Cyber Security
CVE Vulnerability Alerts
CISA Expands Known Exploited Vulnerabilities Catalog: 47 New Threats Identified
CISA has added 47 new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog in 2025, including flaws in SharePoint, Google Chromium, and Cisco devices. The ...
Cybersecurity
Arizona Seeks $10M to Bolster Election Cybersecurity: Post-Attack Response Plan
A cyberattack on Arizona’s election portal, linked to Iranian-affiliated actors, has spurred calls for $10 million in cybersecurity funding and $3.5 million annually. Secretary of ...
Application Security
Microsoft Patches Teams Vulnerability: Critical Fix Against Remote Code Risks
Microsoft has patched CVE-2025-53783, a heap-based buffer overflow in Teams that enables remote code execution across desktop, mobile, and hardware devices. Though exploitation requires social ...
Cybersecurity
Apple Patches Zero-Day Exploit: Immediate Fix for CVE-2025-43300 Threat
Apple has released emergency patches for CVE-2025-43300, a zero-day flaw in the Image I/O framework enabling remote code execution via malicious images. Actively exploited in ...
News
APT36 Hackers Abuse Linux to Deliver Malware in Espionage Attacks
APT36 (Transparent Tribe) is exploiting Linux .desktop files in a new espionage campaign against Indian defense and government targets. Disguised as PDFs, these droppers fetch ...
Application Security
Google to Verify Android Developers: A New Era in App Security Emerges
Google is rolling out its Developer Verification program, requiring all Android developers—inside and outside the Play Store—to verify their identity by 2027. The policy aims ...
Data Security
Okta Raises Annual Forecasts Amid Surging Demand for Cybersecurity Tools
Okta has lifted its fiscal 2026 revenue forecast after reporting strong Q2 results, driven by soaring demand for identity verification tools. As AI-powered impersonation attacks ...
Blog
The Dual Role of AI in Cybersecurity: Weapon and Shield
AI hacking has moved from speculation to reality, enabling deepfake phishing, automated malware, and large-scale social engineering. While defenders deploy AI for detection and response, ...
Blog
FraudGPT, WormGPT, and Dark AI Models Fuel Surge in Cybercrime
Malicious AI models like FraudGPT, WormGPT, and PoisonGPT are reshaping cybercrime, enabling scalable phishing, malware generation, and disinformation. Unlike mainstream LLMs, these blackhat tools strip ...
Blog
The Imperative for a New Cyber Defense Playbook
Traditional cybersecurity models are failing against AI-driven threats, workforce fatigue, and complex tool sprawl. From adaptive malware and deepfake phishing to poorly governed machine identities, ...
News
UpCrypter Phishing Campaign Exploits Fake Emails to Deliver RAT Payloads
A new phishing campaign is distributing the UpCrypter malware loader through fake voicemail and purchase order emails. Targeting industries worldwide, UpCrypter delivers multiple remote access ...
Cybersecurity
Senator Wyden Demands Independent Review After Federal Court Cyber Breaches
Senator Ron Wyden is urging an independent review of federal court cybersecurity after breaches exposed sealed case files. Citing outdated systems and weak defenses, he ...
Cybersecurity
Nevada State Offices Shut Down Amid Major Network Security Incident
Nevada’s state government was forced to suspend in-person services and shut down major websites after a large-scale network security incident on August 25, 2025. Early ...
Application Security
Android Malware Masquerades as FSB Antivirus To Spy on Russian Business Executives
A fake FSB antivirus hides Android malware spying on Russian executives, logging keystrokes, streaming cameras, exfiltrating messenger data, and rotating providers for command and control.
Cybersecurity
Orange Suffers Data Breach Affecting 850k Customers
Orange Belgium reports a cyberattack exposing SIM details, PUK codes, names, phone numbers, and tariff plans for 850,000 customers; no financial data or passwords were ...
Cybersecurity
Michigan Health System Hack Exposes Patients’ Lab Results in Healthcare Data Breach
Aspire Rural Health Systems suffered a major healthcare data breach, exposing nearly 140,000 patients’ records — including lab results, financial data, and personal identifiers.
Cybersecurity
Gmail Breach Exposes 2.5 Billion Accounts in Social Engineering Attack
Google confirmed a massive breach exposing 2.5 billion Gmail accounts, with hacker group ShinyHunters exploiting Salesforce access through social engineering and launching large-scale phishing and ...
Blog
Ethical and Regulatory Challenges in AI-Driven Cybersecurity
As AI becomes central to cybersecurity, it is also weaponized for deepfakes, adaptive malware, and phishing. Organizations now face ethical dilemmas, regulatory fragmentation, and governance ...
Blog
AI-Powered DDoS Attacks Prompt Advanced Defense Mechanisms
AI-powered DDoS attacks are reshaping the cybersecurity landscape, replacing brute-force floods with adaptive, machine-led precision. By mimicking legitimate traffic and shifting tactics in real time, ...
Cybersecurity
Palo Alto Networks Forecasts $10.5B in 2026 Revenue on AI Cybersecurity Growth
Palo Alto Networks projects up to $10.53B in fiscal 2026 revenue, fueled by demand for AI cybersecurity tools and strategic acquisitions like CyberArk. With stronger ...
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
TOP CYBERSECURITY HEADLINES
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
This Week’s Security Spotlight
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Silent Push Raises $10M Series B to Expand Threat Intelligence Platform
Cybercriminals aren’t just breaking in—they’re borrowing your brand to do it. This episode dives into the critical intersection of brand protection, threat intelligence, and external ...
Google Accused of Shadow Lobbying Against California Privacy Opt-Out Law
California’s Assembly Bill 566 (AB 566) has become one of the most hotly contested pieces of privacy legislation in the country. The bill would require ...
FinWise Bank Data Breach Exposes 700K Customers Amid Predatory Lending Allegations
FinWise Bank is facing a double crisis—one of data security and another of public trust. Nearly 700,000 customers of American First Finance (AFF), a FinWise ...
ShinyHunters Claims 160 Million Vietnamese Credit Records Stolen from National Database
ShinyHunters claims 160 million Vietnam credit records stolen from CIC; samples verified by ReSecurity include PII, credit histories, and government IDs with recent timestamps.
Everest Ransomware Gang Names Allegis Group on Dark Web Claiming Client Lists
Everest ransomware gang claims Allegis Group documents and client lists were taken; screenshots show spreadsheets of 135,000 and 426,000 lines, researchers warn of phishing risks.
Apple Warns Users of Sophisticated Spyware Attacks Across Multiple Countries
Apple has warned users in over 150 countries of mercenary spyware attacks using zero-days and zero-click exploits, urging Lockdown Mode and emergency security assistance.
Microsoft to Roll Out Built-In Link Warnings for Teams Chats
Microsoft will roll out real-time malicious link warnings for Teams chats in September 2025, adding another security layer to protect enterprise users from phishing and ...
National Cyber Director Pushes for Aggressive Cyber Strategy to Shift Risk to Adversaries
National Cyber Director Sean Cairncross calls for a unified cyber strategy, urging CISA 2015 reauthorization, IT modernization, and stronger deterrence measures to shift risk onto ...
U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
The U.S. Treasury sanctioned 19 Southeast Asian cybercrime networks tied to forced labor, trafficking, and scams that stole over $10 billion from Americans in 2024.
Temu Fined $2 Million for INFORM Consumers Act Violations
Temu will pay $2 million to settle FTC and DoJ claims it violated the INFORM Consumers Act by failing to disclose seller details and suspicious ...
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development
Attackers targeting exposed Docker APIs have upgraded their tools, enabling persistent access, lateral movement, and self-replication—laying the groundwork for a potential large-scale botnet campaign.
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
A major data privacy lapse has rattled the New South Wales (NSW) health system after confidential records of nearly 600 medical staff — including 67 ...
Wealthsimple Data Breach Exposes Government IDs in Third-Party Attack
Wealthsimple confirmed a third-party data breach exposing account numbers, government IDs, and SINs of 30,000 clients. No funds stolen, but identity theft risks remain significant.
Dynatrace Confirms Customer Data Exposure in Salesforce Supply Chain Breach
Dynatrace confirmed customer data exposure in the Salesforce supply chain breach via Salesloft Drift, joining Cloudflare, Google, and others hit by the Scattered LapSus$ Hunters ...
External Attack Surface Management: CISO’s Guide to Mitigating Risk Before It Strikes
External Attack Surface Management gives CISOs continuous visibility into internet-facing assets, prioritizes risks by context, and enables proactive remediation—shrinking exposure before attackers exploit vulnerabilities.
Salesloft Data Breach Exposes 700 Companies Through OAuth Token Attack
A major security breach at Salesloft has compromised sensitive information from more than 700 companies, marking one of the largest enterprise incidents linked to OAuth ...
U.S. Charges Ukrainian National for Administering Ransomware
The U.S. charged Ukrainian national Volodymyr Tymoshchuk for administering LockerGoga, MegaCortex, and Nefilim ransomware, linked to hundreds of corporate breaches and millions in damages worldwide.
Doctors Outraged After NSW Health Department Leaks Personal and Professional Data
NSW Health exposed passports, medical credentials, and IDs of nearly 600 doctors, sparking outrage and raising serious risks of identity theft, fraud, and professional impersonation.
Salt Typhoon Breach Exposes U.S. Telecom Wiretap Systems
Chinese-linked APT group Salt Typhoon infiltrated major U.S. telecom providers in 2024, compromising surveillance systems and metadata from millions of users. The breach exposed lawful ...
China Is Blurring the Lines Between Civilian AI and Military Power
China is merging civilian AI with military applications. Everyday tools like drones and voice apps are being leveraged by the PLA, according to a CSET ...