Main Menu
Cyber Security
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
What Is Dropper Malware and How Does It Evade Detection
TVING Data Breach Triggers South Korean Government Probe
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
Six Ransomware Groups Post Cross-Sector Victims in Single Day
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
DNS Tunneling: How Attacks Work, Detection, and Prevention
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
Play Ransomware Hits Law Firm, Food Tech, Church, and Factory
Akira Threatens to Publish 53 GB from US Parts Maker and Ohio MLS
Qilin Ransomware Hits Avcon Jet, Slovenian Food Group, and Trican
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
WorldLeaks Targets Thai Infrastructure Giant CH Karnchang
Supreme Court Upholds $200M FCC Fines on AT&T and Verizon
FTC Seeks Public Comment on X Corp Bid to Void Twitter Settlement
CISA Orders Patch for Linux Container Escape CVE-2022-0492
Windows 11 Security Updates Interrupt Enterprise VPN Connectivity
Network Security
Windows 11 Security Updates Interrupt Enterprise VPN Connectivity
Andrew Doyle December 18, 2025
Businesses using Windows Subsystem for Linux (WSL) on Windows 11 face VPN issues after Microsoft’s latest security updates. Learn about potential workarounds.
Echo Secures $35 Million Series A Funding to Advance Cybersecurity Tools
Cybersecurity
Echo Secures $35 Million Series A Funding to Advance Cybersecurity Tools
Andrew Doyle December 17, 2025
In a strategic move to enhance its cybersecurity platform, Echo has successfully raised $35 million in Series A funding. This milestone comes shortly after its ...
Verisoul Secures $8.8 Million to Enhance Fraud Prevention Technology
Cybersecurity
Verisoul Secures $8.8 Million to Enhance Fraud Prevention Technology
Mitchell Langley December 17, 2025
Verisoul has successfully raised $8.8 million in a bid to strengthen its fraud prevention technology. The funding will help enhance product development, boost go-to-market strategies, ...
Askul Ransomware Attack Leads to Compromise of 700,000 Records
News
Askul Ransomware Attack Leads to Compromise of 700,000 Records
Gabby Lee December 17, 2025
The e-commerce and logistics firm Askul was targeted by RansomHouse in October, resulting in a data breach impacting 700,000 records, raising cybersecurity concerns.
Understanding Ransomware Attacks on Hypervisors A Growing Threat
Endpoint Security
Understanding Ransomware Attacks on Hypervisors: A Growing Threat
Andrew Doyle December 17, 2025
Ransomware groups target hypervisors to encrypt many virtual machines simultaneously, exploiting vulnerabilities in virtualized environments. Organizations must understand this evolving threat to protect their digital ...
Russian Hackers Shift Focus Toward Exploiting Misconfigurations
News
Russian Hackers Shift Focus Toward Exploiting Misconfigurations
Mitchell Langley December 17, 2025
State-sponsored Russian threat actors are now targeting misconfigurations in critical infrastructure, moving away from zero-day vulnerabilities. This shift represents a significant change in their strategies ...
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
Cybersecurity
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
Gabby Lee December 17, 2025
Closed CISO (Chief Information Security Officer) communities serve as pivotal platforms for secure information exchange, guidance, and support, providing a pressure-free environment away from critical ...
PDVSA's Recent Cyberattack Reveals Vulnerabilities in Export Operations
Cybersecurity
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
Gabby Lee December 17, 2025
PDVSA, Venezuela's state-owned oil giant, faced a severe cyberattack disrupting export operations over the weekend. The attack highlights vulnerabilities in the company's cybersecurity infrastructure, casting ...
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo
News
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo
Andrew Doyle December 17, 2025
Researchers revealed a NuGet package, "Tracer.Fody.NLog," disguising as a popular .NET library, which concealed a cryptocurrency wallet stealer. Initially published in 2020, it remained undetected ...
Amazon's Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
