Main Menu
Cyber Security
Truffle Security Secures $25 Million to Expand Secrets Scanning Capabilities
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack
Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
Attackers Exploit Critical Plugin Flaw to Hijack Admin Access on 400,000+ WordPress Sites
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Google’s November 2025 Android Security Update Fixes Critical Remote Code Execution Flaw
Swedish Privacy Regulator Launches Investigation Into Miljödata Cyberattack
Microsoft Plans to Retire Defender Application Guard for Office by 2027
Nikkei Slack Breach Exposes 17,000 Employees’ and Partners’ Data
Emergency WSUS Patch Breaks Hotpatching Function for Windows Server 2025 Systems
SleepyDuck Malware Poses Supply Chain Threat Through Fake VS Code Extension
How Device Code Phishing Abuses OAuth Flows on Google and Azure
Balancer Protocol Breached in $128 Million Attack on DeFi Pools
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
Indian Government Issues High-Severity Warning for Google Chrome Users
South Korea’s Telecom Giants Grapple With Cyber Breaches and Executive Shakeups
Proton Warns of 300 Million Stolen Credentials Fueling Global Data Breach Crisis
Paragon Spyware Used in WhatsApp Hacking Scandal
News
Paragon Spyware Used in WhatsApp Hacking Scandal
Mitchell Langley February 10, 2025
Paragon Solutions, maker of Paragon spyware, terminated its contract with Italy following allegations its software was used in a WhatsApp spyware attack targeting journalists and ...
HPE Notifies Employees of Breach Stealing Data in Office 365 Hack
News
HPE Notifies Employees of Breach Stealing Data in Office 365 Hack
Mitchell Langley February 10, 2025
HPE confirms a May 2023 Office 365 hack by Russian state-sponsored hackers, Cozy Bear, resulting in a data breach affecting employee data including driver's licenses ...
Cyberattack on Lee Enterprises Causes Disruption Across US Newspapers
News
Cyberattack on Lee Enterprises Causes Disruption Across US Newspapers
Mitchell Langley February 10, 2025
Cyberattack on Lee Enterprises disrupted numerous US newspapers, halting printing, affecting websites, and causing subscriber access issues. The Lee Cyberattack investigation is ongoing.
Cisco Data Breach: Kraken Ransomware Group Leaks Sensitive Credentials
News
Cisco Data Breach: Kraken Ransomware Group Leaks Sensitive Credentials
Mitchell Langley February 10, 2025
Cisco data breach exposed sensitive credentials, allegedly leaked by the Kraken ransomware group. The leaked data includes NTLM hashes and privileged accounts, highlighting the threat ...
This Facebook Phishing Attack Could Steal EVERYTHING!
News
This Facebook Phishing Attack Could Steal EVERYTHING!
Mitchell Langley February 10, 2025
Facebook attack uses phishing emails claiming copyright infringement to steal data. Protect yourself now!
This Week In Cybersecurity: 04th February to 06th February
Cybersecurity Newsletter
This Week In Cybersecurity: 04th February to 06th February
Mitchell Langley February 7, 2025
This week saw significant cybersecurity incidents, including a ransomware attack on the New York Blood Center, disrupting vital blood supplies during a shortage. Connecticut's Community ...
Frederick Health Hospital's Ransomware Disaster Patient Care Disrupted
News
Frederick Health Hospital’s Ransomware Disaster: Patient Care Disrupted
Andrew Doyle February 7, 2025
On January 27, 2025, Frederick Health Hospital (FHH) became the target of a sophisticated ransomware attack, forcing the immediate shutdown ...
NCC Group's Cyber Threat Intelligence Report Reveals Record Ransomware Attacks
News
NCC Group’s Cyber Threat Intelligence Report Reveals Record Ransomware Attacks
Mitchell Langley February 6, 2025
NCC Group's 2024 cyber threat report reveals a record 5,263 ransomware attacks, with LockBit and RansomHub leading the surge. The industrial sector was hardest hit, ...
NCC Group's Cyber Threat Intelligence Report Reveals Record Ransomware Attacks
News
Hackers Spoof Microsoft ADFS Login Pages in Phishing Attacks
Mitchell Langley February 6, 2025
Hackers spoof Microsoft ADFS login pages, bypassing MFA to steal credentials and launch further phishing attacks targeting corporate email accounts. This highlights the threat of ...
Connecticut Healthcare Data Breach Exposes 1 Millions Records
News
Connecticut Healthcare Data Breach Exposes 1 Millions Records
Mitchell Langley February 6, 2025
The Connecticut healthcare data breach has affected over one million Connecticut residents, marking one of the largest healthcare data breaches in recent history.
Ransomware Payments Drop 35%: Chainalysis Reports Victims Refuse to Pay Ransom
News
Ransomware Payments Drop 35%: Chainalysis Reports Victims Refuse to Pay Ransom
Mitchell Langley February 6, 2025
Ransomware payments plummeted by 35% in 2024, totaling $814 million. This significant drop, reported by Chainalysis, suggests increased law enforcement effectiveness and victim resistance to ...
State-Sponsored Hackers Abuse Google's Gemini AI for Attacks
Cybersecurity
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
Mitchell Langley February 4, 2025
Multiple state-sponsored groups are using Google's Gemini AI assistant. They use it primarily for productivity improvements. However, they also use it for reconnaissance and attack ...
US Healthcare Provider Data Breach at Connecticut Impacts 1 Million Patients
News
US Healthcare Provider Data Breach at Connecticut Impacts 1 Million Patients
Mitchell Langley February 4, 2025
A massive healthcare provider data breach at Connecticut's Community Health Center exposed the personal and health data of over 1 million patients, including Social Security ...
Prevent Data Breaches with Amazon Redshift Enhanced Security
News
Prevent Data Breaches with Amazon Redshift Enhanced Security
Mitchell Langley February 4, 2025
Amazon Redshift enhances security defaults to prevent data breaches and ransomware by restricting public access, enabling encryption, and enforcing SSL connections, mitigating risks like the ...
GrubHub Data Breach Exposes Customer, Driver, and Merchant Data
News
GrubHub Data Breach Exposes Customer, Driver, and Merchant Data
Gabby Lee February 4, 2025
The GrubHub data breach has compromised the personal information of an unspecified number of customers, merchants, and drivers. The attack ...
Mississippi Electric Utility Data Breach Affects 20,000 Residents
News
Mississippi Electric Utility Data Breach Affects 20,000 Residents
Gabby Lee February 4, 2025
The Mississippi electric utility, Yazoo Valley Electric Power Association, suffered a data breach affecting 20,000 residents. The breach exposed personal information, prompting identity theft protection ...
New York Blood Center Ransomware Attack
News
New York Blood Center Ransomware Attack: Critical Blood Supplies at Risk
Mitchell Langley February 4, 2025
The New York Blood Center Enterprises (NYBCe) suffered a ransomware attack on January 26th, disrupting operations and impacting blood supplies amid a pre-existing blood shortage.
BRS Cyber Attack: Data Breach at Business Registration Exposes Sensitive Business Information
News
BRS Cyber Attack: Data Breach at Business Registration Exposes Sensitive Business Information
Mitchell Langley February 3, 2025
Cyberattack on Kenya's Business Registration Services (BRS) has exposed sensitive company data, sold on the dark web. Authorities investigate, ruling out ransomware.
DeepSeek AI Data Breach Causes National Security Risks and Data Privacy Concerns
News
DeepSeek AI Data Breach Causes National Security Risks and Data Privacy Concerns
Mitchell Langley January 31, 2025
The DeepSeek AI data breach exposed sensitive user data, raising national security concerns and prompting warnings from U.S. officials about privacy violations and corporate espionage.
This Week In Cybersecurity: 27th January to 31st January
Cybersecurity Newsletter
This Week In Cybersecurity: 27th January to 31st January
Mitchell Langley January 31, 2025
British Museum Forced to Close After IT Attack by Ex-worker The British Museum experienced an IT attack attributed to a ...
AI-Generated Malicious VS Code Extension Raises Concerns Over Marketplace Security
Application Security
AI-Generated Malicious VS Code Extension Raises Concerns Over Marketplace Security
Andrew Doyle November 7, 2025
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Cybersecurity
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Gabby Lee November 6, 2025
ClickFix Malware Evolves New Tactics Use Video Guides and Timers to Increase Infection Rates
Cybersecurity
ClickFix Malware Evolves: New Tactics Use Video Guides and Timers to Increase Infection Rates
Mitchell Langley November 6, 2025
Clop Ransomware Group Adds The Washington Post to Leak Site After Alleged Breach
News
Clop Ransomware Group Adds The Washington Post to Leak Site After Alleged Breach
Mitchell Langley November 6, 2025

TOP CYBERSECURITY HEADLINES

Clop Ransomware Group Adds The Washington Post to Leak Site After Alleged Breach
News
Clop Ransomware Group Adds The Washington Post to Leak Site After Alleged Breach
Nevada Completes Full Recovery from Devastating Statewide Ransomware Attack
Cybersecurity
Nevada Completes Full Recovery from Devastating Statewide Ransomware Attack
Truffle Security Secures $25 Million to Expand Secrets Scanning Capabilities
Application Security
Truffle Security Secures $25 Million to Expand Secrets Scanning Capabilities
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack
Cybersecurity
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack

This Week’s Security Spotlight

Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Data Security
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Gabby Lee November 6, 2025
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Application Security
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Mitchell Langley November 4, 2025
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
Application Security
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
Gabby Lee November 3, 2025
University of Pennsylvania Data Breach Exposes 1.2 Million Donor Records
Data Security
University of Pennsylvania Data Breach Exposes 1.2 Million Donor Records
Andrew Doyle November 2, 2025
More In News
Trending
CoPhish Exploit via Microsoft Copilot: OAuth Token Theft Exposes Trusted Domains
Moroccan Cybercriminals Employ Advanced Deception to Steal Gift Cards
11 Types of Social Engineering Attacks and How to Prevent Them
Co-Op Reports $107 Million Loss After Scattered Spider Cyberattack

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Scattered Spider Strikes Again: Inside the VMware ESXi Ransomware Tactics
July 28, 2025
Podcasts
Koske Malware Hides in Panda Images, Weaponizes AI to Target Linux
July 25, 2025
Podcasts
Operation Checkmate: BlackSuit Ransomware’s Dark Web Sites Seized
July 25, 2025

Cyber Security News

Gmail Breach Exposes 2.5 Billion Accounts in Social Engineering Attack
Cybersecurity
Gmail Breach Exposes 2.5 Billion Accounts in Social Engineering Attack
August 25, 2025
Ethical and Regulatory Challenges in AI-Driven Cybersecurity
Blog
Ethical and Regulatory Challenges in AI-Driven Cybersecurity
August 25, 2025
AI-Powered DDoS Attacks Prompt Advanced Defense Mechanisms
Blog
AI-Powered DDoS Attacks Prompt Advanced Defense Mechanisms
August 25, 2025
Palo Alto Networks Forecasts 10.5B in 2026 Revenue on AI Cybersecurity Growth
Cybersecurity
Palo Alto Networks Forecasts $10.5B in 2026 Revenue on AI Cybersecurity Growth
August 25, 2025
WinRAR Zero-Day Vulnerability Exploited by Multiple Threat Actors
Application Security
WinRAR Zero-Day Vulnerability Exploited by Multiple Threat Actors
August 25, 2025
FortiOS Auth Bypass Vulnerability Allows Attackers to Gain Full Control
Cybersecurity
FortiOS Auth Bypass Vulnerability Allows Attackers to Gain Full Control
August 22, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE
May 12, 2025
A new supply chain attack has emerged—this time targeting macOS users of the Cursor AI code editor through rogue npm packages. In this episode, we ...
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
May 12, 2025
Chinese threat group Chaya_004 exploited a zero-day flaw in SAP NetWeaver servers, compromising hundreds of systems using remote code execution and web shell deployments.
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
May 12, 2025
The iClicker website was hacked between April 12–16, 2025, using a fake CAPTCHA to deploy malware via a ClickFix attack targeting students and faculty.
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
May 12, 2025
LockBit's dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a leaked MySQL database.
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
May 12, 2025
Ascension confirms a third-party data breach affecting 437,329 patients, exposing sensitive personal and medical data, including Social Security numbers and health insurance details.
PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain
May 8, 2025
A zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824, became the center of a global cybersecurity storm when it was ...
Pegasus Spyware, WhatsApp v. NSO Group, and the Global Battle for Data Privacy
May 8, 2025
In this episode, we dive deep into the legal, technical, and geopolitical implications of the U.S. court ruling in WhatsApp v. NSO Group—a landmark case ...
How CodeAnt AI is Automating Code Reviews for 50+ Dev Teams
May 8, 2025
AI tools are generating more code than ever — but who’s reviewing it? In this episode, we spotlight CodeAnt AI, the fast-growing platform built to ...
The Truth About Identity Attacks: How to Protect Your Business and Data
May 8, 2025
In today's digital landscape, identity attacks are rampant, costing businesses millions and causing irreparable damage to reputations. This comprehensive guide explores seven common identity-based attacks, ...
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
May 8, 2025
U.S. Oil and Gas Sectors Face Persistent Cyber Threats, CISA Warns The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory warning that ...
NSO Group Fined $167 Million for Pegasus Spyware Attack on WhatsApp Users
May 8, 2025
A U.S. jury has ordered NSO Group to pay over $167 million in damages for a 2019 Pegasus spyware attack that targeted 1,400 WhatsApp users. ...
PowerSchool Hacker Now Extorting Individual School Districts Using Stolen Data
May 8, 2025
The PowerSchool hacker is now targeting individual school districts, threatening to leak sensitive student and staff data stolen in the December 2024 breach.
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
May 8, 2025
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail sectors.
The Langflow Breach: How a Popular AI Tool Opened the Door to Hackers
May 7, 2025
A newly disclosed zero-day vulnerability, CVE-2025-3248, is being actively exploited in the wild—and it’s targeting Langflow, a popular open-source framework for building AI-powered applications. In ...
Mirai Reloaded: Why CVE-2024-7399 Still Haunts Samsung Servers
May 7, 2025
In this episode, we break down the active exploitation of CVE-2024-7399, a critical path traversal and arbitrary file upload vulnerability in Samsung MagicINFO 9 Server. ...
UK Retail Cyberattacks Prompt Urgent Warning from National Cyber Security Centre
May 7, 2025
The UK’s NCSC has issued a warning after recent cyberattacks disrupted major retailers including Marks & Spencer, Harrods, and Co-op, urging stronger cybersecurity readiness.
CVE-2025-31324: A Critical SAP Zero-Day in Active Exploitation
May 7, 2025
A critical zero-day vulnerability — CVE-2025-31324 — is shaking the enterprise tech world. In this episode, we dive deep into the alarming exploit targeting SAP NetWeaver ...
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
May 7, 2025
Masimo disclosed a cyberattack impacting manufacturing and logistics, coinciding with the $350M sale of its Sound United audio brands to Samsung subsidiary Harman.
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
May 7, 2025
Ransom House claims to have breached German brewing giant Oettinger, threatening to leak sensitive data if the company fails to meet its ransom demands.
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
May 7, 2025
CISA confirms active exploitation of critical Langflow RCE flaw CVE-2025-3248, urging urgent updates to prevent full server takeover through exposed API endpoints.
Clop Ransomware Group Adds The Washington Post to Leak Site After Alleged Breach
Nevada Completes Full Recovery from Devastating Statewide Ransomware Attack
Truffle Security Secures $25 Million to Expand Secrets Scanning Capabilities
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack
Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak