Main Menu
Cyber Security
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
WatchTowr Warns of Major Data Leaks Through Developer Tools
UK Government’s Digital ID Plans Face Scrutiny Over Cost and Savings
Bloody Wolf’s Cyber Offensive: A Deep Dive into Targeted Attacks in Central Asia
Asahi Cyberattack Exposes Extensive Data Breach: A Blow to Japan’s Brewer Giant
OpenAI Scrutinizes Vendor Relationships After Mixpanel’s Data Breach
Naver’s Cryptocurrency Exchange Acquisition Marred by Cyberattack
Ex-NCSC Chief to Investigate Premature Online Leak of Budget Forecast
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
ShadowV2 Botnet Malware Exploits IoT Vulnerabilities in D-Link and TP-Link Devices
Comcast’s $1.5 Million Settlement in Data Breach Incident with FCC
M&S Confirms Customer Data Breach Following Cyberattack
News
M&S Confirms Customer Data Breach Following Cyberattack
Mitchell Langley May 13, 2025
M&S confirms a customer data breach exposing contact details and order history after a cyberattack, but reassures no payment data or passwords were compromised.
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
News
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Mitchell Langley May 13, 2025
Broadcom patches a critical VMware Tools vulnerability that allows attackers with limited VM access to tamper with files. Affects Windows, Linux, and open-vm-tools versions.
Thousands of Node Developers Compromised by Malware in Popular npm Packages
News
Thousands of Node Developers Compromised by Malware in Popular npm Packages
Andrew Doyle May 13, 2025
A sophisticated supply chain attack on npm injected malware into widely used packages, exposing thousands of developers to remote access trojans, data theft, and backdoors. ...
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
News
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Mitchell Langley May 13, 2025
A Türkiye-linked cyberespionage group exploited a zero-day in Output Messenger, enabling access to sensitive data and communications in targeted attacks on Kurdish-aligned users.
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
News
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
Andrew Doyle May 13, 2025
A Moldovan suspect has been arrested for a 2021 DoppelPaymer ransomware attack that crippled Dutch research systems and caused €4.5 million in damages.
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
Cybersecurity
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
Mitchell Langley May 12, 2025
Chinese threat group Chaya_004 exploited a zero-day flaw in SAP NetWeaver servers, compromising hundreds of systems using remote code execution and web shell deployments.
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
Cybersecurity
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
Andrew Doyle May 12, 2025
The iClicker website was hacked between April 12–16, 2025, using a fake CAPTCHA to deploy malware via a ClickFix attack targeting students and faculty.
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
LockBit's dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a leaked MySQL database.
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
News
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
Mitchell Langley May 12, 2025
Ascension confirms a third-party data breach affecting 437,329 patients, exposing sensitive personal and medical data, including Social Security numbers and health insurance details.
The Truth About Identity Attacks How to Protect Your Business and Data
Blog
The Truth About Identity Attacks: How to Protect Your Business and Data
Gabby Lee May 8, 2025
In today's digital landscape, identity attacks are rampant, costing businesses millions and causing irreparable damage to reputations. This comprehensive guide explores seven common identity-based attacks, ...
PowerSchool Hacker Now Extorting Individual School Districts Using Stolen Data
News
PowerSchool Hacker Now Extorting Individual School Districts Using Stolen Data
Mitchell Langley May 8, 2025
The PowerSchool hacker is now targeting individual school districts, threatening to leak sensitive student and staff data stolen in the December 2024 breach.
NSO Group Fined $167 Million for Pegasus Spyware Attack on WhatsApp Users
News
NSO Group Fined $167 Million for Pegasus Spyware Attack on WhatsApp Users
Mitchell Langley May 8, 2025
A U.S. jury has ordered NSO Group to pay over $167 million in damages for a 2019 Pegasus spyware attack that targeted 1,400 WhatsApp users. ...
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Cybersecurity
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Andrew Doyle May 8, 2025
U.S. Oil and Gas Sectors Face Persistent Cyber Threats, CISA Warns The Cybersecurity and Infrastructure Security Agency (CISA) has issued ...
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley May 8, 2025
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail sectors.
UK Retail Cyberattacks Prompt Urgent Warning from National Cyber Security Centre
News
UK Retail Cyberattacks Prompt Urgent Warning from National Cyber Security Centre
Mitchell Langley May 7, 2025
The UK’s NCSC has issued a warning after recent cyberattacks disrupted major retailers including Marks & Spencer, Harrods, and Co-op, urging stronger cybersecurity readiness.
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
News
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
Mitchell Langley May 7, 2025
Masimo disclosed a cyberattack impacting manufacturing and logistics, coinciding with the $350M sale of its Sound United audio brands to Samsung subsidiary Harman.
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
News
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
Andrew Doyle May 7, 2025
Ransom House claims to have breached German brewing giant Oettinger, threatening to leak sensitive data if the company fails to meet its ransom demands.
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
News
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
Mitchell Langley May 7, 2025
CISA confirms active exploitation of critical Langflow RCE flaw CVE-2025-3248, urging urgent updates to prevent full server takeover through exposed API endpoints.
“Bring Your Own Installer” EDR Bypass Used in Ransomware Attack Targeting SentinelOne
News
“Bring Your Own Installer” EDR Bypass Used in Ransomware Attack Targeting SentinelOne
Andrew Doyle May 7, 2025
A new “Bring Your Own Installer” bypass lets ransomware actors disable SentinelOne EDR protection by exploiting the agent upgrade process, leaving endpoints exposed to attack. ...
The Rising Tide of Supply Chain Cybersecurity Risks in 2025-min
Blog
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Mitchell Langley May 6, 2025
Explore six critical Supply Chain Cybersecurity Risks in 2025—from AI-driven cyberattacks and IoT vulnerabilities to quantum computing and geopolitical threats shaping logistics.
Albiriox Banking Trojan Poses New Threat to Android Devices
Cybersecurity
Albiriox Banking Trojan Poses New Threat to Android Devices
Andrew Doyle December 2, 2025
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Cybersecurity
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Andrew Doyle December 2, 2025
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Cybersecurity
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Andrew Doyle November 27, 2025
ShadowV2 Botnet A Test Run Amidst AWS Outage
Cybersecurity
ShadowV2 Botnet: A Test Run Amidst AWS Outage
Andrew Doyle November 27, 2025

