Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Termite Ransomware: The Silent Invader
Resources
Termite Ransomware: The Silent Invader
Gabby Lee July 22, 2025
Termite ransomware, active since at least late 2024, targets high-profile organizations. Recent victims include Blue Yonder and Zschimmer & Schwarz, highlighting its broad reach and ...
Ransomware-as-a-Service (RaaS) The Industrialization of Cybercrime and What Enterprises Must Do
Blog
Ransomware-as-a-Service (RaaS): The Industrialization of Cybercrime and What Enterprises Must Do
Andrew Doyle July 22, 2025
Ransomware-as-a-Service (RaaS) enables cybercriminals to launch attacks at scale. Learn how it works, why it’s dangerous, and how enterprises can defend and recover effectively.
California Engineer Admits to Stealing U.S. Missile Detection Secrets for China
News
California Engineer Admits to Stealing U.S. Missile Detection Secrets for China
Mitchell Langley July 22, 2025
A California engineer admitted to stealing top-secret U.S. missile tracking technology and funneling it to China, exposing a deep insider espionage operation.
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
News
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
Mitchell Langley July 22, 2025
A backend glitch at Ring caused customers to see unknown devices logged into their accounts, but Amazon insists there’s been no security breach or unauthorized ...
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
News
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
Mitchell Langley July 22, 2025
A bug in ExpressVPN's Windows client leaked real IP addresses during RDP sessions. The issue, now fixed, affected traffic over port 3389 outside the VPN ...
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
News
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
Andrew Doyle July 22, 2025
Dior is alerting U.S. customers about a data breach that exposed personal data. The cyberattack, linked to ShinyHunters, targeted LVMH brands via a third-party vendor. ...
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
News
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
Andrew Doyle July 21, 2025
Arch Linux pulled three AUR packages after discovering they delivered Chaos RAT malware through a malicious GitHub script, compromising Linux systems via community-sourced PKGBUILD files. ...
New CrushFTP Zero-Day Exploit Enables Admin Access on Unpatched Servers
News
New CrushFTP Zero-Day Exploit Enables Admin Access on Unpatched Servers
Mitchell Langley July 21, 2025
CrushFTP warns of an actively exploited zero-day vulnerability (CVE-2025-54309) allowing full admin access via web interface on unpatched servers running outdated builds.
Widespread Cyberattack Exploits Microsoft SharePoint Zero-Day, Hits U.S. Agencies and Global Targets
News
Widespread Cyberattack Exploits Microsoft SharePoint Zero-Day, Hits U.S. Agencies and Global Targets
Mitchell Langley July 21, 2025
Hackers exploited a zero-day in Microsoft SharePoint, breaching U.S. agencies, global businesses, and universities before patches were issued. Some breaches include loss of critical data. ...
Weekly Cybersecurity Newsletter: 14th to 18th August
Cybersecurity Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Andrew Doyle July 19, 2025
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
News
BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
Mitchell Langley July 18, 2025
BigONE cryptocurrency exchange suffered a $27 million breach involving its hot wallet. While user funds are safe, blockchain forensics reveal ongoing laundering of stolen assets. ...
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
News
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
Andrew Doyle July 18, 2025
LameHug malware uses an AI language model to craft system commands on the fly, targeting Windows machines in attacks linked to Russian-backed APT28.
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
News
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
Mitchell Langley July 18, 2025
Luxury fashion house Louis Vuitton confirmed that recent customer data breaches in the UK, South Korea, and Turkey all trace back to a single cyberattack ...
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
News
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
Mitchell Langley July 18, 2025
A critical Cisco ISE vulnerability (CVE-2025-20337) exposes systems to remote code execution and root access. Enterprises must upgrade to Patch 7 or Patch 2 immediately. ...
Chinese APT Group Salt Typhoon Breaches U.S. National Guard Network, Steals Critical Configuration Files
News
Chinese APT Group Salt Typhoon Breaches U.S. National Guard Network, Steals Critical Configuration Files
Andrew Doyle July 18, 2025
Salt Typhoon, a Chinese state-backed hacking group, quietly breached a U.S. Army National Guard network for nine months, stealing sensitive configuration files and credentials.
Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
News
Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
Mitchell Langley July 17, 2025
A phishing email targeting a real construction project led Broken Bow Public Schools in Nebraska to mistakenly transfer $1.8 million to cybercriminals.
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US
News
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US
Andrew Doyle July 17, 2025
Salt Typhoon, a Chinese cyber-espionage group, infiltrated a US state's Army National Guard network, exfiltrating sensitive data and threatening nationwide cybersecurity coordination efforts.
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
News
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
Mitchell Langley July 17, 2025
Chinese hackers known as Salt Typhoon infiltrated a U.S. state’s Army National Guard network, accessing sensitive data tied to every other state and four territories. ...
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
News
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
Andrew Doyle July 17, 2025
UK retailer Co-op confirms a cyberattack in April stole personal data of 6.5 million members. Threat actors linked to Scattered Spider used social engineering tactics. ...
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
News
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
Mitchell Langley July 17, 2025
A 21-year-old U.S. Army soldier pleaded guilty to hacking and extorting major telecom firms using stolen credentials, SSH brute tools, SIM-swapping, and cybercrime forums.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Coyote Malware Exploits Microsoft UI Automation in First-Ever Wild Attack
July 25, 2025
Podcasts
No Fix Coming: Remote Code Execution Flaw in 1,300 LG Security Cameras
July 25, 2025
Podcasts
ToolShell Exploited: China-Linked Hackers Breach NNSA and U.S. Government Networks
July 24, 2025

Cyber Security News

India Reverses Decision on Mandating Preinstalled Cybersecurity App on Smartphones
Cybersecurity
India Reverses Decision on Mandating Preinstalled Cybersecurity App on Smartphones
December 8, 2025
Virginia Brothers Face Conspiracy Charges Over Alleged Data Theft and Database Destruction
Cybersecurity
Virginia Brothers Face Conspiracy Charges Over Alleged Data Theft and Database Destruction
December 8, 2025
Russia Orders Block on FaceTime and Snapchat Amid Security Concerns
Cybersecurity
Russia Orders Block on FaceTime and Snapchat Amid Security Concerns
December 8, 2025
Inotiv Reports Massive Data Breach Impacting Thousands
Data Security
Inotiv Reports Massive Data Breach Impacting Thousands
December 8, 2025
Agentic Security Fortifies Its Position with $130 Million Funding Round
Cybersecurity
Agentic Security Fortifies Its Position with $130 Million Funding Round
December 8, 2025
Porsche Owners in Russia Face Unexpected Disruption Satellite Security System Malfunction
Cybersecurity
Porsche Owners in Russia Face Unexpected Disruption: Satellite Security System Malfunction
December 8, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
PayPal Denies Breach Amid 16M Login Leak on Dark Web
August 19, 2025
A forum post claims 15.8 million PayPal credentials were leaked; PayPal says the data ties to a 2022 incident. Researchers could not verify the full ...
SAP NetWeaver Under Siege: New Exploit Chains Threaten Global Enterprises
August 19, 2025
SAP NetWeaver, one of the world’s most critical enterprise platforms, is under active attack from both ransomware groups and state-backed hackers. A newly released exploit ...
NIST Proposes AI Cybersecurity Overlays to Secure Generative and Predictive Systems
August 19, 2025
The National Institute of Standards and Technology (NIST) has released a concept paper proposing control overlays to secure artificial intelligence (AI) systems, including generative and ...
Microsoft Opens Inquiry After Reports Israel Used Azure for Mass Surveillance
August 19, 2025
Microsoft probes allegations Unit 8200 used Azure to store millions of Palestinian call recordings. The company says mass surveillance of civilians would violate Azure terms.
Ransomware Gangs Deploy Kernel-Level EDR Killers to Evade Detection
August 18, 2025
Ransomware gangs are no longer just encrypting files and demanding payment—they are actively targeting the very defenses meant to stop them. Recent reports reveal a ...
Chinese APTs Target Taiwan: UAT-7237’s SoundBill Loader and Gelsemium’s FireWood Backdoor
August 18, 2025
Taiwan continues to face an unprecedented wave of cyberattacks, with new intelligence exposing two distinct but sophisticated campaigns linked to Chinese threat actors. Together, they ...
Colt Cyberattack: Multi-Day Outages After WarLock Ransomware Exploited SharePoint Zero-Day
August 18, 2025
Colt Technology Services, a major UK-based telecommunications provider with operations in over 40 countries, has confirmed that the WarLock ransomware group is behind the cyberattack ...
Workday Breach Tied to Third-Party CRM Hack in ShinyHunters Campaign
August 18, 2025
Workday, one of the world’s leading providers of human resources and financial management software, has confirmed a data breach that exposed business contact information through ...
MoD Contractor Data Breach Exposes Thousands Of Afghan Nationals
August 18, 2025
MoD confirms a contractor-linked data breach affecting up to 3,700 ARAP arrivals, exposing names and passport details and reigniting concerns over subcontractor security and Afghan ...
AT&T Settlement Clears $177M for Victims Of 2019 and 2024 Data Breaches
August 18, 2025
Federal court approves $177 million AT&T settlement covering 2019 and 2024 data breaches; claimants can seek documented losses or tiered payments, with $7,500 maximum possible.
DOJ Brings Down Zeppelin Ransomware Operator, Seizes Millions in Crypto
August 18, 2025
The U.S. Department of Justice has successfully dismantled a major operator behind the notorious Zeppelin ransomware, charging Russian national Ianis Aleksandrovich Antropenko with conspiracy to ...
Workday Data Breach Linked To Third-Party CRM Amid Salesforce Social Engineering Wave
August 18, 2025
Workday discloses a data breach tied to a third-party CRM after social engineering attacks. No tenant data was accessed; business contact details were exposed amid ...
Healthplex Fined $2M After Phishing-Driven Data Breach Exposed Tens Of Thousands
August 18, 2025
A phishing click at Healthplex exposed tens of thousands’ health data; delayed reporting triggered a $2 million DFS fine and a mandatory independent MFA audit.
Bragg Discloses Cybersecurity Incident; Says Impact Appears Limited
August 18, 2025
Bragg Gaming Group detected a cybersecurity incident on August 16, 2025. Preliminary findings say the impact was internal only, with no indication personal data was ...
WestJet Data Breach Exposes Passenger Details, Including Names, DOB and Travel Details
August 18, 2025
WestJet confirms a June cyberattack exposed passenger details but not payment data. The airline offers two years of TransUnion monitoring and identity restoration while the ...
Crypto24 Ransomware: The Phantom Encryptor
August 18, 2025
Crypto24 is a rising ransomware group targeting mid-sized global firms, using stealth tools, cloud exfiltration, and double-extortion tactics to steal, encrypt, and leak sensitive data.
Charon Ransomware: Stealthy Cyber Extortion Syndicate
August 18, 2025
Charon ransomware, emerging in 2025, targets Middle East sectors with APT-level tactics, DLL sideloading, hybrid encryption, and advanced evasion, posing a severe threat to critical ...
U.S. Seizes $1M in Cryptocurrency from BlackSuit Ransomware Gang
August 18, 2025
U.S. agencies seized over $1 million in cryptocurrency and critical infrastructure from the BlackSuit ransomware gang. While the takedown marks progress, core members have already ...
Citrix NetScaler Zero-Day Breach Hits Critical Dutch Infrastructure
August 18, 2025
A Citrix NetScaler zero-day, CVE-2025-6543, has been exploited in the wild, leading to breaches of Dutch critical infrastructure. Thousands of devices remain unpatched worldwide, prompting ...
Why Supply Chain Security is a 2025 Cyber Priority
August 18, 2025
Supply chain security has become a top cybersecurity priority in 2025. Weak vendor defenses, low visibility, and nation-state attacks are fueling breaches, underscoring the urgent ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited