Main Menu
Cyber Security
Docker Engine Vulnerability CVE-2026-34040 Allows Attackers to Bypass Authorization
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
Anthropic’s Claude Mythos Could Protect Critical Software — or Power the Next Wave of Cyberattacks
Trent AI Emerges From Stealth With $13 Million in Funding
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Automated Pentesting Tools Fall Short Past the “PoC Cliff”
Critical Flowise Vulnerability Puts Systems at Risk of Code Execution
Exchange Online Mailbox Access Issues Impact Outlook Users
Shadow AI and Zero-Click Exploits Are Reshaping Mobile Security Threats
Third-Party Vendors Are the New Breach Vector Organizations Should Fear
Critical ShareFile Flaws Open the Door to Unauthenticated RCE
Strapi CMS Plugins Face Exploitation by Malicious npm Packages
Analysis Reveals .cmd Malware Escalating Privileges and Bypassing Antivirus
Fortinet Acts Quickly on Zero-Day Vulnerability Impacting FortiClient EMS Users
North Korean Cyber Operatives Drain $285 Million from Drift Exchange
Axios HTTP Client Developer Targeted in North Korean Social Engineering Campaign
Free Android VPNs Are Quietly Working Against You
Residential Proxies Are Breaking IP Reputation Systems for Malware Traffic
Drift Protocol Hit by Calculated Attack Resulting in $280 Million Loss
Apple Rolls Out DarkSword Exploit Protection to More Devices
Critical Vulnerability in Claude Code Surfaces Days After Source Code Leak
Cybercriminals Exploit Empty Properties for Postal Fraud
Cisco Releases Patches for Critical and High-Severity Vulnerabilities
Stryker Corporation Restores Operations After Cyberattack
Cybersecurity M&A Activity Surges With 38 Deals Closing in March 2026
Anthropic Confirms Internal Claude Code Leak Was Caused by Human Error
Microsoft Releases Emergency Fix for KB5079391 Update Installation Failures
Google Rolls Out Gmail Address Change and Alias Feature in the U.S.
Proton Launches Meet as a Privacy-First Alternative to Google Meet and Zoom
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Cybersecurity
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Mitchell Langley March 25, 2026
Microsoft addresses issues affecting Gmail and Yahoo email synchronization for classic Outlook users.
Gartner Publishes Its First Market Guide for Guardian Agents
Cybersecurity
Gartner Publishes Its First Market Guide for Guardian Agents
Gabby Lee March 25, 2026
Gartner's first Market Guide for Guardian Agents, released on February 25, 2026, outlines expectations for this nascent field.
TeamPCP Strikes Again, This Time Targeting the Python Package litellm
News
TeamPCP Strikes Again, This Time Targeting the Python Package litellm
Andrew Doyle March 25, 2026
Malicious versions of Python package litellm contain a credential harvester and persistent backdoor planted by the threat actor TeamPCP.
Software Supply Chains Are the New Frontline for Cyber Risk
Cybersecurity
Software Supply Chains Are the New Frontline for Cyber Risk
Gabby Lee March 19, 2026
Explore how perimeter security isn't enough to protect against threats in software supply chains.
Sam Altman's Eyeball-Scanning Orb Takes on a New Role in AI Integration
Cybersecurity
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Gabby Lee March 18, 2026
Sam Altman integrates agentic AI with his eyeball-scanning orb, enhancing its applications in cryptography and bot identification.
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
Cybersecurity
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
Andrew Doyle March 18, 2026
UK Companies House vulnerability exposed millions of firm details, potentially allowing unauthorized access and record alteration.
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
Cybersecurity
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
Mitchell Langley March 18, 2026
Researchers expose a method leveraging DNS queries for data exfiltration from AI code execution environments.
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Cybersecurity
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Mitchell Langley March 18, 2026
The EU Council has sanctioned three entities and two individuals involved in cyberattacks on critical infrastructure within the region.
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Cybersecurity
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Gabby Lee March 18, 2026
How identity-based access control for AI agents helps safeguard against misuse and data exposure.
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Application Security
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Andrew Doyle March 18, 2026
A font-rendering vulnerability manipulates AI assistants by concealing malicious web commands in innocent HTML.
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
Cybersecurity
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
Gabby Lee March 18, 2026
Surf AI secures $57M in funding for its security operations platform.
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
News
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Andrew Doyle March 18, 2026
LeakNet ransomware integrates ClickFix for access, shifting from traditional entry strategies.
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Cybersecurity
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Mitchell Langley March 18, 2026
The RondoDox botnet targets 174 vulnerabilities, increasing activity to 15,000 exploitation attempts daily.
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Cybersecurity
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Gabby Lee March 18, 2026
Major tech and retail organizations have banded together to address online scams and fraud, establishing a first-of-its-kind industry accord designed ...
Tech Giants Invest $12.5 Million in Open Source Software Security
Cybersecurity
Tech Giants Invest $12.5 Million in Open Source Software Security
Andrew Doyle March 18, 2026
Major tech firms contribute $12.5 million to enhance open source software security.
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Application Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Andrew Doyle March 17, 2026
Attack leverages stolen GitHub tokens to introduce malware into numerous Python repositories.
Stryker's Internal Microsoft Environment Was Breached Last Week
Cybersecurity
Stryker’s Internal Microsoft Environment Was Breached Last Week
Gabby Lee March 17, 2026
Stryker's internal Microsoft environment breach led to the remote wiping of tens of thousands of employee devices last week.
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
News
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
Mitchell Langley March 17, 2026
Royal Bahrain Hospital reportedly targeted by Payload ransomware, with 110 GB of sensitive data allegedly stolen.
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
Cybersecurity
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
Andrew Doyle March 17, 2026
Russian-linked threat actors deploy DRILLAPP backdoor campaign in Ukraine.
Phishing Attack Hits Intuitive's Internal IT Business Systems
News
Phishing Attack Hits Intuitive’s Internal IT Business Systems
Mitchell Langley March 17, 2026
Intuitive's internal systems hit by phishing attack; patient operations remain unaffected.
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Cybersecurity
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Gabby Lee April 8, 2026
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Cybersecurity
Telehealth Company Hims & Hers Health Discloses Data Breach Involving Support Tickets
Gabby Lee April 8, 2026
Qilin Ransomware Group Targets German Political Party Die Linke
News
Qilin Ransomware Group Targets German Political Party Die Linke
Mitchell Langley April 7, 2026
DeepLoad Malware Poses a Multifaceted Threat with Credential Theft and Extension Installation
News
DeepLoad Malware Poses a Multifaceted Threat with Credential Theft and Extension Installation
Andrew Doyle April 2, 2026

TOP CYBERSECURITY HEADLINES

Chinese Threat Actors Exploit TrueConf Zero-Day to Breach Asian Governments
News
Chinese Threat Actors Exploit TrueConf Zero-Day to Breach Asian Governments
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
CVE Vulnerability Alerts
Docker Engine Vulnerability CVE-2026-34040 Allows Attackers to Bypass Authorization
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
Cybersecurity
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
Cybersecurity
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign

This Week’s Security Spotlight

Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Cybersecurity
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Mitchell Langley April 8, 2026
Bogus Traffic Violation Text Scam Targeting Americans
News
Bogus Traffic Violation Text Scam Targeting Americans
Andrew Doyle April 7, 2026
Apple Rolls Out DarkSword Exploit Protection to More Devices
Cybersecurity
Apple Rolls Out DarkSword Exploit Protection to More Devices
Mitchell Langley April 3, 2026
Critical Vulnerability in Claude Code Surfaces Days After Source Code Leak
Application Security
Critical Vulnerability in Claude Code Surfaces Days After Source Code Leak
Gabby Lee April 3, 2026
More In News
Trending
New Phishing Techniques Threaten TikTok Business Account Security
Cryptocurrency Threats via Phishing Campaign Targeting French-Speaking Corporations
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Phishing Attack Hits Intuitive’s Internal IT Business Systems

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms
October 24, 2025
Podcasts
AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces
October 24, 2025
Podcasts
Jewett-Cameron Reports Ransomware Breach Involving Encryption and Data Theft
October 23, 2025

