Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
How to Backup and Restore the Windows Registry
Blog
How to Backup and Restore the Windows Registry
Andrew Doyle July 29, 2025
Protect your system settings from accidental changes or corruption. Learn how to safely backup and restore the Windows Registry with this easy step-by-step guide.
Google Patches Gemini CLI Vulnerability That Enabled Silent Code Execution and Data Theft
News
Google Patches Gemini CLI Vulnerability That Enabled Silent Code Execution and Data Theft
Mitchell Langley July 28, 2025
A critical flaw in Google’s Gemini CLI exposed developers to silent command execution and data theft through poisoned context files, prompting an urgent security patch. ...
Tea App Data Breach Deepens as 1.1 Million Private Messages Are Exposed
News
Tea App Data Breach Deepens as 1.1 Million Private Messages Are Exposed
Mitchell Langley July 28, 2025
Tea app’s data breach escalates as 1.1 million private messages and 72,000 sensitive images, including government IDs and selfies, are leaked on hacker forums.
NASCAR Confirms Data Breach Tied to Medusa Ransomware Gang, SSNs Exposed
News
NASCAR Confirms Data Breach Tied to Medusa Ransomware Gang, SSNs Exposed
Andrew Doyle July 28, 2025
NASCAR confirms a data breach exposing Social Security numbers, linked to Medusa ransomware gang. Victims are receiving breach notifications and one year of credit monitoring. ...
Hackers Claim Deep Access to Systems, Threaten to Leak Passenger Data
News
Hackers Claim Deep Access to Systems, Threaten to Leak Passenger Data
Mitchell Langley July 28, 2025
Aeroflot suffers massive cyberattack by pro-Ukraine hackers, disrupting flights, destroying 7,000 servers, and exposing personal data of passengers and staff. A criminal probe is underway. ...
CISA Warns of Ongoing Exploits Targeting PaperCut RCE Vulnerability, Urges Immediate Patching
News
CISA Warns of Ongoing Exploits Targeting PaperCut RCE Vulnerability, Urges Immediate Patching
Andrew Doyle July 28, 2025
CISA warns that hackers are actively exploiting a PaperCut vulnerability (CVE-2023-2533) for remote code execution, urging organizations to patch systems immediately to reduce risk.
Exploit Published for Actively Exploited Cisco ISE Vulnerability Leading to Root Access
News
Exploit Published for Actively Exploited Cisco ISE Vulnerability Leading to Root Access
Mitchell Langley July 28, 2025
Cisco ISE vulnerability CVE-2025-20281 now has a public exploit, enabling remote root access. Active exploitation is confirmed. Patching remains the only defense.
BlackSuit Ransomware Operation Disrupted in Global Law Enforcement Seizure
News
BlackSuit Ransomware Operation Disrupted in Global Law Enforcement Seizure
Mitchell Langley July 28, 2025
Authorities have seized the BlackSuit ransomware gang’s dark web site, disrupting its operations as members appear to rebrand under a new name: Chaos ransomware.
Scattered Spider Ramps Up VMware ESXi Attacks Targeting U.S. Enterprise Virtual Infrastructure
News
Scattered Spider Ramps Up VMware ESXi Attacks Targeting U.S. Enterprise Virtual Infrastructure
Mitchell Langley July 28, 2025
Scattered Spider hackers are compromising VMware ESXi infrastructure through social engineering, enabling full control and ransomware deployment without exploiting any software vulnerabilities.
Allianz Life Data Breach Exposes Information of Over 1 Million Customers
News
Allianz Life Data Breach Exposes Information of Over 1 Million Customers
Andrew Doyle July 28, 2025
A recent data breach at Allianz Life compromised personal data of most of its 1.4 million customers via a third-party CRM system, possibly tied to ...
Amazon Q Developer Extension Compromised to Include Data-Wiping Commands
News
Amazon Q Developer Extension Compromised to Include Data-Wiping Commands
Mitchell Langley July 28, 2025
A hacker breached Amazon's AI coding assistant for Visual Studio Code, injecting data-wiping instructions before detection. A patched version was released following security reports.
Philadelphia Insurance Companies Reports Personal Data Breach After June Cyber Incident
News
Philadelphia Insurance Companies Reports Personal Data Breach After June Cyber Incident
Mitchell Langley July 28, 2025
Philadelphia Insurance Companies has confirmed a personal data breach involving driver’s license numbers and birth dates following a June cyberattack that disrupted multiple insurers.
Fog Ransomware: Data in the Mist
Resources
Fog Ransomware: Data in the Mist
Mitchell Langley July 24, 2025
Fog ransomware, a prolific and secretive threat actor, targets organizations globally, deploying sophisticated multi-stage attacks resulting in data encryption and exfiltration. Victims span various sectors. ...
Chinese Espionage Groups Target SharePoint Servers in Large-Scale Exploitation Campaigns
News
Chinese Espionage Groups Target SharePoint Servers in Large-Scale Exploitation Campaigns
Andrew Doyle July 23, 2025
Microsoft links SharePoint attacks to three Chinese espionage groups, urging immediate patching as critical vulnerabilities enable full server compromise without authentication.
Interlock Ransomware Escalates Attacks on North America and Europe, Warns CISA
News
Interlock Ransomware Escalates Attacks on North America and Europe, Warns CISA
Mitchell Langley July 23, 2025
CISA and FBI warn that Interlock ransomware is accelerating attacks across North America and Europe, targeting healthcare and critical infrastructure with advanced RATs and extortion ...
AMEOS Healthcare Network Confirms Cyberattack, Patient and Employee Data Potentially Exposed
News
AMEOS Healthcare Network Confirms Cyberattack, Patient and Employee Data Potentially Exposed
Mitchell Langley July 23, 2025
AMEOS Group, a leading healthcare provider in Central Europe, has confirmed a data breach affecting patients, employees, and partners. Investigation and containment measures are ongoing. ...
Scammers Exploit Net Financing and Corporate Identities to Steal High-Value Tech Equipment
News
Scammers Exploit Net Financing and Corporate Identities to Steal High-Value Tech Equipment
Andrew Doyle July 23, 2025
Scammers posing as real businesses use stolen corporate identities and net financing to order expensive equipment—vanishing with goods before invoices come due.
Naval Group Suffers Cyberattack: Hackers Claim Access to French Warship Combat Systems
News
Naval Group Suffers Cyberattack: Hackers Claim Access to French Warship Combat Systems
Mitchell Langley July 23, 2025
Naval Group, France’s top warship builder, is allegedly breached by hackers claiming access to combat systems source code, raising serious national security concerns.
Ransomware Attack Destroys 158-Year-Old Firm After Weak Password Breach
News
Ransomware Attack Destroys 158-Year-Old Firm After Weak Password Breach
Andrew Doyle July 22, 2025
A weak employee password allowed ransomware hackers to cripple 158-year-old logistics firm KNP, causing 700 job losses and highlighting the growing threat of ransomware attacks. ...
Veeam Recovery Orchestrator Locks Out Users After MFA Rollout in Faulty Update
News
Veeam Recovery Orchestrator Locks Out Users After MFA Rollout in Faulty Update
Andrew Doyle July 22, 2025
Veeam Recovery Orchestrator's latest update causes user lockouts after enabling MFA. A fix is available, but affected users must contact support for remediation.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Scattered Spider Strikes Again: Inside the VMware ESXi Ransomware Tactics
July 28, 2025
Podcasts
Koske Malware Hides in Panda Images, Weaponizes AI to Target Linux
July 25, 2025
Podcasts
Operation Checkmate: BlackSuit Ransomware’s Dark Web Sites Seized
July 25, 2025

Cyber Security News

Portugal Establishes Legal Safe Harbor for Ethical Hackers
Cybersecurity
Portugal Establishes Legal Safe Harbor for Ethical Hackers
December 9, 2025
Clickjacking Tactics Exploit SVG and CSS Understanding the New Threat
Cybersecurity
Clickjacking Tactics Exploit SVG and CSS: Understanding the New Threat
December 9, 2025
IDEsaster Uncovering Security Flaws in AI-Powered IDEs
Application Security
IDEsaster: Uncovering Security Flaws in AI-Powered IDEs
December 9, 2025
FBI Warns of Social Media Images Exploited for Virtual Kidnapping Scams
Cybersecurity
FBI Warns of Social Media Images Exploited for Virtual Kidnapping Scams
December 8, 2025
GlobalProtect Logins and SonicWall APIs Come Under Fire from Hacking Campaign
Endpoint Security
GlobalProtect Logins and SonicWall APIs Come Under Fire from Hacking Campaign
December 8, 2025
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
Endpoint Security
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
December 8, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Clickjacking Vulnerability Exposes Autofill Data Across Major Extensions
August 21, 2025
Attackers use ADFS redirect phishing through legitimate office.com links, bypassing URL filters and MFA, to steal Microsoft 365 logins via malvertising and conditional access tricks.
Financial App Data Leak in Turkey Puts Millions at Risk
August 21, 2025
An unprotected MongoDB tied to FinansCepte and FinansWebde exposed over four million records, putting Turkish users at risk of phishing, credential stuffing, and manipulated financial ...
GenAI Powers Harder-to-Detect Phishing Threats
August 21, 2025
New research from Unit 42 shows adversaries are combining AI website builders, writing assistants, deepfakes, and chatbots to automate large-scale campaigns that closely mimic trusted ...
PyPI Cracks Down on Domain Expiration Attacks to Protect Python Packages
August 20, 2025
The Python Package Index (PyPI), the backbone of the global Python ecosystem, has rolled out new security safeguards aimed at stopping a dangerous form of ...
AI Joins the Fight Against Exploits: Google and Mozilla Patch Dangerous Vulnerabilities
August 20, 2025
Both Google and Mozilla have rolled out urgent security updates to patch multiple high-severity vulnerabilities in their flagship browsers—Google Chrome and Mozilla Firefox—underscoring the constant ...
Britain Backs Down: UK Drops Encryption Backdoor Demand on Apple
August 20, 2025
A major international clash over encryption has come to a dramatic resolution. Earlier this year, the U.K. government, acting under its controversial Investigatory Powers Act ...
PipeMagic Backdoor: How Ransomware Actors Exploited a Windows Zero-Day
August 20, 2025
In early 2025, Microsoft and security researchers uncovered PipeMagic, a modular and memory-resident backdoor that has been quietly leveraged in ransomware campaigns worldwide. Disguised as ...
270,000 Intel Employee Records at Risk from Authentication Bypass and Hardcoded Credentials
August 20, 2025
In late 2024, Intel faced a major cybersecurity wake-up call when security researcher Eaton Zveare uncovered a series of vulnerabilities inside the company’s internal systems—flaws ...
LG Hai Phong Earns CSMS Level 3 Certification at Its Largest Vehicle Component Base
August 20, 2025
LG’s Hai Phong plant earned CSMS Level 3 Certification from TÜV Rheinland, the first facility to hold both Level 2 and Level 3 simultaneously, validating ...
XenoRAT Malware Campaign Targets Embassies in South Korea
August 20, 2025
A multi-stage espionage campaign using XenoRAT malware has targeted foreign embassies in South Korea, with evidence linking the activity to both North Korean and Chinese ...
SentinelOne Expands Partnership With Mimecast to Advance People-Focused Cybersecurity
August 20, 2025
SentinelOne and Mimecast deepen integration, pairing Singularity endpoint telemetry with Human Risk Management to prioritize people-focused cybersecurity and reduce human-caused breaches.
Inotiv Ransomware Attack Disrupts Operations After Qilin Claims 176GB Data Theft
August 19, 2025
Inotiv confirms a ransomware attack encrypted systems and data, disrupting operations. SEC filing cites Qilin claims of 176GB theft as investigators restore and assess impact.
Researcher Harvests 270k Employee Records Exploiting Intel Flaw
August 19, 2025
Researcher Eaton Zveare found four flaws that exposed 270,000 Intel employee records via unauthenticated APIs and hardcoded credentials, then received only an automated “Thank You ...
How Social Engineering and Vendor Weaknesses Led to Allianz Life’s Massive Breach
August 19, 2025
In July 2025, Allianz Life Insurance Company of North America confirmed a data breach impacting over 1.1 million customers, financial professionals, and employees—a stark reminder ...
Cloud Computing Heist: $3.5 Million Fraud Leads to Prison for Fake Crypto Influencer
August 19, 2025
The U.S. Department of Justice has closed the chapter on one of the most audacious cloud fraud and cryptojacking schemes in recent years. Charles O. ...
Lexington-Richland 5 Data Breach Exposes Students’ Names, Addresses and SSNs
August 19, 2025
Lexington-Richland 5 says former students’ names, addresses and Social Security numbers were posted on a threat-actor forum after a June breach; notifications and monitoring offered.
Panera Agrees to $2.5M Settlement After 2024 Data Breach
August 19, 2025
Panera agrees to a $2.5 million settlement after a February 2024 cyber incident; about 147,321 eligible claimants can seek documented or tiered payments.
IBM Finds “AI Oversight Gap” in Organizations That Suffered AI-Related Breaches
August 19, 2025
IBM reports 97% of organisations in AI-related breaches lacked AI access controls; shadow AI added $670,000 to average breach costs while defensive AI sped containment.
Embassy Espionage: Kimsuky and Suspected Chinese Partners Deploy XenoRAT in Seoul
August 19, 2025
A new wave of state-sponsored cyber espionage is sweeping across South Korea, targeting foreign embassies through highly tailored, multi-stage spearphishing campaigns. Security researchers at Trellix ...
GSMA Confirms Flaws: Researchers Unveil Dangerous 5G Sniffing and Injection Attack
August 19, 2025
A groundbreaking security study from the Singapore University of Technology and Design has revealed a major vulnerability in 5G networks that allows attackers to bypass ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited