Cyber Security
News
Headero App Data Leak Exposes Over Four Million Sensitive User Records, Including GPS and Sexual Preferences
A misconfigured database tied to the Headero dating app exposed over four million sensitive user records, including GPS coordinates, explicit chat logs, and STD statuses. ...
News
Mental Health Provider Mount Rogers Targeted by INC Ransom, Internal Documents and Personal Details Leaked
Ransomware group INC Ransom breached Mount Rogers Community Services, leaking internal files, personal emails, and invoices from the mental health provider's systems.
News
Erie Insurance Cyberattack Causes System-Wide Disruptions and Portal Outages
Erie Insurance confirms a cyberattack as the source of major service disruptions since June 7, affecting customer access, claims processing, and business operations.
News
Texas Dept. of Transportation Breach Exposes 300,000 Crash Records in May 2025
TxDOT suffered a breach on May 12, 2025, leaking 300,000 crash reports. Stolen data includes driver’s license numbers, insurance info, and crash details.
Endpoint Security
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
Ivanti patched three high-severity vulnerabilities in Workspace Control caused by hardcoded cryptographic keys, which exposed SQL and environment credentials to local authenticated attackers.
News
Mirai Botnet Exploits Wazuh Servers via Remote Code Execution Vulnerability
A critical RCE flaw in Wazuh servers is being exploited by Mirai botnet variants, allowing attackers to execute Python code through malicious API requests.
News
FIN6 Hackers Target Recruiters with Fake Job Seekers and Malware-Loaded Resumes
FIN6 hackers are impersonating job seekers to infiltrate recruiter systems, delivering the More_Eggs malware via AWS-hosted resume sites and phishing tactics on LinkedIn and Indeed. ...
News
4,000+ Fake Sites Used in Scam Marketplace Ads on Facebook to Impersonate Top Retail Brands
A scam network using over 4,000 fake websites is impersonating Amazon, Birkenstock, and more, pushing fraudulent Facebook Marketplace ads and stealing user data.
News
Bert Ransomware Group Claims Data Theft from Global Port Agency S5
Ransomware gang Bert claims to have stolen 140GB of sensitive data from S5 Agency World, a maritime logistics firm with operations in 360+ ports globally. ...
Ransomware
INC Ransomware: Master of Double Extortion
INC Ransomware is a sophisticated and relatively new cybercriminal group known for its targeted ransomware attacks against corporate and organizational networks. They exhibit a high ...
News
Ticketmaster Data from Snowflake Attack Appears Briefly on Arkana Security Extortion Site
Old Ticketmaster data stolen in the 2024 Snowflake attack was briefly relisted for sale by Arkana Security, sparking confusion over a possible new breach.
News
Ransomware Attack on Sensata Technologies Leads to Data Breach Impacting Employee Information
Sensata Technologies confirms employee data was stolen in a ransomware breach that impacted operations and exposed sensitive personal and financial details from current and former ...
News
United Natural Foods Cyberattack Disrupts Operations Across North America
United Natural Foods, a key supplier to Whole Foods, suffered a cyberattack that disrupted customer orders and forced systems offline as investigations and recovery efforts ...
News
Over 84,000 Roundcube Webmail Servers Exposed to Actively Exploited Remote Code Flaw
Over 84,000 Roundcube webmail servers remain exposed to a critical RCE flaw (CVE-2025-49113) despite a June 2025 patch fixing the vulnerability.
News
SentinelOne Targeted in Sophisticated China-Linked Supply Chain Attack Attempt
Chinese threat actors linked to APT15 and APT41 attempted to compromise SentinelOne through a third-party logistics provider using ShadowPad and GOREshell malware in a global ...
News
Hacker Claims Massive Claro, Movistar Data Breach — Companies Dispute Authenticity
A hacker claims to sell data from Claro and Movistar, affecting over 35 million users, but telecom companies dispute the breach or question its legitimacy. ...
News
The North Face Confirms Credential Stuffing Attack, Customer Accounts Exposed
The North Face warns customers of a credential stuffing attack in April that compromised account information but left payment card data untouched, thanks to tokenized ...
News
Cyprus Airways Data Breach: Hackers Claim Access to Real-Time Systems and Passenger Records
Hackers claim to have breached Cyprus Airways, stealing 41GB of passenger and staff data and maintaining real-time access to flight systems and travel information.
News
Gunra Ransomware Group Claims Massive Breach at American Hospital Dubai
Gunra ransomware claims to have stolen 450 million records from American Hospital Dubai, threatening to leak the data if ransom demands are not met by ...
News
Cartier Cyberattack Exposes Customer Data as Retail Sector Faces Ongoing Threats
Cartier confirms a cyberattack exposed customer data as cyber threats rise across the retail sector, affecting brands like Marks & Spencer, Victoria’s Secret, and Harrods. ...
Ransomware
INC Ransomware: Master of Double Extortion
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
Nucor, North America’s largest steel producer, has confirmed data theft following a cybersecurity breach that temporarily disrupted operations and forced system shutdowns.
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
Canada confirms a state-sponsored breach in its telecom sector, where Salt Typhoon exploited an unpatched Cisco vulnerability to compromise devices and reroute sensitive network traffic. ...
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
Russian state-sponsored hackers targeted a critic of the Kremlin using a novel social engineering tactic that tricked the victim into bypassing multi-factor authentication protections.
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
A massive breach has exposed 16 billion login credentials, potentially affecting services like Facebook, Google, and Apple. This fresh infostealer data opens the door to ...
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
Russian threat group APT28 is using Signal messages to deliver new malware—BeardShell and SlimAgent—targeting Ukrainian government entities through sophisticated phishing and loader tactics.
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
Anubis ransomware group claims to hold 64GB of Disneyland Paris data, including engineering plans and behind-the-scenes content, though the source and sensitivity remain unclear.
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
Oxford City Council has confirmed a cybersecurity breach involving legacy systems, exposing election worker data from 2001 to 2022 after detecting unauthorized access to its ...
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
McLaren Health Care has suffered a major data breach, exposing sensitive personal and medical data of 743,000 individuals, following a history of ransomware incidents.
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
Insurance giant Aflac has confirmed a breach involving sensitive personal and health data, part of a broader wave of attacks linked to the Scattered Spider ...
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
Taiwan-based crypto exchange BitoPro has linked the $11 million theft from its platform to the North Korean Lazarus Group, citing attack similarities and forensic evidence. ...
From Malware to Court: Qilin Ransomware’s ‘Call a Lawyer’ Tactic
In this episode, we take a deep dive into the Qilin ransomware group — now regarded as the world’s leading ransomware-as-a-service (RaaS) operation — and ...
Zero-Click, Zero-Warning: The FreeType Flaw Behind a Spyware Surge
In this episode, we dive deep into the story behind CVE-2025-27363, a critical zero-click vulnerability in the widely used FreeType font rendering library. Initially discovered ...
The Insurance Industry Under Fire: Anatomy of the Aflac Cyber Incident
In this episode, we take a deep dive into the June 2025 cyberattack on Aflac, one of the latest strikes in a growing wave of ...
The Nucor Cyberattack: How Ransomware Threatens American Steel
In May 2025, a ransomware attack forced Nucor — one of America’s largest steel producers — to halt its metal production operations. This wasn’t just ...
Inside the $225M Crypto Seizure: How Law Enforcement Traced Illicit Funds Across Borders
A staggering $225 million in illicit cryptocurrency was recently seized by U.S. authorities in what has become the largest digital asset recovery in Secret Service ...
Inside CVE-2025-23121: Veeam RCE Flaw Opens Door to Ransomware
Ransomware groups are no longer just encrypting data — they’re going straight for the backups. And if those backups aren’t properly protected, recovery becomes impossible, ...
Fasana’s Collapse: How One Ransomware Attack Crippled a German Manufacturer
Ransomware just bankrupted a 100-year-old manufacturer—and the world should take notice. In this episode, we dissect the cyberattack that brought down Fasana, a German paper ...
Inside the 16 Billion Credential Leak: The Infostealer Engine Behind the Biggest Breach Yet
In this episode, we break down the true scale and mechanics behind the largest credential leak ever recorded—over 16 billion login credentials, most of them ...
Over 1,500 Minecraft Users Infected in Stargazers Ghost Malware Campaign
A malware distribution network hiding in plain sight — on GitHub. This episode unpacks the Stargazers Ghost Network, a massive Distribution-as-a-Service (DaaS) infrastructure run by ...
Oxford City Council Breach Exposes 21 Years of Data
State and local governments are under cyber siege. In this episode, we break down how and why these public institutions have become top targets for ...