Cyber Security News

Critical Vulnerability in Claude Code Surfaces Days After Source Code Leak
Application Security
Critical Vulnerability in Claude Code Surfaces Days After Source Code Leak
April 3, 2026
Cybercriminals Exploit Empty Properties for Postal Fraud
Cybersecurity
Cybercriminals Exploit Empty Properties for Postal Fraud
April 3, 2026
Cisco Releases Patches for Critical and High-Severity Vulnerabilities
Cybersecurity
Cisco Releases Patches for Critical and High-Severity Vulnerabilities
April 3, 2026
Stryker Corporation Restores Operations After Cyberattack
Cybersecurity
Stryker Corporation Restores Operations After Cyberattack
April 3, 2026
Cybersecurity M&A Activity Surges With 38 Deals Closing in March 2026
Cybersecurity
Cybersecurity M&A Activity Surges With 38 Deals Closing in March 2026
April 3, 2026
Anthropic Confirms Internal Claude Code Leak Was Caused by Human Error
Cybersecurity
Anthropic Confirms Internal Claude Code Leak Was Caused by Human Error
April 2, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Software Supply Chains Are the New Frontline for Cyber Risk
March 19, 2026
Explore how perimeter security isn't enough to protect against threats in software supply chains.
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
March 18, 2026
Sam Altman integrates agentic AI with his eyeball-scanning orb, enhancing its applications in cryptography and bot identification.
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
March 18, 2026
UK Companies House vulnerability exposed millions of firm details, potentially allowing unauthorized access and record alteration.
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
March 18, 2026
Researchers expose a method leveraging DNS queries for data exfiltration from AI code execution environments.
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
March 18, 2026
The EU Council has sanctioned three entities and two individuals involved in cyberattacks on critical infrastructure within the region.
Identity-Based Access Control for AI Agents Is Now a Security Necessity
March 18, 2026
How identity-based access control for AI agents helps safeguard against misuse and data exposure.
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
March 18, 2026
A font-rendering vulnerability manipulates AI assistants by concealing malicious web commands in innocent HTML.
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
March 18, 2026
Surf AI secures $57M in funding for its security operations platform.
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
March 18, 2026
LeakNet ransomware integrates ClickFix for access, shifting from traditional entry strategies.
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
March 18, 2026
The RondoDox botnet targets 174 vulnerabilities, increasing activity to 15,000 exploitation attempts daily.
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
March 18, 2026
Major tech and retail organizations have banded together to address online scams and fraud, establishing a first-of-its-kind industry accord designed ...
Tech Giants Invest $12.5 Million in Open Source Software Security
March 18, 2026
Major tech firms contribute $12.5 million to enhance open source software security.
Ongoing Python Package Attack Uses Stolen GitHub Tokens
March 17, 2026
Attack leverages stolen GitHub tokens to introduce malware into numerous Python repositories.
Stryker’s Internal Microsoft Environment Was Breached Last Week
March 17, 2026
Stryker's internal Microsoft environment breach led to the remote wiping of tens of thousands of employee devices last week.
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
March 17, 2026
Royal Bahrain Hospital reportedly targeted by Payload ransomware, with 110 GB of sensitive data allegedly stolen.
Phishing Attack Hits Intuitive’s Internal IT Business Systems
March 17, 2026
Intuitive's internal systems hit by phishing attack; patient operations remain unaffected.
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
March 17, 2026
Russian-linked threat actors deploy DRILLAPP backdoor campaign in Ukraine.
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
March 17, 2026
Explore how new malware strains are targeting users with advanced methods and reverse engineering insights.
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
March 17, 2026
Companies House fixes a security flaw in WebFiling, protecting UK companies' data.
How AI Is Making Financial Fraud 4.5 Times More Profitable
March 17, 2026
Financial fraud schemes using AI boost profitability by 4.5 times, Interpol reports.
Chinese Threat Actors Exploit TrueConf Zero-Day to Breach Asian Governments
Docker Engine Vulnerability CVE-2026-34040 Allows Attackers to Bypass Authorization
Iranian Hackers Target U.S. Critical Infrastructure via Rockwell PLCs
Russia-linked APT28 Exploits Routers in Wide-ranging Espionage Campaign
Anthropic’s Claude Mythos Could Protect Critical Software — or Power the Next Wave of Cyberattacks
Trent AI Emerges From Stealth With $13 Million in Funding
Android Security Update Patches Severe StrongBox and Framework Vulnerabilities
Automated Pentesting Tools Fall Short Past the “PoC Cliff”
Critical Flowise Vulnerability Puts Systems at Risk of Code Execution
Exchange Online Mailbox Access Issues Impact Outlook Users
Shadow AI and Zero-Click Exploits Are Reshaping Mobile Security Threats
Third-Party Vendors Are the New Breach Vector Organizations Should Fear
Critical ShareFile Flaws Open the Door to Unauthenticated RCE
Strapi CMS Plugins Face Exploitation by Malicious npm Packages
Bogus Traffic Violation Text Scam Targeting Americans
Qilin Ransomware Group Targets German Political Party Die Linke
Analysis Reveals .cmd Malware Escalating Privileges and Bypassing Antivirus
Fortinet Acts Quickly on Zero-Day Vulnerability Impacting FortiClient EMS Users
North Korean Cyber Operatives Drain $285 Million from Drift Exchange
Axios HTTP Client Developer Targeted in North Korean Social Engineering Campaign