Main Menu
Cyber Security
$100 Million AI Initiative Targets Hidden Vulnerabilities in Open Source Software
AI Browser Extensions Pose a Hidden Risk to Network Security
Critical Marimo Vulnerability Is Now Being Actively Exploited for Credential Theft
Cybercriminals Target Venice’s Flood Control Systems, Exposing Dangerous Gaps in Urban Security
Adobe Addresses Critical Flaw in Acrobat Reader with Emergency Updates
Emerging Threats in Malware: Recent Developments in Software Vulnerabilities
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
CPUID Website Was Briefly Compromised to Spread Remote Access Trojan
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Chaos Malware Expands Its Reach to Cloud Deployments
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Massachusetts Hospital Faces Service Interruptions Amid Cyberattack
FleetWave Users Left Without Service After Chevin Takes Platform Offline
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
Covert PDF Exploitation: Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Microsoft’s Communication Breakdown Leaves Developers Locked Out Without Warning
Google Enhances Chrome Security with Device Bound Session Credentials
New Bypass Technique Bypasses Apple’s AI Safeguards
ChipSoft’s Website Goes Offline After Ransomware Attack While Email Stays Operational
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat
Docker Engine Vulnerability CVE-2026-34040 Allows Attackers to Bypass Authorization
UNC1069 Linked to Axios NPM Supply Chain Attack for Financial Intrusion
Cybersecurity
UNC1069 Linked to Axios NPM Supply Chain Attack for Financial Intrusion
Mitchell Langley April 2, 2026
Google attributes Axios npm attack to North Korean threat group UNC1069, aiming for financial theft.
The Doctor No Problem Is Changing the Face of Enterprise Security
Cybersecurity
The “Doctor No” Problem Is Changing the Face of Enterprise Security
Gabby Lee April 2, 2026
The controversial "Doctor No" role in security operations highlights a shift from mere obstruction to strategic decision-making.
Open VSX Bug Allowed Malicious VS Code Extensions Into the Registry
Cybersecurity
Open VSX Bug Allowed Malicious VS Code Extensions Into the Registry
Mitchell Langley April 1, 2026
Cybersecurity experts reveal details of an Open VSX scanning flaw that allowed malicious VS Code extensions to pass vetting and enter the registry.
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
Cybersecurity
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
Mitchell Langley April 1, 2026
OpenAI initiates a bug bounty program to uncover and mitigate abuse and safety vulnerabilities.
New Phishing Techniques Threaten TikTok Business Account Security
News
New Phishing Techniques Threaten TikTok Business Account Security
Andrew Doyle April 1, 2026
Cybercriminals use phishing tactics to hijack TikTok business accounts.
US and UK Seek Advanced Tech to Counter Underwater Drone Threats
Cybersecurity
US and UK Seek Advanced Tech to Counter Underwater Drone Threats
Gabby Lee April 1, 2026
US and UK aim to strengthen maritime defense against underwater drones.
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
Cybersecurity
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
Andrew Doyle April 1, 2026
AFC Ajax confirms a significant data breach that exposed vulnerabilities in its internal systems, enabling unauthorized access.
TP-Link Routers Receive Patches for High-Severity Security Flaws
Cybersecurity
TP-Link Routers Receive Patches for High-Severity Security Flaws
Mitchell Langley April 1, 2026
TP-Link patches high-severity router flaws that could enable authentication bypass, arbitrary command execution, and configuration file decryption.
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
Cybersecurity
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
Gabby Lee April 1, 2026
Cloudflare-themed attack uses ClickFix tactics to deliver Python-based Infiniti stealer on macOS systems.
Infinity Stealer Malware Takes Aim at macOS Systems
Cybersecurity
Infinity Stealer Malware Takes Aim at macOS Systems
Andrew Doyle March 31, 2026
New malware, Infinity Stealer, targeting macOS via Python payload compiled with Nuitka.
Iranian Hackers Breach FBI Director's Personal Email Account
Cybersecurity
Iranian Hackers Breach FBI Director’s Personal Email Account
Mitchell Langley March 31, 2026
Iranian-backed hackers penetrated FBI director's email, leaked sensitive information online.
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
News
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
Gabby Lee March 31, 2026
Russian-based TA446 group wields DarkSword to compromise iOS devices, escalating cybersecurity threats.
European Commission Responds to Cloud Infrastructure Cyberattack
Cybersecurity
European Commission Responds to Cloud Infrastructure Cyberattack
Andrew Doyle March 31, 2026
The European Commission contained a cyberattack affecting its cloud infrastructure, ensuring no internal network disruption to Europa.eu websites.
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
Application Security
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
Mitchell Langley March 31, 2026
Security flaw in Smart Slider 3 WordPress plugin risks unauthorized file access across more than 800,000 websites.
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
Cybersecurity
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
Gabby Lee March 31, 2026
Apple is urging iOS and iPadOS users to update their devices immediately due to active web-based security threats.
CareCloud Responds to a Potential Data Security Breach
Cybersecurity
CareCloud Responds to a Potential Data Security Breach
Andrew Doyle March 31, 2026
CareCloud investigates potential data breach in its electronic health record system, raising cybersecurity concerns.
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
Cybersecurity
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
Mitchell Langley March 31, 2026
Cybercrime group associated with Trivy attack uploads malicious Telnyx packages to PyPI aiming to deploy credential-stealing malware.
Hackers Exploit a Critical Citrix Vulnerability to Steal Sensitive Data
CVE Vulnerability Alerts
Hackers Exploit a Critical Citrix Vulnerability to Steal Sensitive Data
Mitchell Langley March 31, 2026
Critical Citrix vulnerability CVE-2026-3055 is targeted by attackers to steal data.
A Hidden Flaw in OpenAI ChatGPT Turns Conversations Into Data Leaks
Cybersecurity
A Hidden Flaw in OpenAI ChatGPT Turns Conversations Into Data Leaks
Gabby Lee March 31, 2026
New vulnerability in OpenAI ChatGPT allows secret data leaks.
Researchers Uncover a New Malware Loader Targeting Credentials Through ClickFix
Cybersecurity
Researchers Uncover a New Malware Loader Targeting Credentials Through ClickFix
Andrew Doyle March 31, 2026
DeepLoad, a new malware loader, exploits the ClickFix tactic with AI-assisted obfuscation.
Juniper Networks Addresses Critical Junos OS Vulnerabilities
Cybersecurity
Juniper Networks Addresses Critical Junos OS Vulnerabilities
Andrew Doyle April 13, 2026
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
Cybersecurity
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
Gabby Lee April 13, 2026
LucidRook Malware Targets Taiwanese Universities and NGOs
News
LucidRook Malware Targets Taiwanese Universities and NGOs
Gabby Lee April 13, 2026
Chaos Malware Expands Its Reach to Cloud Deployments
Cybersecurity
Chaos Malware Expands Its Reach to Cloud Deployments
Gabby Lee April 10, 2026

TOP CYBERSECURITY HEADLINES

UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
Cybersecurity
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
$100 Million AI Initiative Targets Hidden Vulnerabilities in Open Source Software
Cybersecurity
$100 Million AI Initiative Targets Hidden Vulnerabilities in Open Source Software
AI Browser Extensions Pose a Hidden Risk to Network Security
Application Security
AI Browser Extensions Pose a Hidden Risk to Network Security
Critical Marimo Vulnerability Is Now Being Actively Exploited for Credential Theft
Application Security
Critical Marimo Vulnerability Is Now Being Actively Exploited for Credential Theft

This Week’s Security Spotlight

U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
Cybersecurity
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
Mitchell Langley April 13, 2026
New Bypass Technique Bypasses Apple's AI Safeguards
Application Security
New Bypass Technique Bypasses Apple’s AI Safeguards
Gabby Lee April 10, 2026
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Cybersecurity
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Mitchell Langley April 8, 2026
Bogus Traffic Violation Text Scam Targeting Americans
News
Bogus Traffic Violation Text Scam Targeting Americans
Andrew Doyle April 7, 2026
More In News
Trending
Bogus Traffic Violation Text Scam Targeting Americans
EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts
Ukrainian CERT Impersonated in Phishing Campaign Distributing AGEWHEEZE
New Phishing Techniques Threaten TikTok Business Account Security

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms
October 24, 2025
Podcasts
AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces
October 24, 2025
Podcasts
Jewett-Cameron Reports Ransomware Breach Involving Encryption and Data Theft
October 23, 2025

Cyber Security News

Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Cybersecurity
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
April 10, 2026
Microsoft's Communication Breakdown Leaves Developers Locked Out Without Warning
Cybersecurity
Microsoft’s Communication Breakdown Leaves Developers Locked Out Without Warning
April 10, 2026
Google Enhances Chrome Security with Device Bound Session Credentials
Application Security
Google Enhances Chrome Security with Device Bound Session Credentials
April 10, 2026
New Bypass Technique Bypasses Apple's AI Safeguards
Application Security
New Bypass Technique Bypasses Apple’s AI Safeguards
April 10, 2026
ChipSoft's Website Goes Offline After Ransomware Attack While Email Stays Operational
Cybersecurity
ChipSoft’s Website Goes Offline After Ransomware Attack While Email Stays Operational
April 9, 2026
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Cybersecurity
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
April 8, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
April 1, 2026
OpenAI initiates a bug bounty program to uncover and mitigate abuse and safety vulnerabilities.
New Phishing Techniques Threaten TikTok Business Account Security
April 1, 2026
Cybercriminals use phishing tactics to hijack TikTok business accounts.
US and UK Seek Advanced Tech to Counter Underwater Drone Threats
April 1, 2026
US and UK aim to strengthen maritime defense against underwater drones.
AFC Ajax Data Breach Exposed Systems and Allowed Intruder Control
April 1, 2026
AFC Ajax confirms a significant data breach that exposed vulnerabilities in its internal systems, enabling unauthorized access.
TP-Link Routers Receive Patches for High-Severity Security Flaws
April 1, 2026
TP-Link patches high-severity router flaws that could enable authentication bypass, arbitrary command execution, and configuration file decryption.
Cloudflare-Themed Scam Targets Macs With Infiniti Stealer Malware
April 1, 2026
Cloudflare-themed attack uses ClickFix tactics to deliver Python-based Infiniti stealer on macOS systems.
Infinity Stealer Malware Takes Aim at macOS Systems
March 31, 2026
New malware, Infinity Stealer, targeting macOS via Python payload compiled with Nuitka.
Iranian Hackers Breach FBI Director’s Personal Email Account
March 31, 2026
Iranian-backed hackers penetrated FBI director's email, leaked sensitive information online.
Russian-Affiliated Attackers Deploy DarkSword Exploit Kit Targeting iOS Devices
March 31, 2026
Russian-based TA446 group wields DarkSword to compromise iOS devices, escalating cybersecurity threats.
European Commission Responds to Cloud Infrastructure Cyberattack
March 31, 2026
The European Commission contained a cyberattack affecting its cloud infrastructure, ensuring no internal network disruption to Europa.eu websites.
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
March 31, 2026
Security flaw in Smart Slider 3 WordPress plugin risks unauthorized file access across more than 800,000 websites.
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
March 31, 2026
Apple is urging iOS and iPadOS users to update their devices immediately due to active web-based security threats.
CareCloud Responds to a Potential Data Security Breach
March 31, 2026
CareCloud investigates potential data breach in its electronic health record system, raising cybersecurity concerns.
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
March 31, 2026
Cybercrime group associated with Trivy attack uploads malicious Telnyx packages to PyPI aiming to deploy credential-stealing malware.
Hackers Exploit a Critical Citrix Vulnerability to Steal Sensitive Data
March 31, 2026
Critical Citrix vulnerability CVE-2026-3055 is targeted by attackers to steal data.
A Hidden Flaw in OpenAI ChatGPT Turns Conversations Into Data Leaks
March 31, 2026
New vulnerability in OpenAI ChatGPT allows secret data leaks.
Researchers Uncover a New Malware Loader Targeting Credentials Through ClickFix
March 31, 2026
DeepLoad, a new malware loader, exploits the ClickFix tactic with AI-assisted obfuscation.
Huskeys Steps Out of Stealth With $8 Million in Funding and a New Edge Security Platform
March 31, 2026
Huskeys announces its $8M funding and an AI-driven edge security management platform built to secure the full edge security stack.
Apple Blocks Dangerous Terminal Commands in macOS Tahoe 26.4
March 31, 2026
Apple adds a security feature in macOS Tahoe 26.4 to block harmful Terminal commands, alerting users to potential risks before execution.
Zero-Click Flaw in Telegram Raises Security Alarms Despite Company Denial
March 31, 2026
Discover the high-severity Telegram flaw enabling zero-click remote code execution.
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
$100 Million AI Initiative Targets Hidden Vulnerabilities in Open Source Software
AI Browser Extensions Pose a Hidden Risk to Network Security
Critical Marimo Vulnerability Is Now Being Actively Exploited for Credential Theft
Cybercriminals Target Venice’s Flood Control Systems, Exposing Dangerous Gaps in Urban Security
Adobe Addresses Critical Flaw in Acrobat Reader with Emergency Updates
Emerging Threats in Malware: Recent Developments in Software Vulnerabilities
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
CPUID Website Was Briefly Compromised to Spread Remote Access Trojan
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Chaos Malware Expands Its Reach to Cloud Deployments
APT28 Deploys PRISMEX Malware Against Ukraine and Its Allies
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Massachusetts Hospital Faces Service Interruptions Amid Cyberattack
FleetWave Users Left Without Service After Chevin Takes Platform Offline
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets