Main Menu
Cyber Security
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware: CISA’s Critical Alert
Silver Fox Impersonates Russian Hackers in Tactical SEO Poisoning Campaign
Intellexa’s Predator Spyware Exploits Zero-click ‘Aladdin’ Mechanism in Targeted Attacks
Niobium Secures $23 Million to Advance Homomorphic Encryption
Russian Internet Authority Blocks Roblox Over Content Concerns
Leroy Merlin France Security Breach Exposes Customer Data
Google Expands Support for Android’s In-Call Scam Protection to More Financial Institutions
Microsoft Silently Patches Long-Exploited Windows Vulnerability
Major Universities Affected in Oracle E-Business Suite Hacking Campaign
Freedom Mobile Data Breach: Protecting Consumer Information in the Telecom Sector
North Korea’s Covert IT Workforce Exposed: Unmasking the Chollima Scheme
FTC Targets EdTech Giant Illuminate After Data Breach Exposes 10 Million Students
Cybersecurity Incident at Three-Council: Data Breach Adds Complexity
GlassWorm Supply Chain Attack Compromises Developer Tools
Shai-Hulud Strikes Again: Massive Data Exposure from NPM Attack
Microsoft Investigates Defender XDR Portal Access Disruptions
University of Pennsylvania Data Breach: Clop’s Zero-Day Exploit Targets Oracle’s E-Business Suite
Zafran Security Accelerates Global Expansion with $60 Million Series C Funding
Albiriox Banking Trojan Poses New Threat to Android Devices
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Young Cybercriminals: Rebels Without a Cause in the Digital World
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
Microsoft Tackles Excel Attachment Issue in New Outlook Client
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OBR Launches Investigation After Budget Forecast Leak
Everest Ransomware's Dark Web Leak Site Defaced and Taken Offline
News
Everest Ransomware’s Dark Web Leak Site Defaced and Taken Offline
Andrew Doyle April 8, 2025
Everest ransomware's dark web leak site was defaced, disrupting their double-extortion scheme. This highlights the vulnerability of even sophisticated cybercriminal operations and the importance of ...
EncryptHub Has a Double Life of a Cybercriminal and Bug Bounty Hunter
News
EncryptHub Has a Double Life of a Cybercriminal and Bug Bounty Hunter
Mitchell Langley April 8, 2025
Threat actor EncryptHub, responsible for compromising 618 organizations, secretly reported two Windows zero-day vulnerabilities to Microsoft, revealing a complex figure operating in both cybercrime and ...
Europcar Data Breach Affects 200,000 Customers
News
Europcar Data Breach Affects 200,000 Customers
Mitchell Langley April 7, 2025
Europcar's data breach potentially affects up to 200,000 customers after threat actors accessed GitLab repositories. The company confirms the breach but disputes the full extent ...
WinRAR Vulnerability Bypasses Windows Mark of the Web Security
News
WinRAR Vulnerability Bypasses Windows Mark of the Web Security
Mitchell Langley April 7, 2025
WinRAR vulnerability (CVE-2025-31334) bypasses Windows Mark of the Web security, enabling silent malicious code execution. Update to version 7.11 immediately.
E-ZPass Phishing Scam Targets E-ZPass
News
E-ZPass Phishing Scam Targets E-ZPass
Mitchell Langley April 7, 2025
A massive wave of phishing texts impersonating E-ZPass is stealing personal and financial data. Scammers use urgency and encrypted messaging to bypass security measures.
Port of Seattle Ransomware Attack Impacts 90,000 Individuals
News
Port of Seattle Ransomware Attack Impacts 90,000 Individuals
Andrew Doyle April 7, 2025
A ransomware attack on the Port of Seattle exposed the personal data of 90,000 individuals. The Rhysida ransomware group was responsible, and the Port refused ...
CISA Warns of Fast Flux DNS Evasion Used by Cybercrime Gangs
News
CISA Warns of Fast Flux DNS Evasion Used by Cybercrime Gangs
Andrew Doyle April 4, 2025
CISA warns of Fast Flux DNS evasion, a technique used by cybercrime gangs to mask malicious activity by rapidly changing DNS records, making detection and ...
COBIT 2019 vs. COBIT 5 What’s New and Why It Matters
Blog
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
Andrew Doyle April 4, 2025
The IT world is constantly changing, and so are the frameworks that govern it. This blog post delves into the significant differences between COBIT 5 ...
Texas State Bar Data Breach: INC Ransomware Gang Claims Responsibility
News
Texas State Bar Data Breach: INC Ransomware Gang Claims Responsibility
Mitchell Langley April 4, 2025
The Texas State Bar suffered a data breach between January 28 and February 9, 2025, with the INC ransomware gang claiming responsibility and leaking stolen ...
GitHub Supply Chain Attack Traced to Leaked SpotBugs Token
News
GitHub Supply Chain Attack Traced to Leaked SpotBugs Token
Mitchell Langley April 4, 2025
A devastating GitHub supply chain attack, targeting Coinbase, stemmed from a leaked SpotBugs token, exposing secrets in 218 repositories and highlighting critical vulnerabilities in open-source ...
Oracle Cloud Breach Confirmed, Data Theft Impacts Legacy Systems
News
Oracle Cloud Breach Confirmed, Data Theft Impacts Legacy Systems
Andrew Doyle April 4, 2025
Oracle confirms a data breach impacting its legacy Oracle Cloud Classic system, resulting in the theft of client credentials. Investigations are underway, but the company's ...
$500,000 Lost in Australian Superannuation Fund Data Breach
News
$500,000 Lost in Australian Superannuation Fund Data Breach
Mitchell Langley April 4, 2025
Major Australian superannuation funds experienced a data breach, resulting in $500,000 in losses and impacting thousands of members via a credential stuffing attack.
Hunters International Shifts to Data Extortion and Rebrands as World Leaks
News
Hunters International Shifts to Data Extortion and Rebrands as World Leaks
Andrew Doyle April 4, 2025
Hunters International, a notorious ransomware operation, has rebranded as World Leaks, shifting its focus to data extortion.
KillSec: Hacktivists Turned RaaS Syndicate
Resources
KillSec: Hacktivists Turned RaaS Syndicate
Andrew Doyle April 4, 2025
KillSec, a Russia-linked RaaS group, targets healthcare and finance, leveraging OSINT and affiliates for extortion, showing a preference for Asian victims over Western ones.
CVE Vulnerability Alerts - 18th March, 2025
CVE Vulnerability Alerts
CVE Vulnerability Alerts – 18th March, 2025
Andrew Doyle April 4, 2025
This post summarizes various vulnerabilities from recent CVE alerts that could potentially be exploited by malicious actors. Each entry includes brief information on the vulnerability, ...
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
Blog
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
Mitchell Langley April 4, 2025
The cost of data breach is skyrocketing. This in-depth analysis reveals the staggering financial impact and strategies for mitigation. Learn more.
ChatGPT is Down Worldwide Impacting Millions
Cybersecurity
ChatGPT is Down Worldwide Impacting Millions
Mitchell Langley April 3, 2025
Global ChatGPT outage caused widespread disruption, displaying a "Something went wrong" error. OpenAI acknowledged the problem and implemented a fix.
Royal Mail Data Breach: No Operational Impact Reported
News
Royal Mail Data Breach: No Operational Impact Reported
Andrew Doyle April 3, 2025
Royal Mail investigates a data breach involving third-party supplier Spectos GmbH. Over 144GB of data, including customer PII, was leaked; however, Royal Mail operations remain ...
Triada Malware Preloaded on Counterfeit Android Devices
News
Triada Malware Preloaded on Counterfeit Android Devices
Andrew Doyle April 3, 2025
Counterfeit Android phones are infecting users with Triada malware pre-installed in the firmware, stealing data and cryptocurrency. This supply chain attack highlights the risks of ...
Urgent Security Alert: Exploited CSLU Backdoor Threatens Cisco Systems
News
Urgent Security Alert: Exploited CSLU Backdoor Threatens Cisco Systems
Mitchell Langley April 3, 2025
Exploited Cisco CSLU backdoor admin account enables unauthorized access and control. Immediate patching is critical to prevent attacks.
Porsche Owners in Russia Face Unexpected Disruption Satellite Security System Malfunction
Cybersecurity
Porsche Owners in Russia Face Unexpected Disruption: Satellite Security System Malfunction
Andrew Doyle December 8, 2025
Hackers Breach Marquis A Fintech Data Nightmare
Cybersecurity
Hackers Breach Marquis: A Fintech Data Nightmare
Gabby Lee December 5, 2025
DragonForce Ransomware A New Collaboration in Cybercrime
News
DragonForce Ransomware: A New Collaboration in Cybercrime
Gabby Lee December 5, 2025
University of Pennsylvania Data Breach Clop's Zero-Day Exploit Targets Oracle's E-Business Suite
Cybersecurity
University of Pennsylvania Data Breach: Clop’s Zero-Day Exploit Targets Oracle’s E-Business Suite
Gabby Lee December 3, 2025

TOP CYBERSECURITY HEADLINES

Chinese Hackers Exploit VMware vSphere with Brickstorm Malware CISA's Critical Alert
Application Security
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware: CISA’s Critical Alert
Silver Fox Impersonates Russian Hackers in Tactical SEO Poisoning Campaign
Cybersecurity
Silver Fox Impersonates Russian Hackers in Tactical SEO Poisoning Campaign
Intellexa's Predator Spyware Exploits Zero-click 'Aladdin' Mechanism in Targeted Attacks
Cybersecurity
Intellexa’s Predator Spyware Exploits Zero-click ‘Aladdin’ Mechanism in Targeted Attacks
DragonForce Ransomware A New Collaboration in Cybercrime
News
DragonForce Ransomware: A New Collaboration in Cybercrime

This Week’s Security Spotlight

Russian Internet Authority Blocks Roblox Over Content Concerns
Cybersecurity
Russian Internet Authority Blocks Roblox Over Content Concerns
Mitchell Langley December 5, 2025
React Server Components' Security Flaw Risks Unauthenticated Remote Code Execution
CVE Vulnerability Alerts
React Server Components’ Security Flaw Risks Unauthenticated Remote Code Execution
Andrew Doyle December 5, 2025
Cybersecurity Incident at Three-Council Data Breach Adds Complexity
Cybersecurity
Cybersecurity Incident at Three-Council: Data Breach Adds Complexity
Mitchell Langley December 3, 2025
South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Andrew Doyle December 2, 2025
More In News
Trending
AI-Powered Phishing Campaigns Mimic Enterprise Marketing Operations
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Scattered Spider Strikes Again: Inside the VMware ESXi Ransomware Tactics
July 28, 2025
Podcasts
Koske Malware Hides in Panda Images, Weaponizes AI to Target Linux
July 25, 2025
Podcasts
Operation Checkmate: BlackSuit Ransomware’s Dark Web Sites Seized
July 25, 2025

Cyber Security News

RediShell Zero-Day in Redis Permits Remote Code Execution on Exposed Instances
Cybersecurity
RediShell Zero-Day in Redis Permits Remote Code Execution on Exposed Instances
October 7, 2025
Oracle E-Business Suite Zero-Day Exploited, Authorities Urge Immediate Patching
Cybersecurity
Oracle E-Business Suite Zero-Day Exploited, Authorities Urge Immediate Patching
October 7, 2025
NIST Flags DeepSeek Adoption Over Security, Censorship and Cost Concerns
Cybersecurity
NIST Flags DeepSeek Adoption Over Security, Censorship and Cost Concerns
October 7, 2025
Unity Engine Flaw Permits Code Execution on Android and Escalation on Windows
Cybersecurity
Unity Engine Flaw Permits Code Execution on Android and Escalation on Windows
October 7, 2025
Salesforce Faces Extortion Threat After Salesloft OAuth Token Exploits
Cybersecurity
Salesforce Faces Extortion Threat After Salesloft OAuth Token Exploits
October 6, 2025
Discord Discloses Support Ticket Breach After Unauthorized Access to Third-Party System
Cybersecurity
Discord Discloses Support Ticket Breach After Unauthorized Access to Third-Party System
October 6, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
DragonForce Ransomware: The Evolving Threat to Healthcare Data
June 17, 2025
In this episode, we dive deep into the current state of cybersecurity in healthcare, where the growing sophistication of cyber threats has led to increasingly ...
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
June 17, 2025
Cybercriminals are now targeting the U.S. insurance sector with Scattered Spider-style tactics—experts warn of imminent threats involving phishing, SIM swapping, and MFA abuse.
Zoomcar Confirms Data Breach Impacting 8.4 Million Users Following Threat Actor Alert
June 17, 2025
Zoomcar has confirmed a cybersecurity breach affecting 8.4 million users, exposing names, contact details, and vehicle data—but not financial information or passwords.
Hackers Claim Breach of Scania’s Corporate Insurance Arm, 34,000 Files Allegedly Stolen
June 17, 2025
Hackers claim to have breached Scania’s corporate insurance arm, stealing 34,000 internal files. The targeted platform remains offline, citing maintenance.
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
June 17, 2025
A ransomware attack forced Germany’s century-old napkin manufacturer Fasana into insolvency, halting production, delaying salaries, and causing losses over €2 million in two weeks.
Google’s $32B Bid for Wiz Faces DOJ Fire: A Cloud Security Power Play or Market Grab?
June 17, 2025
In this episode, we break down the seismic implications of Google’s proposed $32 billion acquisition of Wiz, the world’s largest cybersecurity unicorn—and why this isn’t ...
SimpleHelp Exploit Fallout: Ransomware Hits Utility Billing Platforms
June 16, 2025
In this critical episode, we dive into the alarming exploitation of CVE-2024-57727, a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software actively leveraged by ...
TeamFiltration and Token Theft: The Cyber Campaign Microsoft Never Saw Coming
June 16, 2025
In this episode, we dissect UNK_SneakyStrike—a major account takeover campaign targeting Microsoft Entra ID users with precision and scale. Tracked by Proofpoint, this campaign began ...
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
June 16, 2025
Hackers have claimed to leak a database containing 64 million records linked to T-Mobile, one of the largest mobile carriers in the U.S. The data ...
Debt Collection Breach at CCC Exposes Data of Over 9 Million Americans
June 16, 2025
A cyberattack on Credit Control Corporation exposed data of 9.1 million Americans, including personal and financial records. Attackers may exploit the information for targeted scams. ...
Yes24 Ransomware Attack Disrupts South Korea’s Entertainment Industry, Exposes Millions to Risk
June 16, 2025
A ransomware attack on Yes24, South Korea’s leading ticket platform, brought services to a halt, disrupted major K-pop events, and triggered fears over customer data ...
Cyberattack Disrupts WestJet Internal Systems, Airline Investigating with Authorities
June 16, 2025
A cyberattack on Canada’s second-largest airline, WestJet, disrupted internal systems and app access, prompting an ongoing investigation involving law enforcement and transport authorities.
Three CVEs, One Risk: Arbitrary Code Execution in Nessus Agent for Windows
June 16, 2025
In this episode, we dive deep into one of the most critical attack techniques in modern cyber warfare: privilege escalation—and how it recently hit center ...
WestJet Cyberattack: Cracks in Aviation’s Digital Armor
June 16, 2025
A major cyberattack has rocked Canada’s second-largest airline, WestJet—crippling internal systems and prompting warnings for customers to monitor their accounts and change passwords. But this ...
Victoria’s Secret Restores Critical Systems Following Cyberattack That Delayed Q1 Earnings
June 16, 2025
Victoria’s Secret confirms full restoration of core systems after a May cyberattack disrupted corporate operations and forced a delay in the company’s Q1 earnings release. ...
Over 46,000 Grafana Instances Still Vulnerable to ‘Grafana Ghost’ Account Takeover Bug
June 16, 2025
A critical vulnerability in Grafana leaves over 46,000 internet-facing instances exposed to account hijacking and JavaScript injection through malicious plugin redirects.
Silent Surveillance: The Hidden Risks in 40,000+ Unsecured Cameras
June 15, 2025
In this episode, we dig into a disturbing yet underreported national security threat: the exploitation of internet-connected surveillance cameras—especially those manufactured in the People’s Republic ...
Paragon’s Promise vs. Reality: How Graphite Is Being Used Against Journalists and Activists
June 15, 2025
In this episode, we dive deep into the alarming revelations surrounding Graphite, a powerful spyware tool developed by Israeli firm Paragon Solutions. Promoted as a ...
zeroRISC Secures $10M to Commercialize OpenTitan and Reinvent Supply Chain Security
June 14, 2025
zeroRISC just raised $10 million to bring OpenTitan—the first open-source silicon Root of Trust—to market. In this episode, we break down what this funding means ...
Fog, RedFox, and the Rise of Silent Intruders: Cyberattacks Surge Against Financial Institutions
June 14, 2025
The financial services industry is under siege. In this episode, we unpack the latest findings from Radware’s 2025 Financial Threat Analysis and multiple intelligence reports ...
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware: CISA’s Critical Alert
Silver Fox Impersonates Russian Hackers in Tactical SEO Poisoning Campaign
Intellexa’s Predator Spyware Exploits Zero-click ‘Aladdin’ Mechanism in Targeted Attacks
DragonForce Ransomware: A New Collaboration in Cybercrime
Niobium Secures $23 Million to Advance Homomorphic Encryption
Aisuru Botnet: New DDoS Attack Record Set at 29.7 Tbps
Water Saci Threat Actor Evolves Tactics with Sophisticated Infection Chain
Russian Internet Authority Blocks Roblox Over Content Concerns
Leroy Merlin France Security Breach Exposes Customer Data
Google Expands Support for Android’s In-Call Scam Protection to More Financial Institutions
Critical Elementor Addons Flaw CVE-2025-8489 Actively Exploited on WordPress Sites
Microsoft Silently Patches Long-Exploited Windows Vulnerability
React Server Components’ Security Flaw Risks Unauthenticated Remote Code Execution
Major Universities Affected in Oracle E-Business Suite Hacking Campaign
Freedom Mobile Data Breach: Protecting Consumer Information in the Telecom Sector
North Korea’s Covert IT Workforce Exposed: Unmasking the Chollima Scheme
FTC Targets EdTech Giant Illuminate After Data Breach Exposes 10 Million Students
Cybersecurity Incident at Three-Council: Data Breach Adds Complexity
GlassWorm Supply Chain Attack Compromises Developer Tools
Shai-Hulud Strikes Again: Massive Data Exposure from NPM Attack