabby Lee June 1, 2026
A CVSS 9.4 argument injection zero-day in Gogs lets any authenticated user achieve RCE on internet-exposed servers. No patch exists and Rapid7 has released a ...
Cybersecurity
California AG Sues 23andMe Successor Over 2023 Genetic Data Breach
Andrew Doyle June 1, 2026
California AG Rob Bonta sued Chrome Holding Co., 23andMe's successor after bankruptcy, over the 2023 breach exposing genetic health data for millions of users.
Cybersecurity
LLMShare Campaign Hosts Infostealer Downloads on ChatGPT’s Own Domain
Andrew Doyle June 1, 2026
LLMShare, discovered by Push Security, abuses ChatGPT's share links on chatgpt.com to host fake outage pages that deliver infostealer malware to Windows and macOS users.
Cybersecurity
NC Man Gets 121 Months for Selling Elderly Americans’ Data to Scammers
Gabby Lee June 1, 2026
Troy Murray, 57, of North Carolina was sentenced to 121 months in prison and ordered to forfeit $5.2 million for selling elderly Americans' data to ...
Application Security
Microsoft: 14 npm Packages Linked to Single Actor Stealing AWS Keys
Mitchell Langley June 1, 2026
Microsoft attributed 14 malicious npm packages impersonating OpenSearch and Elasticsearch to a single threat actor who stole AWS credentials and CI/CD secrets from developer environments.
Cybersecurity
Play Ransomware Lists MyPillow, US Telecom in Six-Victim Batch
Mitchell Langley June 1, 2026
Play ransomware listed six victims on May 25, led by consumer brand MyPillow and a US telecom provider, in a multi-sector batch spanning four countries.
Cybersecurity
Incransom Hits Illinois Health Center and Manufacturer
Mitchell Langley June 1, 2026
Incransom claimed two US victims on May 25 — Open Door Health Center in Illinois and manufacturer PILLER AIMMCO — part of a three-victim, 48-hour ...
Cybersecurity
Nova Ransomware Lists Russian Oil Firm Eriell in May 26 Batch
Mitchell Langley June 1, 2026
Nova ransomware posted Russian oil firm Eriell and tech company sandox info on May 26, continuing a five-victim, five-day burst spanning four world regions.
Cybersecurity
Incransom Claims Meirc Breach, Threatens to Leak 1TB of Client Data
Gabby Lee May 26, 2026
Incransom has claimed a full-network breach of Meirc Training & Consulting on May 25, threatening to publish 1TB of employee and client data within one ...
Cybersecurity
DragonForce Lists Indiana Greenhouse Firm Heartland Growers
Andrew Doyle May 26, 2026
DragonForce ransomware listed Indiana wholesale greenhouse firm Heartland Growers on its dark web leak site amid escalating agricultural sector targeting.
Nova Ransomware Hits Brazilian Government Agency and Turkish Tech Firm
Cybersecurity
Nova Ransomware Hits Brazilian Government Agency and Turkish Tech Firm
Gabby Lee May 26, 2026
Nova ransomware claimed Brazil's SECONT and Turkey's Adensa Teknoloji on May 24, its third posting in three days spanning South America, Europe, and Turkey.
Cybersecurity
Qilin Ransomware Batch-Lists 7 Victims Across Five Countries
Mitchell Langley May 26, 2026
Qilin ransomware disclosed seven victims in a single May 24 batch across five countries, including a Czech financial firm and US accounting services provider.
Cybersecurity
Nightspire Ransomware Hits US Healthcare in Nine-Victim Batch
Andrew Doyle May 26, 2026
Nightspire ransomware posted nine victims on May 24 including US adult day center La Familia, an Egyptian Papa John's franchise, and a consumer lender across ...
Application Security
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
Mitchell Langley May 25, 2026
Attackers exploited CVE-2026-26980 in Ghost CMS to compromise 700+ domains including Harvard and Oxford, turning them into ClickFix malware distribution points.
Application Security
Laravel Lang Supply Chain Attack Hijacks 700 Package Versions
Andrew Doyle May 25, 2026
Attackers rewrote git tags across four Laravel Lang packages to deploy a PHP credential stealer and Windows executable targeting developer machines and servers.
Application Security
Underminr Flaw Lets Attackers Hide C2 Traffic on 88M Domains
Andrew Doyle May 25, 2026
Researcher David Redekop of ADAMnetworks disclosed Underminr, a CDN flaw affecting 88 million domains that routes C2 traffic through trusted hostnames.
Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Mitchell Langley May 25, 2026
Anthropic's Project Glasswing AI found 10,000+ high-severity CVEs in 1,000 open-source projects in one month, but only 97 patches were deployed upstream.
Application Security
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
Andrew Doyle May 25, 2026
A CVSS 10.0 flaw in the LiteSpeed cPanel plugin lets any authenticated user execute arbitrary scripts as root, compromising all tenants on a shared host.
CVE Vulnerability Alerts
CISA Orders Patch for Linux Container Escape CVE-2022-0492
Gabby Lee June 4, 2026
Cybersecurity
TheGentlemen and Genesis Ransomware Hit Two US Clinics
Andrew Doyle June 4, 2026
Cybersecurity
OFAC Sanctions Nobitex, Iran’s Largest Crypto Exchange
Gabby Lee June 4, 2026
Cybersecurity
TheGentlemen and Genesis Ransomware Hit Two US Clinics
Andrew Doyle June 4, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
OFAC Sanctions Nobitex, Iran’s Largest Crypto Exchange
Application Security
Burst Statistics CVE-2026-8181 Under Mass Exploitation
CVE Vulnerability Alerts
Acer Wave 7 Routers Carry Two Max-Severity Zero-Days
Application Security
Public PoC Released for Cisco Unified CM SSRF Bug

This Week’s Security Spotlight

Cybersecurity
CISA to Issue Binding AI Security Directive This Week
Andrew Doyle June 4, 2026
Application Security
Fake Claude Code Installers on Google Sites Steal AI API Keys
Gabby Lee June 4, 2026
Application Security
IBM WebSphere CVE-2026-8633: CVSS 9.8 No-Auth RCE Flaw Patched
Gabby Lee June 2, 2026
Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Mitchell Langley May 25, 2026
More In News
Trending
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms
October 24, 2025
Podcasts
AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces
October 24, 2025
Podcasts
Jewett-Cameron Reports Ransomware Breach Involving Encryption and Data Theft
October 23, 2025

Cyber Security News

Application Security
CVE-2026-8206 Kirki Plugin Exploited; 500,000 WordPress Sites at Risk
June 3, 2026
CVE Vulnerability Alerts
CVE-2026-0826 (CVSS 9.2): Unauthenticated RCE in HP Poly VoIP Phones
June 3, 2026
Cybersecurity
Sophos: AI Ransomware Toolkit Uses Claude Opus 4.5 for EDR Evasion
June 3, 2026
Application Security
CISA Adds CVE-2024-21182 Oracle WebLogic to KEV; Feds Have 3 Days
June 3, 2026
Application Security
CVE-2026-49975 HTTP/2 Bomb Hits nginx, Apache, Envoy, and Cloudflare
June 3, 2026
Application Security
VS Code Zero-Day Exposes GitHub OAuth Tokens; No Patch Available
June 3, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
California AG Sues 23andMe Successor Over 2023 Genetic Data Breach
June 1, 2026
California AG Rob Bonta sued Chrome Holding Co., 23andMe's successor after bankruptcy, over the 2023 breach exposing genetic health data for millions of users.
LLMShare Campaign Hosts Infostealer Downloads on ChatGPT’s Own Domain
June 1, 2026
LLMShare, discovered by Push Security, abuses ChatGPT's share links on chatgpt.com to host fake outage pages that deliver infostealer malware to Windows and macOS users.
NC Man Gets 121 Months for Selling Elderly Americans’ Data to Scammers
June 1, 2026
Troy Murray, 57, of North Carolina was sentenced to 121 months in prison and ordered to forfeit $5.2 million for selling elderly Americans' data to ...
Microsoft: 14 npm Packages Linked to Single Actor Stealing AWS Keys
June 1, 2026
Microsoft attributed 14 malicious npm packages impersonating OpenSearch and Elasticsearch to a single threat actor who stole AWS credentials and CI/CD secrets from developer environments.
Play Ransomware Lists MyPillow, US Telecom in Six-Victim Batch
June 1, 2026
Play ransomware listed six victims on May 25, led by consumer brand MyPillow and a US telecom provider, in a multi-sector batch spanning four countries.
Incransom Hits Illinois Health Center and Manufacturer
June 1, 2026
Incransom claimed two US victims on May 25 — Open Door Health Center in Illinois and manufacturer PILLER AIMMCO — part of a three-victim, 48-hour ...
Nova Ransomware Lists Russian Oil Firm Eriell in May 26 Batch
June 1, 2026
Nova ransomware posted Russian oil firm Eriell and tech company sandox info on May 26, continuing a five-victim, five-day burst spanning four world regions.
Incransom Claims Meirc Breach, Threatens to Leak 1TB of Client Data
May 26, 2026
Incransom has claimed a full-network breach of Meirc Training & Consulting on May 25, threatening to publish 1TB of employee and client data within one ...
DragonForce Lists Indiana Greenhouse Firm Heartland Growers
May 26, 2026
DragonForce ransomware listed Indiana wholesale greenhouse firm Heartland Growers on its dark web leak site amid escalating agricultural sector targeting.
Nova Ransomware Hits Brazilian Government Agency and Turkish Tech Firm
May 26, 2026
Nova ransomware claimed Brazil's SECONT and Turkey's Adensa Teknoloji on May 24, its third posting in three days spanning South America, Europe, and Turkey.
Qilin Ransomware Batch-Lists 7 Victims Across Five Countries
May 26, 2026
Qilin ransomware disclosed seven victims in a single May 24 batch across five countries, including a Czech financial firm and US accounting services provider.
Nightspire Ransomware Hits US Healthcare in Nine-Victim Batch
May 26, 2026
Nightspire ransomware posted nine victims on May 24 including US adult day center La Familia, an Egyptian Papa John's franchise, and a consumer lender across ...
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
May 25, 2026
Attackers exploited CVE-2026-26980 in Ghost CMS to compromise 700+ domains including Harvard and Oxford, turning them into ClickFix malware distribution points.
Laravel Lang Supply Chain Attack Hijacks 700 Package Versions
May 25, 2026
Attackers rewrote git tags across four Laravel Lang packages to deploy a PHP credential stealer and Windows executable targeting developer machines and servers.
Underminr Flaw Lets Attackers Hide C2 Traffic on 88M Domains
May 25, 2026
Researcher David Redekop of ADAMnetworks disclosed Underminr, a CDN flaw affecting 88 million domains that routes C2 traffic through trusted hostnames.
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
May 25, 2026
Anthropic's Project Glasswing AI found 10,000+ high-severity CVEs in 1,000 open-source projects in one month, but only 97 patches were deployed upstream.
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
May 25, 2026
A CVSS 10.0 flaw in the LiteSpeed cPanel plugin lets any authenticated user execute arbitrary scripts as root, compromising all tenants on a shared host.
ShinyHunters Claims 42M Charter Records, Sets May 27 Deadline
May 25, 2026
ShinyHunters listed Charter Communications with 42 million claimed records and a May 27 dump deadline; Charter confirmed an investigation with authorities.
Netherlands Seizes 800 Stark Industries Servers, Arrests Two
May 25, 2026
Dutch FIOD agents seized 800 servers and arrested two at Stark Industries successor WorkTitans for violating EU sanctions tied to Russian cyber operations.
ShinyHunters Claims 260K Baker Distributing Salesforce Records
May 25, 2026
Baker Distributing Company was added to ShinyHunters' Salesforce extortion campaign with 260,000 CRM records exposed and a May 27 public leak deadline.
OFAC Sanctions Nobitex, Iran’s Largest Crypto Exchange
Burst Statistics CVE-2026-8181 Under Mass Exploitation
Acer Wave 7 Routers Carry Two Max-Severity Zero-Days
Public PoC Released for Cisco Unified CM SSRF Bug
TheGentlemen and Genesis Ransomware Hit Two US Clinics
CISA Faces $700M More Cuts as Mullin Signals Restructure
DragonForce and Nitrogen Ransomware Hit Three Continents
AI Tool Uncovers Two-Year-Old Redis RCE CVE-2026-23479
CISA to Issue Binding AI Security Directive This Week
AI Worm Exploits 73.8% of Test Enterprise Network with Free Model
Fake Claude Code Installers on Google Sites Steal AI API Keys
Fake Chrome Web Store DMCA Notices Target Extension Developers
Commission Proposes $11 Billion Dedicated US Cyber Force Branch
KillSec Ransomware Hits Indian Teaching Hospital and Mexican Insurer
Nova Ransomware Apologizes for CIS Rule Violation, Bans Affiliate
Trump Signs Executive Order for National Security Review of AI Models
Huntress Discloses Windows Search URI Flaw That Leaks NTLMv2 Hashes
Qilin Ransomware Claims Six Victims Across Five Countries in Two Days
APT73 Bashe Ransomware Claims Armenia’s Ministry of Internal Affairs
Russia’s FSB Claims Foreign Spies Installed Phone Surveillance Malware