Main Menu
Cyber Security
React2Shell Exploit Continues to Deliver Undetected Malware Families
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
.NET Framework Vulnerability SOAPwn: Impact on Enterprise Applications
Teen Hacker Arrested in Spain for Major Data Breach Scheme
Satellite Signal Interruption Causes Porsche Immobilization in Russia
Ivanti Urges Immediate Patch for Endpoint Manager Vulnerability
Prime Security Secures $20 Million to Advance AI-Powered Security Tools
Microsoft Appoints New Operating CISOs to Enhance AI-Driven Cyberdefense
Fortinet Releases Fixes for Critical Vulnerabilities Affecting FortiOS and Other Products
Adobe’s Comprehensive Security Update Targets Massive Vulnerabilities Array
Microsoft Enhances PowerShell Security With Script Warning Functionality
Microsoft Patches Critical Zero-Day Vulnerability in Windows
Google Introduces Layered Defenses in Chrome to Combat Prompt Injection Vulnerabilities
Microsoft Works to Mitigate Copilot Access Issues in Europe
Equixly Secures $11 Million Investment to Enhance API Penetration Testing Capabilities
Proofpoint Completes Acquisition of Hornetsecurity: A Strategic Move in Cybersecurity
Storm-0249 Exploits EDR and Windows Tools for Ransomware Prep
Mirai-based Broadside Botnet Exploits TBK Vision DVRs in Maritime Sector
Identity Security Firm Saviynt Secures $700 Million in Funding Amid Booming Security Market
EtherRAT Malware Implant Utilizes Linux Persistence Mechanisms in React2Shell Attack
OpenAI Responds to ChatGPT Plus Subscription Controversy Over Ads
Portugal Establishes Legal Safe Harbor for Ethical Hackers
Clickjacking Tactics Exploit SVG and CSS: Understanding the New Threat
IDEsaster: Uncovering Security Flaws in AI-Powered IDEs
FBI Warns of Social Media Images Exploited for Virtual Kidnapping Scams
GlobalProtect Logins and SonicWall APIs Come Under Fire from Hacking Campaign
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
India Reverses Decision on Mandating Preinstalled Cybersecurity App on Smartphones
Virginia Brothers Face Conspiracy Charges Over Alleged Data Theft and Database Destruction
Chinese Hackers Exploit Cityworks Zero-Day to Breach U.S. Local Government Systems
News
Chinese Hackers Exploit Cityworks Zero-Day to Breach U.S. Local Government Systems
Mitchell Langley May 23, 2025
Hackers from the Everest group claim to have leaked Coca-Cola employee and HR data, including PII and internal documents, potentially tied to a Middle East ...
Quantum Hacking Is Coming How to Prepare with Post-Quantum Security Today
Blog
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Gabby Lee May 22, 2025
Quantum hacking is no longer science fiction. This in-depth guide explores post-quantum security, quantum-resistant cryptography, and how to protect your business from future cyber threats.
Russian APT28 Hackers Target Ukraine Aid Operations Through Global Espionage Campaign
News
Russian APT28 Hackers Target Ukraine Aid Operations Through Global Espionage Campaign
Andrew Doyle May 22, 2025
Russian APT28 hackers have targeted international aid operations to Ukraine since 2022, using cyber espionage to monitor, disrupt, and exfiltrate data from key sectors.
Marks & Spencer Projects $402 Million Profit Loss After Cyberattack Disrupts Operations
News
Marks & Spencer Projects $402 Million Profit Loss After Cyberattack Disrupts Operations
Mitchell Langley May 22, 2025
Marks & Spencer faces a $402 million profit hit following a cyberattack linked to Scattered Spider, disrupting sales and operations and exposing customer data.
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
Cybersecurity
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
Mitchell Langley May 22, 2025
Kettering Health canceled elective procedures after a ransomware-linked outage. Interlock ransomware group is suspected. Emergency services remain operational, but threat actors may leak stolen data. ...
3AM Ransomware Operators Use Spoofed IT Calls, Email Bombing for Network Breaches
News
3AM Ransomware Operators Use Spoofed IT Calls, Email Bombing for Network Breaches
Mitchell Langley May 22, 2025
The 3AM ransomware gang exploits spoofed IT support calls and email bombing to socially engineer remote access, targeting corporate networks in stealthy credential-based breaches.
Global Crackdown Dismantles Lumma Infostealer Malware Network, Seizes 2,300 Domains
News
Global Crackdown Dismantles Lumma Infostealer Malware Network, Seizes 2,300 Domains
Andrew Doyle May 22, 2025
Authorities and private sector partners have dismantled the infrastructure of the Lumma Infostealer malware, a dominant player in the malware-as-a-service (MaaS) ecosystem.
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
News
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
Mitchell Langley May 22, 2025
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
EU Sanctions Stark Industries and Leadership for Supporting Russian Cyber Operations
News
EU Sanctions Stark Industries and Leadership for Supporting Russian Cyber Operations
Andrew Doyle May 22, 2025
The EU has sanctioned Stark Industries and its leadership for enabling Russian cyber operations, disinformation, and infrastructure support used in attacks against European interests.
Serviceaide Data Leak Exposes Health Records of Over 480,000 Catholic Health Patients
News
Serviceaide Data Leak Exposes Health Records of Over 480,000 Catholic Health Patients
Mitchell Langley May 21, 2025
Serviceaide exposed over 480,000 Catholic Health patients' records due to a misconfigured Elasticsearch database, putting sensitive personal and medical data at risk.
Coinbase Data Breach Exposes Personal Information of 69,461 Customers in Contractor-Driven Incident
News
Coinbase Data Breach Exposes Personal Information of 69,461 Customers in Contractor-Driven Incident
Andrew Doyle May 21, 2025
Coinbase confirms a data breach involving overseas contractors that exposed personal and financial information of 69,461 users, prompting fears of social engineering and financial fraud. ...
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Cybersecurity
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Andrew Doyle May 21, 2025
A supply chain attack on RVTools delivered Bumblebee malware through a trojanized installer, compromising virtualization admins and enabling follow-on ransomware or data exfiltration attacks.
Over 100 Malicious Chrome Extensions Found Masquerading as AI Tools, VPNs, and Crypto Utilities
News
Over 100 Malicious Chrome Extensions Found Masquerading as AI Tools, VPNs, and Crypto Utilities
Mitchell Langley May 21, 2025
A massive and ongoing campaign involving over 100 malicious Chrome extensions has been uncovered, with threat actors deploying browser add-ons ...
PowerSchool Hacker Pleads Guilty to Student Data Extortion Scheme
News
PowerSchool Hacker Pleads Guilty to Student Data Extortion Scheme
Andrew Doyle May 21, 2025
A 19-year-old hacker has pleaded guilty to breaching PowerSchool and extorting millions by threatening to leak sensitive data on over 71 million students and teachers. ...
SK Telecom Malware Breach Lasted 3 Years, Exposed 27 Million Phone Numbers
News
SK Telecom Malware Breach Lasted 3 Years, Exposed 27 Million Phone Numbers
Mitchell Langley May 21, 2025
SK Telecom’s malware breach exposed 27 million phone numbers over three years via a supply chain attack targeting its security affiliate SK Shieldus.
Tesco, Aldi Supplier Peter Green Chilled Hit by Ransomware, Disrupting UK Retail Supply Chains
News
Tesco, Aldi Supplier Peter Green Chilled Hit by Ransomware, Disrupting UK Retail Supply Chains
Andrew Doyle May 21, 2025
UK logistics firm Peter Green Chilled suffered a ransomware attack, disrupting deliveries for Tesco, Aldi, and Sainsbury’s amid a rising wave of supply chain cyberattacks. ...
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
News
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
Mitchell Langley May 21, 2025
Cellcom confirms a cyberattack caused week-long service outages across Wisconsin and Michigan, impacting calls and SMS; personal data reportedly not compromised.
VanHelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
News
VanHelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
Mitchell Langley May 21, 2025
VanHelsing ransomware's builder and affiliate panel source code leaked after a former developer tried to sell it, prompting the gang to release it themselves.
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
News
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
Andrew Doyle May 20, 2025
Scattered Spider used third-party TCS employee credentials to breach M&S systems, exposing customer data and costing over £1 billion in market value and lost profits. ...
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
News
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
Mitchell Langley May 20, 2025
Fake KeePass installers promoted via Bing ads delivered Cobalt Strike and stole credentials, ultimately leading to ESXi ransomware attacks linked to Black Basta affiliates.
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
Application Security
Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data
Andrew Doyle December 11, 2025
Docker Hub Data Exposure Puts Thousands of Containers at Risk
Data Security
Docker Hub Data Exposure Puts Thousands of Containers at Risk
Mitchell Langley December 11, 2025
React2Shell Exploit Continues to Deliver Undetected Malware Families
Cybersecurity
React2Shell Exploit Continues to Deliver Undetected Malware Families
Mitchell Langley December 11, 2025
Storm-0249 Exploits EDR and Windows Tools for Ransomware Prep
Application Security
Storm-0249 Exploits EDR and Windows Tools for Ransomware Prep
Mitchell Langley December 11, 2025

TOP CYBERSECURITY HEADLINES

Docker Hub Data Exposure Puts Thousands of Containers at Risk
Data Security
Docker Hub Data Exposure Puts Thousands of Containers at Risk
React2Shell Exploit Continues to Deliver Undetected Malware Families
Cybersecurity
React2Shell Exploit Continues to Deliver Undetected Malware Families
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Application Security
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
Application Security
Microsoft Faces Criticism Over Unresolved .NET Vulnerability

This Week’s Security Spotlight

Why Insuring Keith Richards' Fingers Highlights Risk Management in Cybersecurity
Cybersecurity
Why Insuring Keith Richards’ Fingers Highlights Risk Management in Cybersecurity
Andrew Doyle December 11, 2025
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
Endpoint Security
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
Mitchell Langley December 8, 2025
Russian Internet Authority Blocks Roblox Over Content Concerns
Cybersecurity
Russian Internet Authority Blocks Roblox Over Content Concerns
Mitchell Langley December 5, 2025
React Server Components' Security Flaw Risks Unauthenticated Remote Code Execution
CVE Vulnerability Alerts
React Server Components’ Security Flaw Risks Unauthenticated Remote Code Execution
Andrew Doyle December 5, 2025
More In News
Trending
Sneaky2FA Phishing Kit Adds Browser-in-the-Browser Tool for Stealthier MFA Attacks
AI-Powered Phishing Campaigns Mimic Enterprise Marketing Operations
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Approov Secures £5M to Fortify Mobile App and API Security Against AI-Driven Threats
August 5, 2025
Podcasts
Pwn2Own Ireland 2025: $1M WhatsApp Exploit Bounty Raises the Stakes
August 5, 2025
Podcasts
Nvidia Triton Inference Server Vulnerabilities Expose AI Infrastructure to Attack
August 4, 2025

Cyber Security News

FinWise Data Breach Shows Why Encryption Must Remain the Final Line of Defense
Cybersecurity
FinWise Data Breach Shows Why Encryption Must Remain the Final Line of Defense
October 27, 2025
Hackers Target Hundreds of Federal Agents in Targeted Attacks
Cybersecurity
Hackers Target Hundreds of Federal Agents in Targeted Attacks
October 22, 2025
Hackers Threaten to Leak 47GB of Data from Leading Golf Apparel Company
Cybersecurity
Hackers Threaten to Leak 47GB of Data from Leading Golf Apparel Company
October 22, 2025
Attackers Exploit OAuth Tokens After Password Resets
Cybersecurity
Attackers Exploit OAuth Tokens After Password Resets
October 22, 2025
Hackers Exploit Windows SMB Flaw to Gain SYSTEM Privileges
Cybersecurity
Hackers Exploit Windows SMB Flaw to Gain SYSTEM Privileges
October 22, 2025
CISA Confirms Hackers Exploited Oracle E-Business Suite SSRF Vulnerability
Application Security
CISA Confirms Hackers Exploited Oracle E-Business Suite SSRF Vulnerability
October 22, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Consentik Breach Exposes Hundreds of Shopify Stores to Admin Takeovers and Data Theft
July 16, 2025
A misconfigured Shopify plugin leaked sensitive access tokens and analytics, leaving hundreds of e-commerce businesses vulnerable to admin-level compromise and malicious exploitation.
DragonForce Ransomware Hits Belk: 150GB Data Leak and Operational Chaos
July 15, 2025
In this episode, we dive into the May 2025 ransomware attack on Belk, the iconic U.S. department store chain, orchestrated by the DragonForce ransomware group—a ...
NVIDIA Issues Urgent Rowhammer Warning: Enable ECC or Risk AI Integrity
July 15, 2025
In this episode, we dissect a major hardware-level cybersecurity warning issued by NVIDIA, one that directly affects data center operators, AI researchers, and enterprise IT ...
Zip Security Secures $13.5M to Simplify and Scale Cyber Defense
July 15, 2025
In this episode, we spotlight Zip Security, a rising New York-based cybersecurity startup that just closed a $13.5 million Series A funding round, led by ...
Why is Activity Logging Crucial for Detecting Cyberattacks
July 15, 2025
Activity logging uncovers cyber threats, insider abuse, and compliance gaps. Discover why it’s the foundation of effective detection, response, and long-term security strategy.
Century Support Services Breach: 160,000 Identities Compromised in Silent Cyberattack
July 15, 2025
In this episode, we examine the major data breach at Century Support Services—also operating under the name Next Level Finance Partners—that exposed the personal information ...
SafePay Ransomware: LockBit’s Lonewolf Ghost
July 15, 2025
SafePay is a centralized ransomware group leveraging LockBit-derived code, stealthy infiltration, and rapid encryption—targeting SMEs and MSPs globally without using affiliates or public channels.
Saudi Industrial Giant Rezayat Group Listed on Dark Web After Alleged Everest Ransomware Breach
July 15, 2025
Saudi-based Rezayat Group has allegedly been breached by the Everest ransomware gang, with hackers claiming to have stolen 10GB of sensitive corporate and client data. ...
Gigabyte Firmware Vulnerabilities Expose Over 240 Motherboards to Stealth UEFI Malware Attacks
July 15, 2025
Gigabyte motherboards face critical firmware flaws that enable stealthy UEFI malware to bypass Secure Boot, posing long-term risks to systems in enterprise and industrial environments. ...
Interlock Ransomware Now Deploying FileFix to Deliver RAT Payloads via Social Engineering
July 15, 2025
Interlock Ransomware Switches to FileFix for Stealthy RAT Delivery The Interlock ransomware operation has adopted a new delivery mechanism known as FileFix, using it to ...
Louis Vuitton UK Confirms Customer Data Breach Amid Growing Wave of Retail Cyberattacks
July 15, 2025
Louis Vuitton UK confirms a data breach exposing customer PII, marking the latest in a string of high-profile retail cyberattacks across the country this year. ...
Elmo’s X Account Hacked: Hacker Incite Violence Against Jews and Trump and Mentions Epstein Files
July 15, 2025
Elmo’s official X account was hijacked by a hacker who posted antisemitic slurs and inflammatory content about Trump and Jeffrey Epstein, sparking widespread outrage online. ...
Google Gemini Email Summary Flaw Enables Hidden Phishing Attacks
July 14, 2025
A hidden prompt injection flaw in Google Gemini allows attackers to plant invisible phishing instructions in emails, triggering deceptive summaries without links or attachments.
Alabama City of Gardendale Allegedly Hit by INC Ransom Gang in Data Breach
July 14, 2025
The City of Gardendale, Alabama, has allegedly suffered a ransomware breach, with threat actors claiming to have stolen 50GB of sensitive municipal and citizen data. ...
Critical Vulnerabilities Discovered in Adobe Acrobat Reader and ASUS Armoury Crate
July 14, 2025
Four high-severity security flaws were found in ASUS Armoury Crate and Adobe Acrobat Reader, exposing millions of users to potential system hijacking and data theft ...
Nippon Steel Hit by Zero-Day Attack, Sensitive Data Believed Stolen
July 14, 2025
Nippon Steel confirms a zero-day cyberattack in March exposed sensitive information belonging to customers, employees, and partners, raising concerns over escalating threats to industrial firms. ...
Wing FTP Server Under Active Exploitation Following Critical RCE Vulnerability Disclosure
July 14, 2025
Hackers are actively exploiting a critical remote code execution vulnerability in Wing FTP Server, just one day after technical details became public, targeting enterprise systems ...
TikTok, China, and the EU: The Battle Over Data Sovereignty
July 11, 2025
In this episode, we explore the mounting scrutiny TikTok faces over its handling of European user data, with the EU’s Data Protection Commission (DPC) launching ...
WSUS Meltdown: Global Sync Failures and the Shift Toward Cloud Patch Management
July 11, 2025
Windows Server Update Services (WSUS) has long been a cornerstone of enterprise patch management—but recent global synchronization failures have raised serious questions about its future ...
Booz Allen Invests in Corsha: Defending Machine-to-Machine Communication at Scale
July 11, 2025
As the cybersecurity landscape shifts toward hyperautomation and AI-driven autonomy, a new frontier has emerged: the identity and access security of machines. In this episode, ...
Docker Hub Data Exposure Puts Thousands of Containers at Risk
React2Shell Exploit Continues to Deliver Undetected Malware Families
Microsoft Advances Teams Security With New Suspicious Traffic Analysis Feature
Microsoft Faces Criticism Over Unresolved .NET Vulnerability
.NET Framework Vulnerability SOAPwn: Impact on Enterprise Applications
Teen Hacker Arrested in Spain for Major Data Breach Scheme
Satellite Signal Interruption Causes Porsche Immobilization in Russia
Ivanti Urges Immediate Patch for Endpoint Manager Vulnerability
Prime Security Secures $20 Million to Advance AI-Powered Security Tools
Microsoft Appoints New Operating CISOs to Enhance AI-Driven Cyberdefense
Fortinet Releases Fixes for Critical Vulnerabilities Affecting FortiOS and Other Products
Adobe’s Comprehensive Security Update Targets Massive Vulnerabilities Array
Microsoft Enhances PowerShell Security With Script Warning Functionality
Microsoft Patches Critical Zero-Day Vulnerability in Windows
Google Introduces Layered Defenses in Chrome to Combat Prompt Injection Vulnerabilities
Microsoft Works to Mitigate Copilot Access Issues in Europe
Equixly Secures $11 Million Investment to Enhance API Penetration Testing Capabilities
Proofpoint Completes Acquisition of Hornetsecurity: A Strategic Move in Cybersecurity
Storm-0249 Exploits EDR and Windows Tools for Ransomware Prep
Mirai-based Broadside Botnet Exploits TBK Vision DVRs in Maritime Sector