Cybersecurity
Amazon’s Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
Mitchell Langley December 17, 2025
Amazon's Threat Intelligence team successfully disabled operations related to Russian GRU hackers, focusing on customer cloud infrastructure security and thwarting espionage attempts.
From Open Source to OpenAI Navigating the Evolution of Third-Party Risks
Blog
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
Gabby Lee December 17, 2025
Explore how speed-driven development introduces new third-party risks. Understand how threat actors exploit vulnerabilities in open source libraries and AI-driven tools.
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Identity and Access Management
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Andrew Doyle December 17, 2025
A cryptocurrency mining campaign targets AWS customers by exploiting stolen Identity and Access Management credentials. Detected by Amazon's GuardDuty, the attack uses novel persistence techniques ...
All I Want for Christmas is All of Your Data SantaStealer Malware Spreads for the Holidays
Cybersecurity
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
Mitchell Langley December 17, 2025
A cybercriminal's holiday dream, SantaStealer, a new information-stealing malware, promises undetected operation on systems of high-profile targets, advertised on Telegram for $175 monthly.
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
Data Security
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
Andrew Doyle December 16, 2025
The Texas Attorney General has taken legal action against five major television manufacturers, alleging violation of data privacy. The lawsuit accuses these companies of using ...
ECB Decision Causes Costly Delays for Bank of England's Payment System Overhaul
Cybersecurity
ECB Decision Causes Costly Delays for Bank of England’s Payment System Overhaul
Andrew Doyle December 16, 2025
The European Central Bank's (ECB) 2022 postponement of a new messaging standard forced the Bank of England to delay its payment system launch, incurring £23 ...
Cyber Raid on Jaguar Land Rover August Attack Leads to Theft of Sensitive Information
Information Security
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
Mitchell Langley December 16, 2025
The August cyber raid on Jaguar Land Rover (JLR) had a dual impact, crippling factory operations and resulting in the theft of sensitive employee payroll ...
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Application Security
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Mitchell Langley December 16, 2025
Google has reported exploitation of the React2Shell vulnerability by five Chinese threat actor groups and Iranian operatives, aiming to deliver malware. This vulnerability, is becoming ...
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
CVE Vulnerability Alerts
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
Andrew Doyle December 16, 2025
Atlassian has released security updates targeting multiple vulnerabilities, including critical-severity issues in products like Apache Tika. One major flaw is an XML External Entity (XXE) ...
FreePBX Critical Vulnerability Enables Potential Authentication Bypass
CVE Vulnerability Alerts
FreePBX Critical Vulnerability Enables Potential Authentication Bypass
Mitchell Langley December 16, 2025
FreePBX, an open-source private branch exchange (PBX) platform, has multiple security vulnerabilities. A critical flaw (CVE-2025-61675) allows authentication bypass under certain configurations.
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
Data Security
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
Andrew Doyle December 16, 2025
700Credit, a prominent fintech company, reports a significant data breach where sensitive information of 5.8 million individuals has been compromised.
Application Security
Microsoft Patches Exploited Exchange XSS as Secure Boot Deadline Looms
Andrew Doyle June 9, 2026
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Mitchell Langley June 9, 2026
CVE Vulnerability Alerts
Check Point VPN CVE-2026-50751 Exploited by Qilin Before Patch Release
Andrew Doyle June 9, 2026
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Mitchell Langley June 9, 2026

TOP CYBERSECURITY HEADLINES

TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Application Security
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Cybersecurity
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
Cybersecurity
TVING Data Breach Triggers South Korean Government Probe

This Week’s Security Spotlight

Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
CVE Vulnerability Alerts
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
Andrew Doyle June 8, 2026
CVE Vulnerability Alerts
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Gabby Lee June 5, 2026
Cybersecurity
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
Gabby Lee June 5, 2026
More In News
Trending
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Approov Secures £5M to Fortify Mobile App and API Security Against AI-Driven Threats
August 5, 2025
Podcasts
Pwn2Own Ireland 2025: $1M WhatsApp Exploit Bounty Raises the Stakes
August 5, 2025
Podcasts
Nvidia Triton Inference Server Vulnerabilities Expose AI Infrastructure to Attack
August 4, 2025

Cyber Security News

Cybersecurity
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
April 21, 2026
Cyberattacks Are Outpacing MSP and Corporate Defenses
Cybersecurity
Cyberattacks Are Outpacing MSP and Corporate Defenses
April 21, 2026
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Application Security
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
April 21, 2026
Lawmakers' Concerns About AI Include Worries of Potential 'Destruction'
Cybersecurity
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
April 21, 2026
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Application Security
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
April 21, 2026
Attackers Exploit QEMU Virtualization to Evade Detection
CVE Vulnerability Alerts
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
April 21, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Askul Ransomware Attack Leads to Compromise of 700,000 Records
December 17, 2025
The e-commerce and logistics firm Askul was targeted by RansomHouse in October, resulting in a data breach impacting 700,000 records, raising cybersecurity concerns.
Understanding Ransomware Attacks on Hypervisors: A Growing Threat
December 17, 2025
Ransomware groups target hypervisors to encrypt many virtual machines simultaneously, exploiting vulnerabilities in virtualized environments. Organizations must understand this evolving threat to protect their digital ...
Russian Hackers Shift Focus Toward Exploiting Misconfigurations
December 17, 2025
State-sponsored Russian threat actors are now targeting misconfigurations in critical infrastructure, moving away from zero-day vulnerabilities. This shift represents a significant change in their strategies ...
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
December 17, 2025
Closed CISO (Chief Information Security Officer) communities serve as pivotal platforms for secure information exchange, guidance, and support, providing a pressure-free environment away from critical ...
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
December 17, 2025
PDVSA, Venezuela's state-owned oil giant, faced a severe cyberattack disrupting export operations over the weekend. The attack highlights vulnerabilities in the company's cybersecurity infrastructure, casting ...
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo
December 17, 2025
Researchers revealed a NuGet package, "Tracer.Fody.NLog," disguising as a popular .NET library, which concealed a cryptocurrency wallet stealer. Initially published in 2020, it remained undetected ...
Amazon’s Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
December 17, 2025
Amazon's Threat Intelligence team successfully disabled operations related to Russian GRU hackers, focusing on customer cloud infrastructure security and thwarting espionage attempts.
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
December 17, 2025
Explore how speed-driven development introduces new third-party risks. Understand how threat actors exploit vulnerabilities in open source libraries and AI-driven tools.
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
December 17, 2025
A cryptocurrency mining campaign targets AWS customers by exploiting stolen Identity and Access Management credentials. Detected by Amazon's GuardDuty, the attack uses novel persistence techniques ...
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
December 17, 2025
A cybercriminal's holiday dream, SantaStealer, a new information-stealing malware, promises undetected operation on systems of high-profile targets, advertised on Telegram for $175 monthly.
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
December 16, 2025
The Texas Attorney General has taken legal action against five major television manufacturers, alleging violation of data privacy. The lawsuit accuses these companies of using ...
ECB Decision Causes Costly Delays for Bank of England’s Payment System Overhaul
December 16, 2025
The European Central Bank's (ECB) 2022 postponement of a new messaging standard forced the Bank of England to delay its payment system launch, incurring £23 ...
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
December 16, 2025
The August cyber raid on Jaguar Land Rover (JLR) had a dual impact, crippling factory operations and resulting in the theft of sensitive employee payroll ...
Google Finds China and Iran Actors Exploiting React2Shell Flaws
December 16, 2025
Google has reported exploitation of the React2Shell vulnerability by five Chinese threat actor groups and Iranian operatives, aiming to deliver malware. This vulnerability, is becoming ...
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
December 16, 2025
Atlassian has released security updates targeting multiple vulnerabilities, including critical-severity issues in products like Apache Tika. One major flaw is an XML External Entity (XXE) ...
FreePBX Critical Vulnerability Enables Potential Authentication Bypass
December 16, 2025
FreePBX, an open-source private branch exchange (PBX) platform, has multiple security vulnerabilities. A critical flaw (CVE-2025-61675) allows authentication bypass under certain configurations.
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
December 16, 2025
700Credit, a prominent fintech company, reports a significant data breach where sensitive information of 5.8 million individuals has been compromised.
Google Chrome Extension With Millions of Users May Be Compromising Privacy
December 16, 2025
The Urban VPN Proxy, trusted by over 6 million users on Google Chrome, is suspected of covertly harvesting data entered into AI chatbots. The extension ...
Phishing Attacks in 2026: Evolution Beyond Email and Its Implications
December 16, 2025
In 2025, phishing threats evolved beyond traditional email to include social platforms, browser-based attacks, and malicious search ads. Security teams must now grapple with emerging ...
Militant Groups Experiment With AI, Amplifying Threats
December 16, 2025
Extremist groups are leveraging AI technologies to enhance their propaganda efforts, according to recent insights. This trend points to a growing challenge in cybersecurity as ...
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
What Is Dropper Malware and How Does It Evade Detection
TVING Data Breach Triggers South Korean Government Probe
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
Six Ransomware Groups Post Cross-Sector Victims in Single Day
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
DNS Tunneling: How Attacks Work, Detection, and Prevention
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack