Main Menu
Cyber Security
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Massachusetts Hospital Faces Service Interruptions Amid Cyberattack
FleetWave Users Left Without Service After Chevin Takes Platform Offline
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
Covert PDF Exploitation: Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Microsoft’s Communication Breakdown Leaves Developers Locked Out Without Warning
Google Enhances Chrome Security with Device Bound Session Credentials
New Bypass Technique Bypasses Apple’s AI Safeguards
ChipSoft’s Website Goes Offline After Ransomware Attack While Email Stays Operational
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat
Docker Engine Vulnerability CVE-2026-34040 Allows Attackers to Bypass Authorization
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
Anthropic’s Claude Mythos Could Protect Critical Software — or Power the Next Wave of Cyberattacks
Trent AI Emerges From Stealth With $13 Million in Funding
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Automated Pentesting Tools Fall Short Past the “PoC Cliff”
Critical Flowise Vulnerability Puts Systems at Risk of Code Execution
Exchange Online Mailbox Access Issues Impact Outlook Users
Shadow AI and Zero-Click Exploits Are Reshaping Mobile Security Threats
Third-Party Vendors Are the New Breach Vector Organizations Should Fear
Critical ShareFile Flaws Open the Door to Unauthenticated RCE
European Commission Responds to Cloud Infrastructure Cyberattack
Cybersecurity
European Commission Responds to Cloud Infrastructure Cyberattack
Andrew Doyle March 31, 2026
The European Commission contained a cyberattack affecting its cloud infrastructure, ensuring no internal network disruption to Europa.eu websites.
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
Application Security
Smart Slider 3 Plugin Flaw Lets Subscriber-Level Users Access Server Files
Mitchell Langley March 31, 2026
Security flaw in Smart Slider 3 WordPress plugin risks unauthorized file access across more than 800,000 websites.
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
Cybersecurity
Apple Alerts Users to Update Outdated iPhones and iPads Due to Active Web-Based Threats
Gabby Lee March 31, 2026
Apple is urging iOS and iPadOS users to update their devices immediately due to active web-based security threats.
CareCloud Responds to a Potential Data Security Breach
Cybersecurity
CareCloud Responds to a Potential Data Security Breach
Andrew Doyle March 31, 2026
CareCloud investigates potential data breach in its electronic health record system, raising cybersecurity concerns.
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
Cybersecurity
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
Mitchell Langley March 31, 2026
Cybercrime group associated with Trivy attack uploads malicious Telnyx packages to PyPI aiming to deploy credential-stealing malware.
Hackers Exploit a Critical Citrix Vulnerability to Steal Sensitive Data
CVE Vulnerability Alerts
Hackers Exploit a Critical Citrix Vulnerability to Steal Sensitive Data
Mitchell Langley March 31, 2026
Critical Citrix vulnerability CVE-2026-3055 is targeted by attackers to steal data.
A Hidden Flaw in OpenAI ChatGPT Turns Conversations Into Data Leaks
Cybersecurity
A Hidden Flaw in OpenAI ChatGPT Turns Conversations Into Data Leaks
Gabby Lee March 31, 2026
New vulnerability in OpenAI ChatGPT allows secret data leaks.
Researchers Uncover a New Malware Loader Targeting Credentials Through ClickFix
Cybersecurity
Researchers Uncover a New Malware Loader Targeting Credentials Through ClickFix
Andrew Doyle March 31, 2026
DeepLoad, a new malware loader, exploits the ClickFix tactic with AI-assisted obfuscation.
Huskeys Steps Out of Stealth With $8 Million in Funding and a New Edge Security Platform
Cybersecurity
Huskeys Steps Out of Stealth With $8 Million in Funding and a New Edge Security Platform
Mitchell Langley March 31, 2026
Huskeys announces its $8M funding and an AI-driven edge security management platform built to secure the full edge security stack.
Apple Blocks Dangerous Terminal Commands in macOS Tahoe 26.4
Application Security
Apple Blocks Dangerous Terminal Commands in macOS Tahoe 26.4
Gabby Lee March 31, 2026
Apple adds a security feature in macOS Tahoe 26.4 to block harmful Terminal commands, alerting users to potential risks before execution.
Zero-Click Flaw in Telegram Raises Security Alarms Despite Company Denial
Cybersecurity
Zero-Click Flaw in Telegram Raises Security Alarms Despite Company Denial
Andrew Doyle March 31, 2026
Discover the high-severity Telegram flaw enabling zero-click remote code execution.
Firefox 149 Launches with a Built-In VPN for Better Privacy
Application Security
Firefox 149 Launches with a Built-In VPN for Better Privacy
Andrew Doyle March 25, 2026
Mozilla introduces Firefox 149 with an integrated VPN offering 50GB monthly traffic to bolster online privacy.
FCC Adds Consumer Routers to Covered List Amid Security Concerns
Cybersecurity
FCC Adds Consumer Routers to Covered List Amid Security Concerns
Andrew Doyle March 25, 2026
The FCC bans the sale of foreign-made consumer routers in the United States, citing security concerns.
DOE Rolls Out Project Armor to Fortify Critical Energy Infrastructure
Cybersecurity
DOE Rolls Out Project Armor to Fortify Critical Energy Infrastructure
Andrew Doyle March 25, 2026
Department of Energy unveils a strategic plan to boost the resilience of US critical energy infrastructure over the next five years.
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Cybersecurity
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Mitchell Langley March 25, 2026
A new malvertising campaign abuses Google Ads, targeting U.S. users searching tax-related documents to serve malware-laden installers.
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Cybersecurity
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Mitchell Langley March 25, 2026
A cyberattack breached some systems of the Dutch Ministry of Finance, uncovering a data breach affecting certain employees.
Open Source Projects Face a Rising Tide of Malware Infections
Cybersecurity
Open Source Projects Face a Rising Tide of Malware Infections
Gabby Lee March 25, 2026
Growing malware infection due to open source project vulnerabilities.
Major Announcements from RSAC 2026 What Day 1 Revealed
Cybersecurity
Major Announcements from RSAC 2026: What Day 1 Revealed
Andrew Doyle March 25, 2026
A detailed rundown of key cybersecurity innovations revealed on the first day of RSAC 2026.
QualDerm Partners Data Breach Hits Over 3.1 Million People
Cybersecurity
QualDerm Partners Data Breach Hits Over 3.1 Million People
Gabby Lee March 25, 2026
December 2025 breach at QualDerm Partners exposes personal and health data of over 3.1 million individuals.
Cryptocurrency Threats via Phishing Campaign Targeting French-Speaking Corporations
News
Cryptocurrency Threats via Phishing Campaign Targeting French-Speaking Corporations
Andrew Doyle March 25, 2026
French-speaking companies face phishing scams hiding crypto miners and data thieves in fake resumes.
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Cybersecurity
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Mitchell Langley April 10, 2026
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Cybersecurity
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Gabby Lee April 10, 2026
Chaos Malware Expands Its Reach to Cloud Deployments
Cybersecurity
Chaos Malware Expands Its Reach to Cloud Deployments
Gabby Lee April 10, 2026
Qilin Ransomware Group Targets German Political Party Die Linke
News
Qilin Ransomware Group Targets German Political Party Die Linke
Mitchell Langley April 7, 2026

TOP CYBERSECURITY HEADLINES

Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
Cybersecurity
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Application Security
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
Cybersecurity
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Cybersecurity
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking

This Week’s Security Spotlight

New Bypass Technique Bypasses Apple's AI Safeguards
Application Security
New Bypass Technique Bypasses Apple’s AI Safeguards
Gabby Lee April 10, 2026
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Cybersecurity
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Mitchell Langley April 8, 2026
Bogus Traffic Violation Text Scam Targeting Americans
News
Bogus Traffic Violation Text Scam Targeting Americans
Andrew Doyle April 7, 2026
Apple Rolls Out DarkSword Exploit Protection to More Devices
Cybersecurity
Apple Rolls Out DarkSword Exploit Protection to More Devices
Mitchell Langley April 3, 2026
More In News
Trending
Bogus Traffic Violation Text Scam Targeting Americans
EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts
Ukrainian CERT Impersonated in Phishing Campaign Distributing AGEWHEEZE
New Phishing Techniques Threaten TikTok Business Account Security

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms
October 24, 2025
Podcasts
AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces
October 24, 2025
Podcasts
Jewett-Cameron Reports Ransomware Breach Involving Encryption and Data Theft
October 23, 2025

Cyber Security News

Anthropic's Claude Mythos Could Protect Critical Software — or Power the Next Wave of Cyberattacks
Cybersecurity
Anthropic’s Claude Mythos Could Protect Critical Software — or Power the Next Wave of Cyberattacks
April 8, 2026
Trent AI Emerges From Stealth With $13 Million in Funding
Cybersecurity
Trent AI Emerges From Stealth With $13 Million in Funding
April 8, 2026
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Cybersecurity
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
April 8, 2026
Automated Pentesting Tools Fall Short Past the PoC Cliff
Cybersecurity
Automated Pentesting Tools Fall Short Past the “PoC Cliff”
April 8, 2026
Critical Flowise Vulnerability Puts Systems at Risk of Code Execution
Cybersecurity
Critical Flowise Vulnerability Puts Systems at Risk of Code Execution
April 8, 2026
Exchange Online Mailbox Access Issues Impact Outlook Users
Application Security
Exchange Online Mailbox Access Issues Impact Outlook Users
April 7, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
CareCloud Responds to a Potential Data Security Breach
March 31, 2026
CareCloud investigates potential data breach in its electronic health record system, raising cybersecurity concerns.
Cybercrime Group Targets Developers with Malicious Telnyx Package on PyPI
March 31, 2026
Cybercrime group associated with Trivy attack uploads malicious Telnyx packages to PyPI aiming to deploy credential-stealing malware.
Hackers Exploit a Critical Citrix Vulnerability to Steal Sensitive Data
March 31, 2026
Critical Citrix vulnerability CVE-2026-3055 is targeted by attackers to steal data.
A Hidden Flaw in OpenAI ChatGPT Turns Conversations Into Data Leaks
March 31, 2026
New vulnerability in OpenAI ChatGPT allows secret data leaks.
Researchers Uncover a New Malware Loader Targeting Credentials Through ClickFix
March 31, 2026
DeepLoad, a new malware loader, exploits the ClickFix tactic with AI-assisted obfuscation.
Huskeys Steps Out of Stealth With $8 Million in Funding and a New Edge Security Platform
March 31, 2026
Huskeys announces its $8M funding and an AI-driven edge security management platform built to secure the full edge security stack.
Apple Blocks Dangerous Terminal Commands in macOS Tahoe 26.4
March 31, 2026
Apple adds a security feature in macOS Tahoe 26.4 to block harmful Terminal commands, alerting users to potential risks before execution.
Zero-Click Flaw in Telegram Raises Security Alarms Despite Company Denial
March 31, 2026
Discover the high-severity Telegram flaw enabling zero-click remote code execution.
Firefox 149 Launches with a Built-In VPN for Better Privacy
March 25, 2026
Mozilla introduces Firefox 149 with an integrated VPN offering 50GB monthly traffic to bolster online privacy.
FCC Adds Consumer Routers to Covered List Amid Security Concerns
March 25, 2026
The FCC bans the sale of foreign-made consumer routers in the United States, citing security concerns.
DOE Rolls Out Project Armor to Fortify Critical Energy Infrastructure
March 25, 2026
Department of Energy unveils a strategic plan to boost the resilience of US critical energy infrastructure over the next five years.
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
March 25, 2026
A new malvertising campaign abuses Google Ads, targeting U.S. users searching tax-related documents to serve malware-laden installers.
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
March 25, 2026
A cyberattack breached some systems of the Dutch Ministry of Finance, uncovering a data breach affecting certain employees.
Open Source Projects Face a Rising Tide of Malware Infections
March 25, 2026
Growing malware infection due to open source project vulnerabilities.
Major Announcements from RSAC 2026: What Day 1 Revealed
March 25, 2026
A detailed rundown of key cybersecurity innovations revealed on the first day of RSAC 2026.
QualDerm Partners Data Breach Hits Over 3.1 Million People
March 25, 2026
December 2025 breach at QualDerm Partners exposes personal and health data of over 3.1 million individuals.
Cryptocurrency Threats via Phishing Campaign Targeting French-Speaking Corporations
March 25, 2026
French-speaking companies face phishing scams hiding crypto miners and data thieves in fake resumes.
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
March 25, 2026
Microsoft addresses issues affecting Gmail and Yahoo email synchronization for classic Outlook users.
Gartner Publishes Its First Market Guide for Guardian Agents
March 25, 2026
Gartner's first Market Guide for Guardian Agents, released on February 25, 2026, outlines expectations for this nascent field.
TeamPCP Strikes Again, This Time Targeting the Python Package litellm
March 25, 2026
Malicious versions of Python package litellm contain a credential harvester and persistent backdoor planted by the threat actor TeamPCP.
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
Critical RCE Flaw in Apache ActiveMQ Classic Went Undetected for 13 Years
A $30,000 AI GPU Still Loses to Consumer Hardware in Password Cracking
Massachusetts Hospital Faces Service Interruptions Amid Cyberattack
FleetWave Users Left Without Service After Chevin Takes Platform Offline
Authorities Crack a $45 Million Global Cryptocurrency Scam and Recover $12 Million
EngageLab SDK Vulnerability Threatens Millions of Android Cryptocurrency Wallets
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Smart Slider 3 Pro Plugin Update System Was Hijacked to Push Backdoored Versions
Covert PDF Exploitation: Hackers Use Adobe Acrobat Reader for Targeted Payload Delivery
Stolen Credentials Are Turning Authentication Systems Into Attack Surfaces
Microsoft’s Communication Breakdown Leaves Developers Locked Out Without Warning
Google Enhances Chrome Security with Device Bound Session Credentials
New Bypass Technique Bypasses Apple’s AI Safeguards
ChipSoft’s Website Goes Offline After Ransomware Attack While Email Stays Operational
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Data Theft Incidents Escalate as SaaS Integration Provider Suffers Major Breach
CrystalX RAT Emerges as a Sophisticated Malware-as-a-Service Threat