Main Menu
Cyber Security
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Cybersecurity
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Syed Arslan May 8, 2025
U.S. Oil and Gas Sectors Face Persistent Cyber Threats, CISA Warns The Cybersecurity and Infrastructure Security Agency (CISA) has issued ...
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Syed Arslan May 8, 2025
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail sectors.
UK Retail Cyberattacks Prompt Urgent Warning from National Cyber Security Centre
News
UK Retail Cyberattacks Prompt Urgent Warning from National Cyber Security Centre
Mitchell Langley May 7, 2025
The UK’s NCSC has issued a warning after recent cyberattacks disrupted major retailers including Marks & Spencer, Harrods, and Co-op, urging stronger cybersecurity readiness.
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
News
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
Mitchell Langley May 7, 2025
Masimo disclosed a cyberattack impacting manufacturing and logistics, coinciding with the $350M sale of its Sound United audio brands to Samsung subsidiary Harman.
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
News
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
Andrew Doyle May 7, 2025
Ransom House claims to have breached German brewing giant Oettinger, threatening to leak sensitive data if the company fails to meet its ransom demands.
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
News
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
Mitchell Langley May 7, 2025
CISA confirms active exploitation of critical Langflow RCE flaw CVE-2025-3248, urging urgent updates to prevent full server takeover through exposed API endpoints.
“Bring Your Own Installer” EDR Bypass Used in Ransomware Attack Targeting SentinelOne
News
“Bring Your Own Installer” EDR Bypass Used in Ransomware Attack Targeting SentinelOne
Andrew Doyle May 7, 2025
A new “Bring Your Own Installer” bypass lets ransomware actors disable SentinelOne EDR protection by exploiting the agent upgrade process, leaving endpoints exposed to attack. ...
Rhysida Ransomware Gang Claims Cyberattack on Peruvian Government Systems
News
Rhysida Ransomware Gang Claims Cyberattack on Peruvian Government Systems
Andrew Doyle May 6, 2025
Rhysida ransomware group has claimed responsibility for a cyberattack on Peru’s government systems, demanding payment for stolen data while officials deny any breach occurred.
Anonymous Hacks GlobalX Airline Over Deportation Flights Linked to ICE and Trump-Era Policy
News
Anonymous Hacks GlobalX Airline Over Deportation Flights Linked to ICE and Trump-Era Policy
Mitchell Langley May 6, 2025
Anonymous defaced a GlobalX subdomain and leaked flight manifests related to ICE deportation flights of Venezuelan migrants, protesting Trump-era policies ruled unlawful by a federal ...
Trump’s Security Adviser Targeted in Messaging App Breach Linked to Signal Clone
News
Trump’s Security Adviser Targeted in Messaging App Breach Linked to Signal Clone
Mitchell Langley May 6, 2025
A hacked Signal clone used by Trump’s former security adviser Mike Waltz has raised serious concerns over the safety of sensitive government communications.
New York Post X Account Hacked and Hijacked in Targeted Crypto Scam
News
New York Post X Account Hacked and Hijacked in Targeted Crypto Scam
Andrew Doyle May 6, 2025
Hackers hijacked the New York Post’s verified X account to target crypto users via direct messages, redirecting victims to a Telegram-based scam under false pretenses. ...
EU Fines TikTok €530 Million For Data Protection Failures
News
EU Fines TikTok €530 Million For Data Protection Failures
Mitchell Langley May 6, 2025
TikTok has been fined €530 million by EU regulators over data protection failures and may face a data transfer suspension to China unless it complies ...
StealC Malware Upgraded With Advanced Data Theft and Stealth Capabilities
News
StealC Malware Upgraded With Advanced Data Theft and Stealth Capabilities
Mitchell Langley May 5, 2025
StealC malware receives major upgrade with advanced stealth, encryption, and data theft tools, including real-time Telegram alerts and full desktop screenshot capabilities.
UK Retailer Co-op Discloses Data Theft After DragonForce Ransomware Compromise
News
UK Retailer Co-op Discloses Data Theft After DragonForce Ransomware Compromise
Andrew Doyle May 5, 2025
UK retailer Co-op has confirmed a data breach impacting millions, following a ransomware attack by DragonForce. Personal details were stolen, but no financial data.
U.S. Indicts Black Kingdom Ransomware Developer Behind 1,500 Microsoft Exchange Attacks
News
U.S. Indicts Black Kingdom Ransomware Developer Behind 1,500 Microsoft Exchange Attacks
Andrew Doyle May 5, 2025
The U.S. has indicted a Yemeni national for operating Black Kingdom ransomware, targeting Microsoft Exchange servers in 1,500 global attacks demanding $10,000 in Bitcoin.
beWanted Exposes Personal Data of 1.1 Million Job Seekers Across Europe and Latin America
News
beWanted Exposes Personal Data of 1.1 Million Job Seekers Across Europe and Latin America
Mitchell Langley May 5, 2025
Employment platform beWanted leaked over 1.1 million CVs containing names, ID numbers, contact details, and employment history.
Nova Scotia Power Confirms Customer Data Compromised in Cyberattack
News
Nova Scotia Power Confirms Customer Data Compromised in Cyberattack
Andrew Doyle May 2, 2025
Nova Scotia Power confirms personal customer data was stolen in a cyberattack on April 25, though electricity services remain unaffected as the investigation continues.
Malicious PyPI Packages Exploit Gmail and WebSockets to Hijack Systems
News
Malicious PyPI Packages Exploit Gmail and WebSockets to Hijack Systems
Mitchell Langley May 2, 2025
Seven malicious PyPI packages exploited Gmail and WebSockets for remote command execution and data theft, with some packages downloaded over 18,000 times.
iHeartMedia Breach Exposes Personal Data Including SSNs and Passport Numbers
News
iHeartMedia Breach Exposes Personal Data Including SSNs and Passport Numbers
Mitchell Langley May 2, 2025
iHeartMedia confirmed a December data breach exposing names, Social Security, and passport numbers from local station systems. The company is offering identity theft protection.
Ascension Discloses Data Breach Affecting 5.6 Million Individuals
News
Ascension Discloses Data Breach Affecting 5.6 Million Individuals
Andrew Doyle May 2, 2025
Ascension, a major U.S. healthcare provider, confirmed a ransomware breach affecting 5.6 million individuals, compromising medical, financial, and personal data.
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Syed Arslan May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle April 21, 2025

TOP CYBERSECURITY HEADLINES

Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
News
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
News
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
News
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
News
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang

SECURITYWEEK INDUSTRY EXPERTS

Medical Data Breach Affected Dental Service Infrastructure
News
Medical Data Breach Affected Dental Service Infrastructure
Andrew Doyle June 4, 2025
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
News
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
Andrew Doyle June 4, 2025
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
News
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
Mitchell Langley June 4, 2025
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
News
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
Mitchell Langley June 4, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
The LexisNexis Breach: 364,000 Records Exposed via GitHub
May 29, 2025
Podcasts
Ransomware Hits MathWorks: Week-Long Outage Disrupts Millions
May 28, 2025
Podcasts
Zscaler Acquires Red Canary: What It Means for AI-Powered Security Operations
May 28, 2025

Cyber Security News

The Mirai Botnet The Infamous DDoS Weapon
Blog
The Mirai Botnet: The Infamous DDoS Weapon
March 19, 2025
Compliance Isn’t Security Why a Checklist Alone Won’t Stop Cyberattacks
Blog
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
March 17, 2025
Outsourcing Cybersecurity Could Save Your Company Millions – Here's How-
Blog
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
March 6, 2025
CISA Warns of Craft CMS Code Injection Flaw
Cybersecurity
CISA Warns of Craft CMS Code Injection Flaw
February 24, 2025
Top Cyber Threats Facing Enterprise Businesses in 2025 A Comprehensive Guide
Blog
Top Cyber Threats Facing Enterprise Businesses in 2025: A Comprehensive Guide
February 13, 2025
State-Sponsored Hackers Abuse Google's Gemini AI for Attacks
Cybersecurity
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
February 4, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
May 20, 2025
Scattered Spider used third-party TCS employee credentials to breach M&S systems, exposing customer data and costing over £1 billion in market value and lost profits. ...
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
May 20, 2025
Fake KeePass installers promoted via Bing ads delivered Cobalt Strike and stole credentials, ultimately leading to ESXi ransomware attacks linked to Black Basta affiliates.
TeleMessage Breach Exposes U.S. Government Messaging Data, 410GB Archive Published by DDoSecrets
May 20, 2025
Hackers exploited a flaw in TeleMessage’s TM SGNL app, exposing U.S. official communications. DDoSecrets published 410GB of chat logs and metadata from the breach.
Arla Foods Cyberattack Disrupts German Production Site, Causes Delivery Delays
May 20, 2025
Arla Foods confirmed a cyberattack at its Upahl production site in Germany, disrupting operations and causing delivery delays. No data theft has been confirmed.
O2 Flaw Leaked Customer Geolocation Data to Any Caller
May 20, 2025
O2 exposed customers’ real-time locations via VoLTE call metadata. A researcher found SIP headers leaking geolocation and device data. The issue is now resolved.
110,000+ Records Compromised: The NRS Cybersecurity Failure
May 19, 2025
In this episode, we unpack the 2024 cybersecurity incident that rocked the debt collection and healthcare sectors: the massive data breach at Nationwide Recovery Services ...
Coinbase Insider Breach Exposes Customer Data and Government IDs; $20M Ransom Rejected
May 19, 2025
Coinbase Insider Breach revealed that rogue support agents aided a cyberattack stealing customer data and government IDs. The attackers demanded $20 million, but Coinbase refused ...
Hackers Target VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own Berlin 2025
May 19, 2025
Researchers at Pwn2Own Berlin 2025 earned $695,000 for exploiting zero-day flaws in VMware ESXi, Microsoft SharePoint, Firefox, and AI platforms.
Adidas and Dior Confirm Customer Data Breaches Following Targeted Cyberattacks
May 19, 2025
Adidas and Dior confirmed data breaches affecting customer information in Korea and China. Both brands reported no financial data exposure and began notifying affected individuals. ...
CISA Flags Chrome Vulnerability CVE-2025-4664: Patch Before June 5th
May 19, 2025
In this episode, we break down the recently discovered and actively exploited Chrome vulnerability CVE-2025-4664—a high-severity flaw stemming from insufficient policy enforcement in Chrome’s Loader ...
Ransomware Gangs Adopt Skitnet Malware for Post-Exploitation Attacks in Enterprise Environments
May 19, 2025
Ransomware groups including BlackBasta and Cactus are using Skitnet malware for stealthy post-exploitation in enterprise networks, enabling persistence, data theft, and remote control.
How Can I Protect Myself from the M&S Cyberattack?
May 19, 2025
Marks & Spencer suffered a data breach. Here’s how customers can protect themselves from phishing, fraud, and future attacks using simple, actionable online safety tips. ...
483,000 Patients at Risk: Catholic Health Vendor Breach Exposes Critical Data
May 19, 2025
In this episode, we dive deep into a newly disclosed healthcare data breach affecting over 483,000 patients of Catholic Health, stemming from a misconfigured Elasticsearch ...
Broadcom Employee Data Leaked After Supply Chain Breach at ADP Partner
May 19, 2025
Broadcom employee data leaked after a ransomware attack on ADP partner Business Systems House. Sensitive files appeared on the dark web, impacting global semiconductor workers. ...
SK Telecom Data Breach Exposes Nearly 27 Million SIM Records
May 19, 2025
SK Telecom suffered a data breach impacting nearly 27 million SIM records, with malware infections across 23 servers and critical personal data left unencrypted.
This Week In Cybersecurity: May 12th to 16th, 2025
May 19, 2025
"This week in cybersecurity highlights significant data breaches, vulnerabilities, and emerging threats impacting various sectors, emphasizing the need for robust security measures."
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
May 19, 2025
A cyberattack on the UK’s Legal Aid Agency exposed personal, financial, and criminal data of applicants dating back to 2010, prompting a full shutdown of ...
Chrome’s New Vulnerability CVE-2025-4664: A Security Flaw That Can Lead to Account Takeover
May 16, 2025
In this episode, we take an in-depth look at the newly discovered CVE-2025-4664 vulnerability in Google Chrome’s Loader component. This high-severity security flaw is affecting ...
Scattered Spider Targets UK and US Retailers: The Growing Threat to Major Brands
May 16, 2025
In this episode, we dive deep into the recent wave of cyberattacks plaguing major UK retailers such as Marks & Spencer, Co-op, and Harrods, with ...
Ransomware Gangs Exploit SAP NetWeaver Vulnerability in Ongoing Global Attacks
May 16, 2025
Ransomware groups RansomEXX and BianLian have joined global threat actors exploiting a critical SAP NetWeaver vulnerability, risking full remote system compromise for unpatched servers.
Chrome Under Fire: Three Zero-Days, One Month, and Nation-State Exploits
Medical Data Breach Affected Dental Service Infrastructure
Australia Forces Transparency: The World’s First Mandatory Ransomware Payment Reporting Law
$25M for AI Email Security: Trustifi’s Big Bet on the MSP Market
GhostSec: From Hacktivist Roots to RaaS Powerhouse
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
Google Chrome vs. Failing CAs: The Policy Behind the Distrust
CVE-2025-48827 & 48828: How vBulletin’s API and Template Engine Got Weaponized
JINX-0132: How Cryptojackers Hijacked DevOps Infrastructure via Nomad and Docker
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
Multi-Stage Phishing Attacks Now Use Google Infrastructure—Here’s How
Password Hashes Leaked via Linux Crash Handlers: The Truth Behind CVE-2025-5054 & 4598