TOP CYBERSECURITY HEADLINES

$29 Million in Bitcoin Seized from Cryptomixer Implications for Cybercrime
Cybersecurity
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
Application Security
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
Cybersecurity
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant

This Week’s Security Spotlight

South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Andrew Doyle December 2, 2025
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Cybersecurity
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Mitchell Langley November 30, 2025
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Application Security
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Andrew Doyle November 30, 2025
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Cybersecurity
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Mitchell Langley November 27, 2025
More In News
Trending
AI-Powered Phishing Campaigns Mimic Enterprise Marketing Operations
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Meta Deletes 6.8 Million Scam Accounts as AI-Powered Fraud Rings Exploit WhatsApp
August 6, 2025
Podcasts
Meta Found Liable: Jury Rules Against Tech Giant in Flo Health Privacy Case
August 5, 2025
Podcasts
TSMC Insider Threat: Six Arrested in Taiwan Over 2nm Chip Trade Secrets
August 5, 2025

Cyber Security News

CoinbaseCartel Threatens to Publish SK Telecom Source Code unless Ransom Talks Start
Cybersecurity
CoinbaseCartel Threatens to Publish SK Telecom Source Code unless Ransom Talks Start
October 15, 2025
Russia Suspected in Jaguar Land Rover Cyberattack That Halted Production for Weeks
Cybersecurity
Russia Suspected in Jaguar Land Rover Cyberattack That Halted Production for Weeks
October 14, 2025
Northern Rivers Resilient Homes Program Breach Exposes Personal Data of 2,031 Residents
Cybersecurity
Northern Rivers Resilient Homes Program Breach Exposes Personal Data of 2,031 Residents
October 14, 2025
Qantas Customer Data Leaked on Dark Web After July Cyberattack
Cybersecurity
Qantas Customer Data Leaked on Dark Web After July Cyberattack
October 14, 2025
Discord Breach Exposes 70,000 ID Photos and Raises Questions about Third-Party Age Verification
Cybersecurity
Discord Breach Exposes 70,000 ID Photos and Raises Questions about Third-Party Age Verification
October 14, 2025
SimonMed Confirms Data Breach Exposed 1.2 Million Patients in January
Cybersecurity
SimonMed Confirms Data Breach Exposed 1.2 Million Patients in January
October 14, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
SatanLock Ransomware Group Abruptly Shuts Down, Leaks All Stolen Files
July 8, 2025
Ransomware gang SatanLock has ceased operations, announcing plans to leak all stolen victim data, marking an abrupt end to its brief but chaotic campaign.
Hackers Exploit Leaked Shellter Red Team Tool to Deploy Infostealers
July 8, 2025
Hackers weaponized Shellter Elite, a legitimate red team tool, to deliver infostealers after a leaked copy enabled months-long stealth attacks across the threat landscape.
Ingram Micro Hit by Global Outage, Internal Systems Remain Inaccessible Amid Cyberattack Concerns
July 7, 2025
Ingram Micro is facing a global outage affecting both external and internal systems, with growing concerns that a possible ransomware attack may be behind the ...
106GB Exposed? Telefónica, HellCat, and the Silent Data Breach
July 7, 2025
In this episode, we explore a shadowy and unconfirmed—but highly consequential—data breach at Spanish telecommunications giant Telefónica. Allegedly orchestrated by the HellCat ransomware group, the ...
Ingram Micro’s SafePay Ransomware Breach: Human-Operated Threats and Supply Chain Fallout
July 7, 2025
The recent ransomware attack on Ingram Micro, a global technology distribution giant, reveals not only a sophisticated human-operated cyber assault—but also the fragile state of ...
The Illusion of Shutdowns: What Hunters International’s Closure Really Means
July 7, 2025
In a sudden and cryptic announcement, the notorious ransomware group Hunters International has declared its shutdown, citing “recent developments” and pledging to release decryption keys ...
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
July 7, 2025
AI cyber threats are changing the face of digital warfare. From adaptive malware to deepfake scams, learn how Cybersecurity AI fights back against AI cyber ...
BMW Financial Services Caught in Third-Party Data Breach Involving Texas Fintech Firm
July 7, 2025
BMW Financial Services confirms indirect exposure from a third-party breach at AIS. The incident affected over 1,950 individuals but did not compromise BMW’s own systems. ...
CISA Flags CVE-2025-6554: Patching Chrome’s Critical Flaw Before It’s Too Late
July 7, 2025
A newly discovered and actively exploited zero-day vulnerability in Google Chrome has sent ripples through the cybersecurity community. Known as CVE-2025-6554, this critical type confusion ...
Telefónica Faces New Data Leak Allegations After Hacker Publishes Sample Files
July 7, 2025
A hacker linked to Hellcat ransomware claims to have stolen 106GB of Telefónica data and has started leaking files after the company denied the breach. ...
Ingram Micro Confirms SafePay Ransomware Attack Behind Major Outage
July 7, 2025
Ingram Micro confirms ransomware attack by SafePay as the cause of ongoing system outages, disrupting ordering platforms and forcing VPN shutdowns across multiple global locations. ...
Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
July 7, 2025
Cybercriminals are increasingly using PDFs to impersonate trusted brands like Microsoft, PayPal, and DocuSign in phishing campaigns designed to steal credentials or deploy malware.
ANSSI vs. Houken: France Battles Advanced Chinese Hacking Threat
July 4, 2025
In this episode, we uncover a high-stakes cyber campaign targeting the heart of French digital infrastructure. ANSSI, France’s national cybersecurity agency, has exposed a Chinese-linked ...
Psychological Manipulation and AI Fraud: How Spain Exposed a $12M Scam
July 4, 2025
In this episode, we examine a growing threat reshaping financial crime in Europe: sophisticated, technology-driven investment fraud. Spanish law enforcement has recently dismantled a fraud ...
CVE-2025-20309: Critical Cisco Root Access Flaw Threatens VoIP Security
July 4, 2025
A devastating vulnerability—CVE-2025-20309—has been discovered in Cisco’s Unified Communications Manager (Unified CM) and its Session Management Edition (SME), threatening the security of over a thousand ...
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
July 4, 2025
IdeaLab confirms ransomware attackers stole sensitive employee and contractor data in a 2024 breach. Hunters International claimed responsibility and leaked 137,000 files on the dark ...
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
July 4, 2025
Kelly Benefits confirms 2024 breach exposed personal data of 553,660 individuals, affecting 46 organizations. Stolen info includes SSNs, medical records, and financial data.
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
July 4, 2025
Esse Health confirms cyberattack exposed data of 263,601 patients, including medical record and insurance info, after system disruptions in April. Investigation suggests possible ransomware involvement. ...
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
July 4, 2025
Spanish police arrest two hackers behind cyberattacks on government and media figures, seizing devices in a national security case tied to stolen state data.
Citrix Patch for Critical NetScaler Vulnerabilities Causes Login Issues for Some Customers
July 4, 2025
Citrix warns that patches for critical NetScaler flaws may cause broken logins due to CSP conflicts. Admins must disable headers and clear cache to restore ...
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity