Main Menu
Cyber Security
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
Adobe’s ColdFusion Vulnerabilities Pose a Major Threat Amid Broader Security Concerns
Microsoft Rolls Out Fast-Track Account Recovery for Windows Hardware Program Suspensions
Google Enhances Pixel Security with Rust-Based DNS Parser
US, UK, and Canadian Forces Execute Successful Anti-Cryptocurrency Theft Operation
Stolen Credentials and Zero Trust: Preventing Privilege Escalation in Security Breaches
Cybercriminals Use Ad Fraud With AI and SEO Tactics to Push Scareware
JanelaRAT: Continuing Threat to Latin American Financial Institutions
Information Theft Revolutionized: No Local Decryption in This Security Threat
Booking.com Confirms Unauthorized Access Compromising User Data
LinkedIn’s Browser Extension Draws Corporate Espionage Allegations
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Juniper Networks Addresses Critical Junos OS Vulnerabilities
GlassWorm Campaign Deploys New Zig Dropper to Target Developer IDEs
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
$100 Million AI Initiative Targets Hidden Vulnerabilities in Open Source Software
AI Browser Extensions Pose a Hidden Risk to Network Security
Critical Marimo Vulnerability Is Now Being Actively Exploited for Credential Theft
Cybercriminals Target Venice’s Flood Control Systems, Exposing Dangerous Gaps in Urban Security
Adobe Addresses Critical Flaw in Acrobat Reader with Emergency Updates
Emerging Threats in Malware: Recent Developments in Software Vulnerabilities
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
CPUID Website Was Briefly Compromised to Spread Remote Access Trojan
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Chaos Malware Expands Its Reach to Cloud Deployments
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Cisco Releases Patches for Critical and High-Severity Vulnerabilities
Cybersecurity
Cisco Releases Patches for Critical and High-Severity Vulnerabilities
Mitchell Langley April 3, 2026
Cisco fixes critical vulnerabilities threatening authentication, code execution, and more.
Stryker Corporation Restores Operations After Cyberattack
Cybersecurity
Stryker Corporation Restores Operations After Cyberattack
Gabby Lee April 3, 2026
Stryker Corporation resumes operations after a cyberattack by Handala hacktivists.
Cybersecurity M&A Activity Surges With 38 Deals Closing in March 2026
Cybersecurity
Cybersecurity M&A Activity Surges With 38 Deals Closing in March 2026
Mitchell Langley April 3, 2026
Explore prominent cybersecurity M&A deals announced in March 2026 by Airbus, Cellebrite, and others.
Anthropic Confirms Internal Claude Code Leak Was Caused by Human Error
Cybersecurity
Anthropic Confirms Internal Claude Code Leak Was Caused by Human Error
Mitchell Langley April 2, 2026
Anthropic confirms internal code leak of Claude Code due to human error, no sensitive data involved.
Microsoft Releases Emergency Fix for KB5079391 Update Installation Failures
Cybersecurity
Microsoft Releases Emergency Fix for KB5079391 Update Installation Failures
Andrew Doyle April 2, 2026
Microsoft has released an emergency fix for the March 2026 KB5079391 non-security preview update, which was pulled over the weekend due to widespread ...
Google Rolls Out Gmail Address Change and Alias Feature in the U.S.
Application Security
Google Rolls Out Gmail Address Change and Alias Feature in the U.S.
Andrew Doyle April 2, 2026
Google introduces a feature to change Gmail addresses, enhancing user email customization options in the U.S.
Proton Launches Meet as a Privacy-First Alternative to Google Meet and Zoom
Application Security
Proton Launches Meet as a Privacy-First Alternative to Google Meet and Zoom
Mitchell Langley April 2, 2026
Proton introduces Meet, a new video conferencing service focused on privacy.
Anthropic Accidentally Leaked Source Code for Claude Code
Cybersecurity
Anthropic Accidentally Leaked Source Code for Claude Code
Andrew Doyle April 2, 2026
Anthropic's Claude Code source code leak report assures that no client data was breached.
EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts
News
EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts
Mitchell Langley April 2, 2026
Explore how EvilTokens exploits phishing methods to endanger Microsoft accounts and facilitate business email compromise attacks.
Ukrainian CERT Impersonated in Phishing Campaign Distributing AGEWHEEZE
News
Ukrainian CERT Impersonated in Phishing Campaign Distributing AGEWHEEZE
Gabby Lee April 2, 2026
Ukrainian CERT is impersonated in a phishing campaign that distributes AGEWHEEZE, a remote administration tool.
Depthfirst Secures $80 Million for AI Security Expansion
Cybersecurity
Depthfirst Secures $80 Million for AI Security Expansion
Gabby Lee April 2, 2026
Depthfirst secures Series B funding to enhance AI research, train security models, and boost enterprise adoption.
DeepLoad Malware Poses a Multifaceted Threat with Credential Theft and Extension Installation
News
DeepLoad Malware Poses a Multifaceted Threat with Credential Theft and Extension Installation
Andrew Doyle April 2, 2026
New malware named DeepLoad threatens cybersecurity by deploying a malicious browser extension and spreading via USB drives to steal credentials.
Hasbro Targeted in a Recent Cybersecurity Incident
Cybersecurity
Hasbro Targeted in a Recent Cybersecurity Incident
Andrew Doyle April 2, 2026
Toy manufacturer Hasbro investigates potential data compromise following a cyberattack.
Google Patches Exploited Zero-Day Among 21 Chrome Vulnerabilities
Application Security
Google Patches Exploited Zero-Day Among 21 Chrome Vulnerabilities
Andrew Doyle April 2, 2026
Google addresses 21 vulnerabilities, including a zero-day in Chrome's Dawn component.
FBI Cautions on Security Threats from Chinese Mobile Applications
Cybersecurity
FBI Cautions on Security Threats from Chinese Mobile Applications
Andrew Doyle April 2, 2026
The FBI alerts users about data privacy issues connected to Chinese mobile applications, urging caution.
VBS File Campaign Uses WhatsApp for Multi-Stage Malware Deployment
Application Security
VBS File Campaign Uses WhatsApp for Multi-Stage Malware Deployment
Mitchell Langley April 2, 2026
New campaign exploits WhatsApp to spread Visual Basic Script files, forming a multi-stage infection chain.
Android Malware NoVoice Found Hiding Across 50 Apps on Google Play
Application Security
Android Malware NoVoice Found Hiding Across 50 Apps on Google Play
Gabby Lee April 2, 2026
Android malware NoVoice was stealthily embedded in over 50 apps on Google Play.
UK Government Allocates £630,000 for Digital Identity Card Discussion
Cybersecurity
UK Government Allocates £630,000 for Digital Identity Card Discussion
Andrew Doyle April 2, 2026
The UK government is investing £630,000 in a panel to examine digital identity card plans, aiming for diverse perspectives and trade-offs.
Hacker Charged in $55 Million Cryptocurrency Heist Involving Smart Contract Exploit
Cybersecurity
Hacker Charged in $55 Million Cryptocurrency Heist Involving Smart Contract Exploit
Mitchell Langley April 2, 2026
Investigators uncover how Jonathan Spalletta leveraged smart contract vulnerabilities, resulting in a major cryptocurrency theft that brought down the...
UNC1069 Linked to Axios NPM Supply Chain Attack for Financial Intrusion
Cybersecurity
UNC1069 Linked to Axios NPM Supply Chain Attack for Financial Intrusion
Mitchell Langley April 2, 2026
Google attributes Axios npm attack to North Korean threat group UNC1069, aiming for financial theft.
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Application Security
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Mitchell Langley April 15, 2026
Basic-Fit Data Breach Exposes Personal Information of One Million Members
Cybersecurity
Basic-Fit Data Breach Exposes Personal Information of One Million Members
Gabby Lee April 15, 2026
JanelaRAT - Continuing Threat to Latin American Financial Institutions
Cybersecurity
JanelaRAT: Continuing Threat to Latin American Financial Institutions
Mitchell Langley April 14, 2026
LucidRook Malware Targets Taiwanese Universities and NGOs
News
LucidRook Malware Targets Taiwanese Universities and NGOs
Gabby Lee April 13, 2026

TOP CYBERSECURITY HEADLINES

McGraw-Hill Data Breach - Salesforce Misconfiguration Exploited by Hackers
Cybersecurity
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
Application Security
Critical Security Flaws in Composer Put PHP Applications at Risk
Adobe's ColdFusion Vulnerabilities Pose a Major Threat Amid Broader Security Concerns
Application Security
Adobe’s ColdFusion Vulnerabilities Pose a Major Threat Amid Broader Security Concerns
Microsoft Rolls Out Fast-Track Account Recovery for Windows Hardware Program Suspensions
Application Security
Microsoft Rolls Out Fast-Track Account Recovery for Windows Hardware Program Suspensions

This Week’s Security Spotlight

OpenAI Responds to Supply Chain Attack Affecting macOS Security
Application Security
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Andrew Doyle April 14, 2026
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
Cybersecurity
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
Mitchell Langley April 13, 2026
New Bypass Technique Bypasses Apple's AI Safeguards
Application Security
New Bypass Technique Bypasses Apple’s AI Safeguards
Gabby Lee April 10, 2026
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Cybersecurity
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Mitchell Langley April 8, 2026
More In News
Trending
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Bogus Traffic Violation Text Scam Targeting Americans
EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms
October 24, 2025
Podcasts
AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces
October 24, 2025
Podcasts
Jewett-Cameron Reports Ransomware Breach Involving Encryption and Data Theft
October 23, 2025

Cyber Security News

Emerging Threats in Malware Recent Developments in Software Vulnerabilities
Application Security
Emerging Threats in Malware: Recent Developments in Software Vulnerabilities
April 13, 2026
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
Cybersecurity
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
April 13, 2026
CPUID Website Was Briefly Compromised to Spread Remote Access Trojan
Application Security
CPUID Website Was Briefly Compromised to Spread Remote Access Trojan
April 13, 2026
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Cybersecurity
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
April 10, 2026
Chaos Malware Expands Its Reach to Cloud Deployments
Cybersecurity
Chaos Malware Expands Its Reach to Cloud Deployments
April 10, 2026
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
Cybersecurity
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
April 10, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Anthropic Confirms Internal Claude Code Leak Was Caused by Human Error
April 2, 2026
Anthropic confirms internal code leak of Claude Code due to human error, no sensitive data involved.
Microsoft Releases Emergency Fix for KB5079391 Update Installation Failures
April 2, 2026
Microsoft has released an emergency fix for the March 2026 KB5079391 non-security preview update, which was pulled over the weekend due to widespread ...
Google Rolls Out Gmail Address Change and Alias Feature in the U.S.
April 2, 2026
Google introduces a feature to change Gmail addresses, enhancing user email customization options in the U.S.
Proton Launches Meet as a Privacy-First Alternative to Google Meet and Zoom
April 2, 2026
Proton introduces Meet, a new video conferencing service focused on privacy.
Anthropic Accidentally Leaked Source Code for Claude Code
April 2, 2026
Anthropic's Claude Code source code leak report assures that no client data was breached.
EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts
April 2, 2026
Explore how EvilTokens exploits phishing methods to endanger Microsoft accounts and facilitate business email compromise attacks.
Ukrainian CERT Impersonated in Phishing Campaign Distributing AGEWHEEZE
April 2, 2026
Ukrainian CERT is impersonated in a phishing campaign that distributes AGEWHEEZE, a remote administration tool.
Depthfirst Secures $80 Million for AI Security Expansion
April 2, 2026
Depthfirst secures Series B funding to enhance AI research, train security models, and boost enterprise adoption.
DeepLoad Malware Poses a Multifaceted Threat with Credential Theft and Extension Installation
April 2, 2026
New malware named DeepLoad threatens cybersecurity by deploying a malicious browser extension and spreading via USB drives to steal credentials.
Hasbro Targeted in a Recent Cybersecurity Incident
April 2, 2026
Toy manufacturer Hasbro investigates potential data compromise following a cyberattack.
Google Patches Exploited Zero-Day Among 21 Chrome Vulnerabilities
April 2, 2026
Google addresses 21 vulnerabilities, including a zero-day in Chrome's Dawn component.
FBI Cautions on Security Threats from Chinese Mobile Applications
April 2, 2026
The FBI alerts users about data privacy issues connected to Chinese mobile applications, urging caution.
VBS File Campaign Uses WhatsApp for Multi-Stage Malware Deployment
April 2, 2026
New campaign exploits WhatsApp to spread Visual Basic Script files, forming a multi-stage infection chain.
Android Malware NoVoice Found Hiding Across 50 Apps on Google Play
April 2, 2026
Android malware NoVoice was stealthily embedded in over 50 apps on Google Play.
UK Government Allocates £630,000 for Digital Identity Card Discussion
April 2, 2026
The UK government is investing £630,000 in a panel to examine digital identity card plans, aiming for diverse perspectives and trade-offs.
Hacker Charged in $55 Million Cryptocurrency Heist Involving Smart Contract Exploit
April 2, 2026
Investigators uncover how Jonathan Spalletta leveraged smart contract vulnerabilities, resulting in a major cryptocurrency theft that brought down the...
UNC1069 Linked to Axios NPM Supply Chain Attack for Financial Intrusion
April 2, 2026
Google attributes Axios npm attack to North Korean threat group UNC1069, aiming for financial theft.
The “Doctor No” Problem Is Changing the Face of Enterprise Security
April 2, 2026
The controversial "Doctor No" role in security operations highlights a shift from mere obstruction to strategic decision-making.
Open VSX Bug Allowed Malicious VS Code Extensions Into the Registry
April 1, 2026
Cybersecurity experts reveal details of an Open VSX scanning flaw that allowed malicious VS Code extensions to pass vetting and enter the registry.
OpenAI Introduces a Bug Bounty Program Targeting Safety Risks and Exploitable Issues
April 1, 2026
OpenAI initiates a bug bounty program to uncover and mitigate abuse and safety vulnerabilities.
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
Adobe’s ColdFusion Vulnerabilities Pose a Major Threat Amid Broader Security Concerns
Microsoft Rolls Out Fast-Track Account Recovery for Windows Hardware Program Suspensions
Cyberwarfare Within the Underground: Ransomware Gangs Clash
Google Enhances Pixel Security with Rust-Based DNS Parser
US, UK, and Canadian Forces Execute Successful Anti-Cryptocurrency Theft Operation
Stolen Credentials and Zero Trust: Preventing Privilege Escalation in Security Breaches
Cybercriminals Use Ad Fraud With AI and SEO Tactics to Push Scareware
JanelaRAT: Continuing Threat to Latin American Financial Institutions
U.S. and Indonesian Authorities Dismantle the Global Phishing Platform “W3LL”
Phony Root Certificate Scheme Puts Open Source Developers at Risk
Information Theft Revolutionized: No Local Decryption in This Security Threat
Booking.com Confirms Unauthorized Access Compromising User Data
LinkedIn’s Browser Extension Draws Corporate Espionage Allegations
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Juniper Networks Addresses Critical Junos OS Vulnerabilities
GlassWorm Campaign Deploys New Zig Dropper to Target Developer IDEs
LucidRook Malware Targets Taiwanese Universities and NGOs
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation