Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Emerging Threats Cloudflare WAF Bypass and Snap Store Malware
Cybersecurity
Emerging Threats: Cloudflare WAF Bypass and Snap Store Malware
Andrew Doyle January 28, 2026
Recent developments in cybersecurity reveal a Cloudflare WAF bypass, Cannonical's Snap Store malware, and the termination of Curl's bug bounty program. Explore how these issues ...
Fortinet's FortiCloud SSO Exploitation Raises Concerns Despite Patches
Cybersecurity
Fortinet’s FortiCloud SSO Exploitation Raises Concerns Despite Patches
Andrew Doyle January 28, 2026
Concerns have arisen following the recent identification of exploitation attempts targeting Fortinet's FortiCloud single sign-on (SSO) capabilities. Even though patches were released, attackers have leveraged ...
Automation in Cyberattacks A New Era for CISOs to Prepare For
Cybersecurity
Automation in Cyberattacks: A New Era for CISOs to Prepare For
Mitchell Langley January 28, 2026
Cybercriminals are on the brink of automating their attack workflows end-to-end. CISOs need to anticipate and prepare for these changes to effectively defend against increasingly ...
Malicious VSCode Extensions Infiltrate Marketplace
Application Security
Malicious VSCode Extensions Infiltrate Marketplace
Gabby Lee January 28, 2026
Two rogue extensions in Microsoft's Visual Studio Code (VSCode) Marketplace have been identified, accumulating 1.5 million installations. These extensions are designed to exfiltrate sensitive developer ...
New CISA Alert Active Exploitation of Critical Vulnerabilities in Enterprise Tools
Cybersecurity
New CISA Alert: Active Exploitation of Critical Vulnerabilities in Enterprise Tools
Gabby Lee January 28, 2026
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert about the active exploitation of vulnerabilities in software from Versa, Zimbra, the Vite frontend ...
Venezuelan Nationals Convicted in ATM Jackpotting Scheme to Face Deportation
Cybersecurity
Venezuelan Nationals Convicted in ATM Jackpotting Scheme to Face Deportation
Andrew Doyle January 28, 2026
Two Venezuelan nationals convicted for an ATM jackpotting scheme will be deported after serving prison sentences. The scheme involved sophisticated cyber tactics to exploit ATM ...
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
Cybersecurity
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
Mitchell Langley January 28, 2026
ShinyHunters has taken credit for a phishing operation targeting Okta's platform, reportedly compromising Crunchbase and Betterment systems. This breach has potentially far-reaching consequences for security ...
Popular Curl Project Discontinues Bug Bounty Program due to Poor Quality Reports
Cybersecurity
Popular Curl Project Discontinues Bug Bounty Program due to Poor Quality Reports
Andrew Doyle January 28, 2026
Curl is terminating its bug bounty on HackerOne due to the burden of AI-generated reports. The increase in low-quality submissions has made managing the program ...
Click-Fraud Trojan Uses Machine Learning to Evade Detection
Cybersecurity
Click-Fraud Trojan Uses Machine Learning to Evade Detection
Mitchell Langley January 28, 2026
Researchers at Dr.Web have identified a new Android click-fraud trojan using TensorFlow.js for more advanced ad interactions, bypassing conventional script tactics.
FortiGate Firewalls Fall Victim to Security Breaches Despite Patches
Application Security
FortiGate Firewalls Fall Victim to Security Breaches Despite Patches
Gabby Lee January 28, 2026
Attackers are intruding into FortiGate firewalls by manipulating configurations and bypassing single sign-on protections. Administrators report persistent security issues, even after applying the latest security ...
SmarterMail Vulnerability Exploited to Reset Admin Passwords
Application Security
SmarterMail Vulnerability Exploited to Reset Admin Passwords
Andrew Doyle January 28, 2026
Attackers exploit a serious vulnerability (CVE-2026-23760) in SmarterMail, allowing malicious actors to bypass authentication and reset admin passwords.
Cybercriminals Exploit Microsoft SharePoint to Target Energy Sector
Application Security
Cybercriminals Exploit Microsoft SharePoint to Target Energy Sector
Andrew Doyle January 28, 2026
Microsoft SharePoint services are being manipulated by attackers targeting energy-sector companies. Harvesting credentials paves the way for control of corporate emails, after which phishing emails ...
Microsoft Enhances Teams With Fraud Protection Calling Safeguards in Focus
Application Security
Microsoft Enhances Teams With Fraud Protection: Calling Safeguards in Focus
Mitchell Langley January 28, 2026
Microsoft is rolling out new fraud protection features for Teams to combat external caller impersonation risks. Aimed at preventing social engineering attacks, these features will ...
New Advances in Page Cache Exploitation by Austrian Researchers
Cybersecurity
New Advances in Page Cache Exploitation by Austrian Researchers
Gabby Lee January 28, 2026
Researchers at Austria's Graz University have enhanced Linux page cache attack methods, significantly increasing execution speed. This revives concerns about the vulnerability, impacting Linux-based systems ...
NoName057(16) Splinter Cells: Europe’s Volunteer DDoS Threat
Threat Actors
NoName057(16) Splinter Cells: Europe’s Volunteer DDoS Threat
Andrew Doyle January 22, 2026
Decentralized pro-Russian hacktivist cells execute targeted DDoS campaigns across Europe, leveraging volunteer botnets and pre-announced attacks to disrupt governments, banks, and public services, aligning with ...
CVE Vulnerability Alert! CVE-2025-14765 & CVE-2025-14766 – Microsoft Edge Remote Code Execution
CVE Vulnerability Alerts
CVE-2025-14765 & CVE-2025-14766 – Microsoft Edge Remote Code Execution
Mitchell Langley January 22, 2026
CVE-2025-64671 enables remote code execution in GitHub Copilot for JetBrains through cross prompt injection, allowing attackers to manipulate AI-generated instructions within developer environments.
VMware Carbon Black Review Advanced Endpoint Detection and Response
Product Reviews
VMware Carbon Black Review: Advanced Endpoint Detection and Response
Gabby Lee January 22, 2026
VMware Carbon Black is an enterprise-class security platform designed to deliver continuous visibility, behavioral analytics, and real-time detection and response ...
Threat Actors Exploit Misconfigured Security Training Apps for Cloud Breaches
Cybersecurity
Threat Actors Exploit Misconfigured Security Training Apps for Cloud Breaches
Mitchell Langley January 22, 2026
Misconfigured security training apps are increasingly targeted by threat actors, leading to cloud breaches in major organizations. As training apps are widely used, this new ...
aiFWall Launches to Elevate AI Protection in Cyber Security
Application Security
aiFWall Launches to Elevate AI Protection in Cyber Security
Andrew Doyle January 22, 2026
aiFWall, a company that has recently come out of stealth mode, has introduced a groundbreaking AI-powered firewall technology. Designed specifically to enhance the protection of ...
Microsoft Recommends Fix for Outlook Freezing Post-Windows Updates
Application Security
Microsoft Recommends Fix for Outlook Freezing Post-Windows Updates
Gabby Lee January 22, 2026
After the recent Windows security updates, Outlook users have reported system freezes. Microsoft has now offered a workaround to mitigate this impact, allowing users to ...
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms
October 24, 2025
Podcasts
AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces
October 24, 2025
Podcasts
Jewett-Cameron Reports Ransomware Breach Involving Encryption and Data Theft
October 23, 2025

Cyber Security News

Android Malware Incident Hugging Face Repository Misuse
Cybersecurity
Android Malware Incident: Hugging Face Repository Misuse
February 4, 2026
Chrome Extensions Prove Malicious with Data Hijacking Tricks
Application Security
Chrome Extensions Prove Malicious with Data Hijacking Tricks
February 4, 2026
White House Revokes Software Security Rules But Keeps Key Resources
Cybersecurity
White House Revokes Software Security Rules But Keeps Key Resources
February 4, 2026
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Application Security
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
February 4, 2026
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Cybersecurity
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
February 4, 2026
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Cybersecurity
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
February 4, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Malicious VSCode Extensions Infiltrate Marketplace
January 28, 2026
Two rogue extensions in Microsoft's Visual Studio Code (VSCode) Marketplace have been identified, accumulating 1.5 million installations. These extensions are designed to exfiltrate sensitive developer ...
New CISA Alert: Active Exploitation of Critical Vulnerabilities in Enterprise Tools
January 28, 2026
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert about the active exploitation of vulnerabilities in software from Versa, Zimbra, the Vite frontend ...
Venezuelan Nationals Convicted in ATM Jackpotting Scheme to Face Deportation
January 28, 2026
Two Venezuelan nationals convicted for an ATM jackpotting scheme will be deported after serving prison sentences. The scheme involved sophisticated cyber tactics to exploit ATM ...
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
January 28, 2026
ShinyHunters has taken credit for a phishing operation targeting Okta's platform, reportedly compromising Crunchbase and Betterment systems. This breach has potentially far-reaching consequences for security ...
Popular Curl Project Discontinues Bug Bounty Program due to Poor Quality Reports
January 28, 2026
Curl is terminating its bug bounty on HackerOne due to the burden of AI-generated reports. The increase in low-quality submissions has made managing the program ...
Click-Fraud Trojan Uses Machine Learning to Evade Detection
January 28, 2026
Researchers at Dr.Web have identified a new Android click-fraud trojan using TensorFlow.js for more advanced ad interactions, bypassing conventional script tactics.
FortiGate Firewalls Fall Victim to Security Breaches Despite Patches
January 28, 2026
Attackers are intruding into FortiGate firewalls by manipulating configurations and bypassing single sign-on protections. Administrators report persistent security issues, even after applying the latest security ...
SmarterMail Vulnerability Exploited to Reset Admin Passwords
January 28, 2026
Attackers exploit a serious vulnerability (CVE-2026-23760) in SmarterMail, allowing malicious actors to bypass authentication and reset admin passwords.
Cybercriminals Exploit Microsoft SharePoint to Target Energy Sector
January 28, 2026
Microsoft SharePoint services are being manipulated by attackers targeting energy-sector companies. Harvesting credentials paves the way for control of corporate emails, after which phishing emails ...
Microsoft Enhances Teams With Fraud Protection: Calling Safeguards in Focus
January 28, 2026
Microsoft is rolling out new fraud protection features for Teams to combat external caller impersonation risks. Aimed at preventing social engineering attacks, these features will ...
New Advances in Page Cache Exploitation by Austrian Researchers
January 28, 2026
Researchers at Austria's Graz University have enhanced Linux page cache attack methods, significantly increasing execution speed. This revives concerns about the vulnerability, impacting Linux-based systems ...
NoName057(16) Splinter Cells: Europe’s Volunteer DDoS Threat
January 22, 2026
Decentralized pro-Russian hacktivist cells execute targeted DDoS campaigns across Europe, leveraging volunteer botnets and pre-announced attacks to disrupt governments, banks, and public services, aligning with ...
CVE-2025-14765 & CVE-2025-14766 – Microsoft Edge Remote Code Execution
January 22, 2026
CVE-2025-64671 enables remote code execution in GitHub Copilot for JetBrains through cross prompt injection, allowing attackers to manipulate AI-generated instructions within developer environments.
VMware Carbon Black Review: Advanced Endpoint Detection and Response
January 22, 2026
VMware Carbon Black is an enterprise-class security platform designed to deliver continuous visibility, behavioral analytics, and real-time detection and response across large fleets of endpoints. ...
Threat Actors Exploit Misconfigured Security Training Apps for Cloud Breaches
January 22, 2026
Misconfigured security training apps are increasingly targeted by threat actors, leading to cloud breaches in major organizations. As training apps are widely used, this new ...
aiFWall Launches to Elevate AI Protection in Cyber Security
January 22, 2026
aiFWall, a company that has recently come out of stealth mode, has introduced a groundbreaking AI-powered firewall technology. Designed specifically to enhance the protection of ...
Microsoft Recommends Fix for Outlook Freezing Post-Windows Updates
January 22, 2026
After the recent Windows security updates, Outlook users have reported system freezes. Microsoft has now offered a workaround to mitigate this impact, allowing users to ...
Cloudflare Addresses ACME Validation Flaw Exposing Origin Servers
January 22, 2026
Cloudflare patched a vulnerability in its ACME validation mechanism. The issue involved handling requests to the "/.well-known/acme-challenge/" directory, posing security risks.
CyberNut Secures $5 Million Funding to Enhance K-12 Security Awareness
January 22, 2026
CyberNut has secured $5 million in growth capital, building upon the initial $800k pre-seed funding. This investment is aimed at advancing its cybersecurity platform's capabilities, ...
Contagious Interview Campaign Targets Multiple Sectors Worldwide
January 22, 2026
The Contagious Interview cyber campaign targets multiple sectors worldwide, impacting IP addresses and organizations in AI, finance, and other industries.
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited