Main Menu
Cyber Security
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
CISA Warns of Craft CMS Code Injection Flaw
Top Cyber Threats Facing Enterprise Businesses in 2025: A Comprehensive Guide
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
Critical FortiSwitch Flaw Allows Remote Admin Password Changes
News
FortiSwitch Flaw Allows Remote Admin Password Changes
Andrew Doyle April 10, 2025
FortiSwitch vulnerability (CVE-2024-48887) lets attackers remotely change admin passwords. Fortinet released patches; immediate updates are crucial.
Oracle Denies Major Cloud Breach, Confirms Hack of "Obsolete Servers"
News
Oracle Denies Major Cloud Breach, Confirms Hack of “Obsolete Servers”
Andrew Doyle April 10, 2025
Oracle denies a major cloud breach, confirming instead a hack of obsolete servers. No Oracle Cloud customer data was compromised, the company claims.
Hackers Exploit SSRF Bug in EC2-Hosted Sites to Steal AWS Credentials
News
Hackers Exploit SSRF Bug in EC2-Hosted Sites to Steal AWS Credentials
Mitchell Langley April 10, 2025
Hackers exploited SSRF bugs in EC2-hosted sites to steal AWS credentials, accessing EC2 Metadata and potentially IAM credentials via IMDSv1. This highlights the ongoing threat ...
Western Sydney University Data Breach Exposes 10,000 Student Records
News
Western Sydney University Data Breach Exposes 10,000 Student Records
Mitchell Langley April 10, 2025
Western Sydney University confirms a data breach exposing the personal information of 10,000 students. The university is investigating and has contacted authorities.
Half of UK Firms Delay Digital Projects Due to Soaring Cyber Warfare Risks
News
Half of UK Firms Delay Digital Projects Due to Soaring Cyber Warfare Risks
Mitchell Langley April 9, 2025
Half of UK firms are delaying digital projects due to rising cyber warfare fears, according to a new report highlighting the impact of nation-state attacks ...
Treasury OCC Data Breach: Hackers Accessed 150,000 Emails Since June 2023
News
Treasury OCC Data Breach: Hackers Accessed 150,000 Emails Since June 2023
Andrew Doyle April 9, 2025
The Treasury's Office of the Comptroller of the Currency suffered a major data breach, exposing over 150,000 emails and sensitive financial data since June 2023.
WhatsApp Vulnerability Allows Malicious Code Execution on Windows PCs
News
WhatsApp Vulnerability Allows Malicious Code Execution on Windows PCs
Andrew Doyle April 9, 2025
WhatsApp flaw (CVE-2025-30401) lets attackers execute malicious code on Windows PCs by sending files with altered extensions. Update to WhatsApp 2.2450.6 or later immediately.
Rödl Management Data Breach, Personal Data Exposed
News
Rödl Management Data Breach, Personal Data Exposed
Mitchell Langley April 9, 2025
Rödl Management suffered a data breach between January 30 and February 9, 2024, compromising consumer data. Investigations are underway, and affected individuals are receiving notifications.
Mirai Botnet Exploiting TVT DVRs
News
Mirai Botnet Exploiting TVT DVRs
Mitchell Langley April 9, 2025
A new Mirai botnet is causing a surge in attacks targeting TVT NVMS9000 DVRs, exploiting a vulnerability to gain admin access and potentially launch DDoS ...
Fall River Public Schools Responds to Cybersecurity Breach
Cybersecurity
Fall River Public Schools Responds to Cybersecurity Breach
Andrew Doyle April 9, 2025
Fall River Public Schools confirms a cybersecurity breach, working with experts to investigate unauthorized network access and ensure data protection.
Kellogg Data Breached, Clop Ransomware Exploits Cleo Zero-Day Vulnerabilities
News
Kellogg Data Breached, Clop Ransomware Exploits Cleo Zero-Day Vulnerabilities
Andrew Doyle April 8, 2025
WK Kellogg confirms a data breach exposing employee names and social security numbers, linked to the Clop ransomware gang's exploitation of Cleo software vulnerabilities.
Superannuation Hack Exposes $4.2 Trillion Sector's Cybersecurity Vulnerabilities
News
Superannuation Hack Exposes $4.2 Trillion Sector’s Cybersecurity Vulnerabilities
Mitchell Langley April 8, 2025
A major superannuation hack exposed critical cybersecurity flaws, impacting major Australian funds and highlighting the urgent need for stronger security measures within the $4.2 trillion ...
Singapore Banks Suffer Ransomware Attack: DBS and Bank of China Affected
News
Singapore Banks Suffer Ransomware Attack: DBS and Bank of China Affected
Mitchell Langley April 8, 2025
Singapore's DBS and Bank of China suffered a data breach due to a ransomware attack on their printing services provider, impacting thousands of customers. Funds ...
Texas State Bar Data Breach Exposes Sensitive Attorney Information
News
Texas State Bar Data Breach Exposes Sensitive Attorney Information
Andrew Doyle April 8, 2025
Texas State Bar's data breach exposed sensitive attorney information, including SSNs, financial details, and legal case documents. Ransomware group INC claimed responsibility.
Everest Ransomware's Dark Web Leak Site Defaced and Taken Offline
News
Everest Ransomware’s Dark Web Leak Site Defaced and Taken Offline
Andrew Doyle April 8, 2025
Everest ransomware's dark web leak site was defaced, disrupting their double-extortion scheme. This highlights the vulnerability of even sophisticated cybercriminal operations and the importance of ...
EncryptHub Has a Double Life of a Cybercriminal and Bug Bounty Hunter
News
EncryptHub Has a Double Life of a Cybercriminal and Bug Bounty Hunter
Mitchell Langley April 8, 2025
Threat actor EncryptHub, responsible for compromising 618 organizations, secretly reported two Windows zero-day vulnerabilities to Microsoft, revealing a complex figure operating in both cybercrime and ...
Europcar Data Breach Affects 200,000 Customers
News
Europcar Data Breach Affects 200,000 Customers
Mitchell Langley April 7, 2025
Europcar's data breach potentially affects up to 200,000 customers after threat actors accessed GitLab repositories. The company confirms the breach but disputes the full extent ...
WinRAR Vulnerability Bypasses Windows Mark of the Web Security
News
WinRAR Vulnerability Bypasses Windows Mark of the Web Security
Mitchell Langley April 7, 2025
WinRAR vulnerability (CVE-2025-31334) bypasses Windows Mark of the Web security, enabling silent malicious code execution. Update to version 7.11 immediately.
E-ZPass Phishing Scam Targets E-ZPass
News
E-ZPass Phishing Scam Targets E-ZPass
Mitchell Langley April 7, 2025
A massive wave of phishing texts impersonating E-ZPass is stealing personal and financial data. Scammers use urgency and encrypted messaging to bypass security measures.
Port of Seattle Ransomware Attack Impacts 90,000 Individuals
News
Port of Seattle Ransomware Attack Impacts 90,000 Individuals
Andrew Doyle April 7, 2025
A ransomware attack on the Port of Seattle exposed the personal data of 90,000 individuals. The Rhysida ransomware group was responsible, and the Port refused ...
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Syed Arslan May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle April 21, 2025

TOP CYBERSECURITY HEADLINES

Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
News
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
News
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
Cybersecurity
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
Cybersecurity
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty

SECURITYWEEK INDUSTRY EXPERTS

M&S Confirms Customer Data Breach Following Cyberattack
News
M&S Confirms Customer Data Breach Following Cyberattack
Mitchell Langley May 13, 2025
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
News
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Mitchell Langley May 13, 2025
Thousands of Node Developers Compromised by Malware in Popular npm Packages
News
Thousands of Node Developers Compromised by Malware in Popular npm Packages
Andrew Doyle May 13, 2025
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
News
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Mitchell Langley May 13, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Kelly Benefits Breach: What 413,000 Exposed Records Teach Us About Cybersecurity
May 6, 2025
Podcasts
$491M Budget Cut: The White House Move That Could Reshape CISA
May 6, 2025
Podcasts
TikTok Fined €530M: GDPR Breach Over Data Transfers to China
May 5, 2025

Cyber Security News

Top Cyber Threats Facing Enterprise Businesses in 2025 A Comprehensive Guide
Blog
Top Cyber Threats Facing Enterprise Businesses in 2025: A Comprehensive Guide
February 13, 2025
State-Sponsored Hackers Abuse Google's Gemini AI for Attacks
Cybersecurity
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
February 4, 2025
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
Cybersecurity
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
January 29, 2025
List of 15 Networking Certifications by Security Vendors to Supercharge Your Career in 2025
Blog
Top 15 Networking Certifications to Supercharge Your Career in 2025
January 22, 2025
Top 10 Ransomware Groups of 2024 The Year's Most Active Cyber Threats
Blog
Top 10 Ransomware Groups of 2024: The Year’s Most Active Cyber Threats
January 14, 2025
Top 15 Cyberattacks of 2024 The Worst Incidents for Enterprise
Blog
Top 15 Cyberattacks of 2024: The Worst Incidents for Enterprise
January 8, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
April 24, 2025
A record-breaking 1.33 million-device botnet has driven a 110% surge in DDoS attacks in Q1 2025, targeting fintech, e-commerce, and telecom sectors.
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
April 24, 2025
Blue Shield of California disclosed a data breach impacting 4.7 million members after misconfigured Google Analytics exposed protected health information to Google Ads platforms.
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
April 24, 2025
Cybercrime losses in the U.S. hit $16.6 billion in 2024, with older adults and businesses suffering the most, according to new FBI complaint data.
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
April 23, 2025
Marks & Spencer confirms a cyberattack disrupting services, leading to delayed orders and affecting contactless payments, while assuring customers of ongoing efforts to resolve the ...
Qilin Ransomware: Tactics, Techniques, Procedures and Mitigation
April 23, 2025
Qilin ransomware, a potent threat emerging in 2022, has rapidly gained notoriety. This blog post delves into its advanced tactics, techniques, and procedures (TTPs), providing ...
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
April 23, 2025
Varonis researchers reveal Cookie-Bite, a proof-of-concept Chrome extension attack that steals Azure Entra ID session cookies to bypass MFA and access Microsoft 365 services.
SK Telecom Malware Incident Targets USIM Customer Data
April 23, 2025
SK Telecom has disclosed a malware attack that exposed sensitive USIM data, prompting swift containment, investigation, and enhanced security measures for its 34 million subscribers. ...
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
April 23, 2025
Baltimore City Public Schools confirms 25,000 people were impacted by a February ransomware attack that exposed sensitive employee and student information, including identification documents.
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
April 23, 2025
A zero-day flaw in Active! Mail is under active exploitation in Japan, affecting major providers and exposing data across enterprise, education, and government sectors.
The Second Scam: FBI Warns of IC3 Impersonators Targeting Fraud Victims
April 22, 2025
The FBI has issued a stark warning about a growing scam targeting individuals who’ve already been victimized. In this episode, we unpack how fraudsters are ...
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
April 22, 2025
The Scallywag ad fraud network used WordPress plugins to generate 1.4 billion daily ad requests, monetizing piracy and redirect sites before being dismantled.
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
April 22, 2025
The FBI warns of a scam where criminals impersonate IC3 officials, targeting prior fraud victims with false promises of fund recovery to steal financial information. ...
Abilene, Texas Shuts Down City Systems Following Cyberattack
April 22, 2025
Abilene, Texas has taken key systems offline after a cyberattack. City services are disrupted but emergency response remains intact. Investigation and recovery efforts continue.
Imaflex Inc. Data Breach Exposes Personal and Employment Data
April 22, 2025
Imaflex Inc. Data Breach Exposes Personal and Employment Data: Legal Investigation Underway Imaflex Inc. has disclosed a data breach that exposed sensitive personal and employment-related ...
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
April 22, 2025
Google confirms a phishing campaign targeting Gmail users that abused DKIM and Google Sites to send spoofed legal requests and steal user credentials undetected.
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
April 22, 2025
Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance, for financial gain and potential ...
This Week In Cybersecurity: April 1st to 5th, 2025
April 21, 2025
This week in cybersecurity covers a range of incidents, including the shutdown of openSNP over privacy concerns, a data breach affecting 173,000 patients, and a ...
This Week In Cybersecurity: March 3rd to 7th, 2025
April 21, 2025
This Week in Cybersecurity: Data Breaches, Ransomware, Threat Actors, Ransomware Protection and more!
Ransomware Victims on Dark Web – 10th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 04th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations
Marbled Dust’s Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
M&S Confirms Customer Data Breach Following Cyberattack
TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Thousands of Node Developers Compromised by Malware in Popular npm Packages
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
rand-user-agent: The NPM Package That Opened a Backdoor
160,000 Victims Later: The Aspire USA Breach Under Valsoft’s Watch
Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain
Pegasus Spyware, WhatsApp v. NSO Group, and the Global Battle for Data Privacy
How CodeAnt AI is Automating Code Reviews for 50+ Dev Teams
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure