Main Menu
Cyber Security
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Kimwolf Botnet: A New Threat to Millions of Android Devices
Ledger Breach Due to Global-e Attack Compromises Customer Data
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
Trump Orders Emcore to Divest Chip Manufacturing Assets
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
Adobe ColdFusion Cyberattacks Surge During Holiday Period
British Security Researcher Earns Australia’s Prestigious Visa for Vulnerability Discovery
Ongoing Cryptocurrency Thefts Linked to 2022 LastPass Breach
Netflix Documentary Could Explore Crypto Crime: Part 2 Potential
OFAC Lifts Sanctions on Individuals Linked to Predator Spyware Consortium
Disney Agrees to $10 Million Settlement for COPPA Violations
New Variant of Shai Hulud Malware Found in npm Registry
Unleash Protocol Experiences a $3.9 Million Cryptocurrency Loss
European Space Agency Confirms Breach Impacting Servers with Unclassified Engineering Data
‘Zoom Stealer’ Puts Millions at Risk via Web Extensions on Major Browsers
Critical Vulnerability in SmarterTools SmarterMail Poses Severe Cybersecurity Risk
CISA Orders Federal Agencies to Patch Critical MongoDB Vulnerability Called MongoBleed
A Record Year: Cybersecurity Acquisitions in 2025 Surpass $84 Billion
How Artificial Intelligence is Being Integrated into Security Operations
Mustang Panda’s Novel Kernel-Mode Rootkit Used in Mid-2025 Cyber Attack Analysis
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
News
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
Mitchell Langley June 3, 2025
The Russian Market has surged in popularity as a major cybercrime marketplace, offering stolen credentials harvested by info-stealer malware like Lumma and Acreed.
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
News
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
Mitchell Langley June 1, 2025
Two critical vBulletin vulnerabilities, actively exploited in the wild, allow attackers to execute code remotely by abusing template logic and PHP’s Reflection API.
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
News
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
Andrew Doyle June 1, 2025
Exploit details for a critical Cisco IOS XE Wireless LAN Controller vulnerability (CVE-2025-20188) are now public, raising urgent concerns about remote code execution risks.
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
News
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
Mitchell Langley June 1, 2025
Germany has named Vitaly Kovalev, aka "Stern," as the leader of the Conti ransomware and TrickBot gangs in a major breakthrough tied to Operation Endgame. ...
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
News
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
Andrew Doyle June 1, 2025
Latrodectus malware infected over 44,000 IP addresses before Operation Endgame's global takedown, with Shadowserver warning of critical ongoing threats across infected systems.
Kaiser Permanente Recovers from Widespread Network Outage That Disrupted Patient Services Nationwide
News
Kaiser Permanente Recovers from Widespread Network Outage That Disrupted Patient Services Nationwide
Mitchell Langley June 1, 2025
Kaiser Permanente suffered a major network outage that disrupted electronic health records and patient services across the U.S. System functionality was restored the following day. ...
184 Million Login Credentials Exposed in Major Unprotected Database Leak
News
184 Million Login Credentials Exposed in Major Unprotected Database Leak
Andrew Doyle June 1, 2025
Over 184 million login credentials were exposed online in plain text, revealing widespread negligence in data protection and the growing threat of credential-based cyberattacks.
This Week In Cybersecurity: 26th to 30th May, 2025
Cybersecurity Newsletter
This Week In Cybersecurity: 26th to 30th May, 2025
Andrew Doyle May 30, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
Victoria’s Secret Takes Website Offline Following Security Incident
News
Victoria’s Secret Takes Website Offline Following Security Incident
Mitchell Langley May 30, 2025
Victoria’s Secret temporarily disabled its website and limited in-store services to address a cybersecurity incident. Third-party experts have been engaged; stores remain open.
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
News
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
Mitchell Langley May 30, 2025
An exposed Unimed server leaked over 14 million private patient-doctor messages, including medical data, documents, and IDs—posing major cybersecurity and privacy risks.
Russian Nuclear Facility Blueprints Exposed in Massive Security Breach
News
Russian Nuclear Facility Blueprints Exposed in Massive Security Breach
Andrew Doyle May 30, 2025
Russian nuclear facility blueprints were exposed in a public procurement database, revealing sensitive layouts of missile silos and bunkers tied to Moscow’s nuclear modernization.
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
News
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
Mitchell Langley May 30, 2025
Chinese APT41 hackers used Google Calendar to run malware operations and exfiltrate data, exploiting Calendar events for covert command-and-control and stealth communications.
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
News
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
Mitchell Langley May 29, 2025
Medusa ransomware claims a 150GB data breach at RE/MAX and demands $200K ransom. Exposed files include agent details, commissions, and internal property documents.
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
News
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
Mitchell Langley May 29, 2025
BSI warns of an unpatched flaw in Windows Server 2025 Active Directory that allows domain takeover via dMSA. Microsoft rates it moderate; Germany rates it ...
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
News
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
Andrew Doyle May 29, 2025
An exposed Azure storage bucket leaked 1.6 million customer emails from Etsy, TikTok Shop, and others, revealing names, addresses, and order data.
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
News
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
Andrew Doyle May 29, 2025
Everest ransomware group claims to have breached Jordan Kuwait Bank, stealing 11.7GB of internal data, including personal employee details, and demanding ransom by May 31. ...
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
News
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
Mitchell Langley May 29, 2025
Chaos ransomware has claimed a cyberattack on the Salvation Army, threatening to leak sensitive charity data unless demands are met. Scope and content remain undisclosed. ...
Alleged AT&T Data Breach Exposes 31 Million Records
News
Alleged AT&T Data Breach Exposes 31 Million Records
Andrew Doyle May 28, 2025
Hackers claim to have leaked 31 million AT&T user records, including tax IDs and IPs, though researchers cannot confirm the breach due to limited data ...
Russian Espionage Group ‘Laundry Bear’ Hacks Dutch Police and NATO-Aligned Targets
News
Russian Espionage Group ‘Laundry Bear’ Hacks Dutch Police and NATO-Aligned Targets
Andrew Doyle May 28, 2025
Dutch intelligence links a new Russian cyber espionage group, Laundry Bear, to attacks on NATO entities and the Dutch police targeting sensitive military and diplomatic ...
Firmware and Bootloaders Under Attack as Hackers Target Pre-OS Environments
News
Firmware and Bootloaders Under Attack as Hackers Target Pre-OS Environments
Mitchell Langley May 28, 2025
Hackers are escalating attacks on BIOS and bootloaders, exploiting pre-OS vulnerabilities to maintain persistence, evade detection, and bypass Secure Boot protections.
Generative AI Elevates Active Directory Password Attacks
Identity and Access Management
Generative AI Elevates Active Directory Password Attacks
Andrew Doyle January 7, 2026
Ledger Breach Due to Global-e Attack Compromises Customer Data
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Andrew Doyle January 6, 2026
Ledger Breach Due to Global-e Attack Compromises Customer Data
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Andrew Doyle January 6, 2026
Gavin Webb's Role in the Takedown of LockBit Ransomware
News
Gavin Webb’s Role in the Takedown of LockBit Ransomware
Gabby Lee January 5, 2026

TOP CYBERSECURITY HEADLINES

Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Cybersecurity
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Application Security
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Cybersecurity
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
Endpoint Security
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability

This Week’s Security Spotlight

Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Data Security
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Andrew Doyle January 6, 2026
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Information Security
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Gabby Lee January 6, 2026
A Record Year Cybersecurity Acquisitions in 2025 Surpass $84 Billion
Cybersecurity
A Record Year: Cybersecurity Acquisitions in 2025 Surpass $84 Billion
Andrew Doyle December 31, 2025
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
Application Security
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
Gabby Lee December 28, 2025
More In News
Trending
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
Feds Seize Database Targeting $28 Million Bank Account Theft
Arrests in Nigeria Reveal Cyberattack Links to Raccoon0365 and Microsoft 365
Phishing Attacks by Operation ForumTroll in Russia: A Closer Look at October 2025 Campaign

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Scattered Spider Strikes Again: Inside the VMware ESXi Ransomware Tactics
July 28, 2025
Podcasts
Koske Malware Hides in Panda Images, Weaponizes AI to Target Linux
July 25, 2025
Podcasts
Operation Checkmate: BlackSuit Ransomware’s Dark Web Sites Seized
July 25, 2025

Cyber Security News

CISA Orders Federal Agencies to Patch Samsung Zero-Day Exploited by LandFall Spyware
Application Security
CISA Orders Federal Agencies to Patch Samsung Zero-Day Exploited by LandFall Spyware
November 11, 2025
Konni Campaign Impersonates Human Rights Groups in Cross-Platform Espionage Operation
Cybersecurity
Konni Campaign Impersonates Human Rights Groups in Cross-Platform Espionage Operation
November 11, 2025
NAKIVO Enhances Disaster Recovery With Real-Time Replication and Multilingual Support
Application Security
NAKIVO Enhances Disaster Recovery With Real-Time Replication and Multilingual Support
November 10, 2025
Microsoft Reveals Whisper Leak Side-Channel Attack That Threatens LLM Communication Privacy
Cybersecurity
Microsoft Reveals Whisper Leak Side-Channel Attack That Threatens LLM Communication Privacy
November 10, 2025
Critical runC Vulnerabilities Undermine Container Isolation in Docker and Kubernetes
Application Security
Critical runC Vulnerabilities Undermine Container Isolation in Docker and Kubernetes
November 10, 2025
QNAP Patches Seven Zero-Day Vulnerabilities Exploited at Pwn2Own 2025
Cybersecurity
QNAP Patches Seven Zero-Day Vulnerabilities Exploited at Pwn2Own 2025
November 10, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Dell Breach by World Leaks: Extortion Attempt Hits Demo Platform
July 22, 2025
Dell Technologies is the latest target in a growing trend of data extortion attacks as threat actors pivot away from traditional ransomware. The cybercrime group ...
Termite Ransomware: The Silent Invader
July 22, 2025
Termite ransomware, active since at least late 2024, targets high-profile organizations. Recent victims include Blue Yonder and Zschimmer & Schwarz, highlighting its broad reach and ...
Ransomware-as-a-Service (RaaS): The Industrialization of Cybercrime and What Enterprises Must Do
July 22, 2025
Ransomware-as-a-Service (RaaS) enables cybercriminals to launch attacks at scale. Learn how it works, why it’s dangerous, and how enterprises can defend and recover effectively.
Critical VPN Vulnerability: ExpressVPN Exposed IPs via RDP Misrouting
July 22, 2025
A critical vulnerability in ExpressVPN’s Windows client has put a spotlight on the often-overlooked dangers of debug code making its way into production software. This ...
California Engineer Admits to Stealing U.S. Missile Detection Secrets for China
July 22, 2025
A California engineer admitted to stealing top-secret U.S. missile tracking technology and funneling it to China, exposing a deep insider espionage operation.
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
July 22, 2025
Dior is alerting U.S. customers about a data breach that exposed personal data. The cyberattack, linked to ShinyHunters, targeted LVMH brands via a third-party vendor. ...
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
July 22, 2025
A bug in ExpressVPN's Windows client leaked real IP addresses during RDP sessions. The issue, now fixed, affected traffic over port 3389 outside the VPN ...
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
July 22, 2025
A backend glitch at Ring caused customers to see unknown devices logged into their accounts, but Amazon insists there’s been no security breach or unauthorized ...
Dior Data Breach Exposes U.S. Customer Info in LVMH Vendor Attack
July 21, 2025
In this episode, we unpack the January 2025 data breach at Dior, the iconic luxury fashion house, which exposed sensitive personal information of U.S. customers—including ...
StrongestLayer Raises $5.2M to Fight AI-Powered Phishing with TRACE
July 21, 2025
In an era where generative AI is being used not just for productivity but for precision cybercrime, a San Francisco-based startup, StrongestLayer, is taking a ...
750,000 Records Exposed: Inside the TADTS Data Breach by BianLian
July 21, 2025
In July 2024, The Alcohol & Drug Testing Service (TADTS), a Texas-based company handling sensitive employment-related data, suffered a catastrophic data breach. Nearly 750,000 individuals ...
SS7 Is Still Broken: How Surveillance Firms Are Bypassing Telco Defenses
July 21, 2025
A new attack technique is exposing just how vulnerable global mobile networks remain in 2025. Cybersecurity firm Enea has discovered a surveillance operation that bypasses ...
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
July 21, 2025
Arch Linux pulled three AUR packages after discovering they delivered Chaos RAT malware through a malicious GitHub script, compromising Linux systems via community-sourced PKGBUILD files. ...
New CrushFTP Zero-Day Exploit Enables Admin Access on Unpatched Servers
July 21, 2025
CrushFTP warns of an actively exploited zero-day vulnerability (CVE-2025-54309) allowing full admin access via web interface on unpatched servers running outdated builds.
Widespread Cyberattack Exploits Microsoft SharePoint Zero-Day, Hits U.S. Agencies and Global Targets
July 21, 2025
Hackers exploited a zero-day in Microsoft SharePoint, breaching U.S. agencies, global businesses, and universities before patches were issued. Some breaches include loss of critical data. ...
Weekly Cybersecurity Newsletter: 14th to 18th August
July 19, 2025
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
July 18, 2025
BigONE cryptocurrency exchange suffered a $27 million breach involving its hot wallet. While user funds are safe, blockchain forensics reveal ongoing laundering of stolen assets. ...
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
July 18, 2025
LameHug malware uses an AI language model to craft system commands on the fly, targeting Windows machines in attacks linked to Russian-backed APT28.
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
July 18, 2025
Luxury fashion house Louis Vuitton confirmed that recent customer data breaches in the UK, South Korea, and Turkey all trace back to a single cyberattack ...
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Kimwolf Botnet: A New Threat to Millions of Android Devices
Ledger Breach Due to Global-e Attack Compromises Customer Data
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Cybersecurity Operation Snares Former ShinyHunters Member
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
Trump Orders Emcore to Divest Chip Manufacturing Assets
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
Adobe ColdFusion Cyberattacks Surge During Holiday Period
Phishing Campaign Targets Users with Google Cloud Application Exploitation
Two US Cybersecurity Professionals Admit Guilt in Ransomware Schemes