Main Menu
Cyber Security
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
WatchTowr Warns of Major Data Leaks Through Developer Tools
UK Government’s Digital ID Plans Face Scrutiny Over Cost and Savings
Bloody Wolf’s Cyber Offensive: A Deep Dive into Targeted Attacks in Central Asia
Asahi Cyberattack Exposes Extensive Data Breach: A Blow to Japan’s Brewer Giant
OpenAI Scrutinizes Vendor Relationships After Mixpanel’s Data Breach
Naver’s Cryptocurrency Exchange Acquisition Marred by Cyberattack
Ex-NCSC Chief to Investigate Premature Online Leak of Budget Forecast
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
ShadowV2 Botnet Malware Exploits IoT Vulnerabilities in D-Link and TP-Link Devices
Comcast’s $1.5 Million Settlement in Data Breach Incident with FCC
Vulnerability Alert: 08th April, 2025
CVE Vulnerability Alerts
Vulnerability Alert: 08th April, 2025
Mitchell Langley April 24, 2025
Below are detailed summaries of multiple victims affected by these vulnerabilities, highlighting the nature of each threat and the potential ...
System Intrusions Surge Across EMEA, Verizon DBIR Warns
News
System Intrusions Surge Across EMEA, Verizon DBIR Warns
Andrew Doyle April 24, 2025
System intrusion breaches in EMEA doubled to 53% in one year, according to Verizon’s 2025 DBIR, as internal threats and third-party involvement surged globally.
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
News
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
Mitchell Langley April 24, 2025
Blue Shield of California disclosed a data breach impacting 4.7 million members after misconfigured Google Analytics exposed protected health information to Google Ads platforms.
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
News
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
Andrew Doyle April 24, 2025
A record-breaking 1.33 million-device botnet has driven a 110% surge in DDoS attacks in Q1 2025, targeting fintech, e-commerce, and telecom sectors.
New Android Malware ‘SuperCard X’ Uses NFC to Drain Bank Accounts in Real Time
Cybersecurity
New Android Malware ‘SuperCard X’ Uses NFC to Drain Bank Accounts in Real Time
Mitchell Langley April 24, 2025
New Android malware 'SuperCard X' uses NFC technology and social engineering to clone cards and drain bank accounts in real-time through a convincing multi-step scam. ...
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
News
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
Andrew Doyle April 24, 2025
A data breach at Yale New Haven Health exposed personal details of 5.5 million patients, with names, SSNs, and medical IDs among the data stolen. ...
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
News
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
Mitchell Langley April 24, 2025
Cybercrime losses in the U.S. hit $16.6 billion in 2024, with older adults and businesses suffering the most, according to new FBI complaint data.
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
News
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
Mitchell Langley April 23, 2025
Marks & Spencer confirms a cyberattack disrupting services, leading to delayed orders and affecting contactless payments, while assuring customers of ongoing efforts to resolve the ...
Qilin Ransomware Tactics, Techniques, Procedures and Mitigation
Blog
Qilin Ransomware: Tactics, Techniques, Procedures and Mitigation
Andrew Doyle April 23, 2025
Qilin ransomware, a potent threat emerging in 2022, has rapidly gained notoriety. This blog post delves into its advanced tactics, techniques, and procedures (TTPs), providing ...
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Cybersecurity
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Andrew Doyle April 23, 2025
Varonis researchers reveal Cookie-Bite, a proof-of-concept Chrome extension attack that steals Azure Entra ID session cookies to bypass MFA and access Microsoft 365 services.
SK Telecom Malware Incident Targets USIM Customer Data
News
SK Telecom Malware Incident Targets USIM Customer Data
Andrew Doyle April 23, 2025
SK Telecom has disclosed a malware attack that exposed sensitive USIM data, prompting swift containment, investigation, and enhanced security measures for its 34 million subscribers. ...
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
News
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
Mitchell Langley April 23, 2025
Baltimore City Public Schools confirms 25,000 people were impacted by a February ransomware attack that exposed sensitive employee and student information, including identification documents.
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
News
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
Andrew Doyle April 23, 2025
A zero-day flaw in Active! Mail is under active exploitation in Japan, affecting major providers and exposing data across enterprise, education, and government sectors.
Ad Fraud Operation 'Scallywag' Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Cybersecurity
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Mitchell Langley April 22, 2025
The Scallywag ad fraud network used WordPress plugins to generate 1.4 billion daily ad requests, monetizing piracy and redirect sites before being dismantled.
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Cybersecurity
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Gabby Lee April 22, 2025
The FBI warns of a scam where criminals impersonate IC3 officials, targeting prior fraud victims with false promises of fund recovery to steal financial information. ...
Abilene, Texas Shuts Down City Systems Following Cyberattack
News
Abilene, Texas Shuts Down City Systems Following Cyberattack
Mitchell Langley April 22, 2025
Abilene, Texas has taken key systems offline after a cyberattack. City services are disrupted but emergency response remains intact. Investigation and recovery efforts continue.
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
News
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
Mitchell Langley April 22, 2025
Google confirms a phishing campaign targeting Gmail users that abused DKIM and Google Sites to send spoofed legal requests and steal user credentials undetected.
Imaflex Inc. Data Breach Exposes Personal and Employment Data
News
Imaflex Inc. Data Breach Exposes Personal and Employment Data
Andrew Doyle April 22, 2025
Imaflex Inc. Data Breach Exposes Personal and Employment Data: Legal Investigation Underway Imaflex Inc. has disclosed a data breach that exposed sensitive personal and employment-related ...
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
Resources
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
Andrew Doyle April 22, 2025
Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance, for financial gain and potential ...
Cybersecurity Newsletter
This Week In Cybersecurity: April 1st to 5th, 2025
Andrew Doyle April 21, 2025
This week in cybersecurity covers a range of incidents, including the shutdown of openSNP over privacy concerns, a data breach affecting 173,000 patients, and a ...
Albiriox Banking Trojan Poses New Threat to Android Devices
Cybersecurity
Albiriox Banking Trojan Poses New Threat to Android Devices
Andrew Doyle December 2, 2025
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Cybersecurity
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Andrew Doyle December 2, 2025
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Cybersecurity
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Andrew Doyle November 27, 2025
ShadowV2 Botnet A Test Run Amidst AWS Outage
Cybersecurity
ShadowV2 Botnet: A Test Run Amidst AWS Outage
Andrew Doyle November 27, 2025

TOP CYBERSECURITY HEADLINES

$29 Million in Bitcoin Seized from Cryptomixer Implications for Cybercrime
Cybersecurity
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
Application Security
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
Cybersecurity
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant

This Week’s Security Spotlight

South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Andrew Doyle December 2, 2025
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Cybersecurity
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
Mitchell Langley November 30, 2025
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Application Security
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Andrew Doyle November 30, 2025
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Cybersecurity
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Mitchell Langley November 27, 2025
More In News
Trending
AI-Powered Phishing Campaigns Mimic Enterprise Marketing Operations
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Critical Honeywell Experion PKS Vulnerabilities Threaten Global Industrial Control Systems
July 31, 2025
Podcasts
Auto-Color Linux Malware Exploits SAP Zero-Day CVE-2025-31324
July 31, 2025
Podcasts
Inside the July 2025 PyPI Phishing Scam: How Hackers Stole Developer Credentials
July 31, 2025

Cyber Security News

Unisys Selected by EU Commission to Provide Cybersecurity Services to EU Public Entities
Cybersecurity
Unisys Selected by EU Commission to Provide Cybersecurity Services to EU Public Entities
October 10, 2025
TwoNet Hacktivists Breach Decoy Water Treatment Plant, Alter PLC Setpoints and Disable Alarms Within 26 Hours
Cybersecurity
TwoNet Hacktivists Breach Decoy Water Treatment Plant, Alter PLC Setpoints and Disable Alarms Within 26 Hours
October 10, 2025
AI Companion Apps Expose Millions of Intimate Messages after Unprotected Kafka Instances
Cybersecurity
AI Companion Apps Expose Millions of Intimate Messages after Unprotected Kafka Instances
October 10, 2025
Salesforce Refuses to Pay Ransom After Widespread CRM Data-Theft Campaigns
Cybersecurity
Salesforce Refuses to Pay Ransom After Widespread CRM Data-Theft Campaigns
October 8, 2025
Avnet Confirms EMEA Data Breach, Says Stolen Information Is Mostly Unreadable Without Internal Tools
Cybersecurity
Avnet Confirms EMEA Data Breach, Says Stolen Information Is Mostly Unreadable Without Internal Tools
October 8, 2025
Doctors Imaging Group Data Breach Exposes 171,000 Patients’ Medical and Financial Records
Cybersecurity
Doctors Imaging Group Data Breach Exposes 171,000 Patients’ Medical and Financial Records
October 8, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Fortnite and the FTC: How Epic Games Misled Players into Unwanted Purchases
June 27, 2025
In a landmark case that reshapes the conversation around digital ethics, the Federal Trade Commission’s $520 million settlement with Epic Games over its Fortnite monetization ...
Microsoft 365 Direct Send Exploited: How Phishing Emails Masquerade as Internal Messages
June 27, 2025
Phishing has long been a favored weapon of cybercriminals, but a recent revelation about Microsoft 365’s Direct Send feature has elevated the threat to a ...
Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Risk
June 27, 2025
A critical flaw in the Open VSX Registry—an open-source alternative to the Visual Studio Code Marketplace—recently put over 8 million developers at risk of mass ...
CitrixBleed 2: Critical NetScaler Vulnerability Enables Session Hijacking and MFA Bypass
June 27, 2025
A new critical vulnerability in Citrix NetScaler ADC and Gateway systems, dubbed CitrixBleed 2 (CVE-2025-5777), has emerged as a serious threat to remote access infrastructure. ...
Cross-Border Cyber Fraud Ring Busted After Stealing Over €400,000 Through Compromised Online Seller Accounts
June 27, 2025
Authorities in Germany and Romania dismantled a phishing fraud ring that stole over €400,000 using hijacked online seller accounts and fake listings on a major ...
Hawaiian Airlines Investigates Cybersecurity Event Amid IT Outage, Ransomware Suspected
June 27, 2025
Hawaiian Airlines reports a major cybersecurity event affecting its IT systems. Flights remain operational as authorities investigate a possible ransomware attack targeting the aviation sector. ...
Ahold Delhaize USA Cyberattack Exposes Over 2 Million Individuals in Widespread Data Breach
June 27, 2025
Ahold Delhaize USA confirms over 2.2 million individuals impacted in a 2024 cyberattack that exposed personal, financial, and medical data from internal company systems.
Nth Degree Data Breach Exposes Nearly 40,000 Identities, Including Event Staff and Partners
June 27, 2025
A data breach at event vendor Nth Degree exposed nearly 40,000 records, including full names and SSNs, raising privacy concerns across high-profile client organizations.
OneClik Cyberattack Campaign Targets Energy Sector Using Microsoft ClickOnce and AWS
June 26, 2025
A sophisticated cyber-espionage campaign named OneClik is actively targeting energy, oil, and gas organizations using a combination of legitimate cloud infrastructure and novel attack techniques. ...
Zero-Day Level Cisco ISE Flaws: Urgent Patch Required for Enterprise Security
June 26, 2025
Cisco has disclosed two critical security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products, both earning a maximum CVSS ...
Bonfy.AI Launches $9.5M Adaptive Content Security Platform to Govern AI and Human Data
June 26, 2025
In a major development at the intersection of cybersecurity and AI governance, Israeli startup Bonfy.AI has officially launched its adaptive content security platform, backed by ...
Central Kentucky Radiology’s 2024 Data Breach Affects 167,000
June 26, 2025
In October 2024, Central Kentucky Radiology (CKR), a Lexington-based imaging provider, became the latest victim of a growing trend in healthcare cyberattacks. An unauthorized actor ...
Why External Attack Surface Management Belongs at the Core of Your Cybersecurity Strategy
June 26, 2025
Discover why External Attack Surface Management (EASM) is vital for modern digital risk protection and how it enhances visibility, threat detection, and cyber resilience strategies. ...
Pro-Russian Hackers Disrupt Dutch Government Websites Amid Heightened NATO Security
June 26, 2025
Pro-Russian hacker group NoName057(16) claims responsibility for a DDoS attack that disrupted Dutch municipal websites during the NATO Summit’s peak security deployment.
OneClik Campaign Exploits Microsoft ClickOnce and AWS to Breach Energy and Industrial Networks
June 26, 2025
A stealthy malware campaign abuses Microsoft ClickOnce and AWS services to deploy Golang-based RunnerBeacon backdoors targeting energy and industrial organizations with advanced evasion techniques.
French Authorities Arrest BreachForums v2 Operators Behind Global Data Theft Campaigns
June 26, 2025
French police arrest BreachForums v2 operators, including ShinyHunters and IntelBroker, tied to major global and national data breaches affecting millions of users and enterprises.
Hacker ‘IntelBroker’ Indicted in $25M Global Data Theft Campaign
June 26, 2025
British hacker ‘IntelBroker’ charged by U.S. authorities for stealing and selling sensitive data worldwide, causing $25 million in damage to governments and global enterprises.
CISA Confirms Active Exploitation of Critical AMI MegaRAC BMC Vulnerability Enabling Remote Server Hijack
June 26, 2025
CISA confirms that a critical vulnerability in AMI MegaRAC BMC firmware is being exploited to hijack servers remotely, prompting urgent patching across government and enterprise ...
Columbia University Struggles to Restore Services Following Suspected Cyberattack
June 26, 2025
Columbia University is working to restore critical systems following a suspected cyberattack that has caused widespread outages, impacting thousands of students and faculty.
U.S. Government Pushes Back on Meta: WhatsApp Labeled a High-Risk App
June 25, 2025
The U.S. House of Representatives has officially banned the use of WhatsApp on all House-managed devices, citing significant data security risks. This move places WhatsApp ...
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Man Sentenced for Running “Evil Twin” Network at Australian Airports
French Football Federation Data Breach Exposes Administrative Management Software
Python Package Index Threatened by Legacy Code Vulnerabilities
GitLab Cloud Repositories Expose Over 17,000 Secrets, Raising Security Concerns
North Korean Threat Actors Intensify Efforts with Malicious npm Packages
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity