Main Menu
Cyber Security
Say Goodbye to Manual Identity Processes and Hello to Scalable IAM Automation
The Role of a Cyber Security Specialist in Building Cyber Resilience and Modern Defense Strategies
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
Why External Attack Surface Management Belongs at the Core of Your Cybersecurity Strategy
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
170K-Record Database Exposes Unencrypted PII from Real Estate Sector
News
170K-Record Database Exposes Unencrypted PII from Real Estate Sector
Andrew Doyle June 24, 2025
A misconfigured database tied to a U.S. real estate firm exposed 170,000 records of sensitive personal and internal data, including Social Security numbers and employment ...
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
News
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
Mitchell Langley June 24, 2025
Nucor, North America’s largest steel producer, has confirmed data theft following a cybersecurity breach that temporarily disrupted operations and forced system shutdowns.
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
News
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
Mitchell Langley June 24, 2025
Canada confirms a state-sponsored breach in its telecom sector, where Salt Typhoon exploited an unpatched Cisco vulnerability to compromise devices and reroute sensitive network traffic. ...
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
News
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
Mitchell Langley June 24, 2025
Russian state-sponsored hackers targeted a critic of the Kremlin using a novel social engineering tactic that tricked the victim into bypassing multi-factor authentication protections.
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
News
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
Andrew Doyle June 24, 2025
A massive breach has exposed 16 billion login credentials, potentially affecting services like Facebook, Google, and Apple. This fresh infostealer data opens the door to ...
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
News
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
Andrew Doyle June 24, 2025
Russian threat group APT28 is using Signal messages to deliver new malware—BeardShell and SlimAgent—targeting Ukrainian government entities through sophisticated phishing and loader tactics.
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
News
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
Mitchell Langley June 24, 2025
Anubis ransomware group claims to hold 64GB of Disneyland Paris data, including engineering plans and behind-the-scenes content, though the source and sensitivity remain unclear.
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
News
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
Mitchell Langley June 24, 2025
McLaren Health Care has suffered a major data breach, exposing sensitive personal and medical data of 743,000 individuals, following a history of ransomware incidents.
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
News
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
Andrew Doyle June 24, 2025
Oxford City Council has confirmed a cybersecurity breach involving legacy systems, exposing election worker data from 2001 to 2022 after detecting unauthorized access to its ...
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
News
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
Andrew Doyle June 24, 2025
Insurance giant Aflac has confirmed a breach involving sensitive personal and health data, part of a broader wave of attacks linked to the Scattered Spider ...
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
News
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
Mitchell Langley June 24, 2025
Taiwan-based crypto exchange BitoPro has linked the $11 million theft from its platform to the North Korean Lazarus Group, citing attack similarities and forensic evidence. ...
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
News
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
Andrew Doyle June 19, 2025
A key figure behind Ryuk ransomware’s initial network intrusions has been extradited to the U.S., marking a major step in global efforts against ransomware operations. ...
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
News
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
Andrew Doyle June 19, 2025
A data breach at Episource has compromised the personal and medical information of over 5.4 million individuals in a targeted January 2025 cyberattack.
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
News
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
Andrew Doyle June 19, 2025
Veeam patched a critical RCE flaw (CVE-2025-23121) allowing domain users to hijack backup servers, risking ransomware exploitation in misconfigured enterprise environments.
Predatory Sparrow Drains and Burns $90M in Cyberattack on Iran’s Nobitex Exchange
News
Predatory Sparrow Drains and Burns $90M in Cyberattack on Iran’s Nobitex Exchange
Mitchell Langley June 19, 2025
Predatory Sparrow claims responsibility for a politically motivated cyberattack on Iran’s Nobitex exchange, draining and burning over $90 million in unusable cryptocurrency.
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
News
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
Mitchell Langley June 19, 2025
BeyondTrust patched a critical vulnerability (CVE-2025-5309) in its Remote Support software that allowed unauthenticated attackers to gain full remote code execution on servers.
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
News
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
Mitchell Langley June 18, 2025
China-backed Salt Typhoon breached Viasat in a broader espionage campaign against U.S. telecoms ahead of the 2024 election, targeting both government and private networks.
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
News
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
Mitchell Langley June 18, 2025
A World Leaks ransomware attack on Freedman Healthcare may expose over 42,000 sensitive files. The health tech firm supports data systems for 27 U.S. state ...
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
News
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
Andrew Doyle June 18, 2025
CISA warns of active exploitation targeting outdated TP-Link routers with command injection flaws. Users and federal agencies must act fast to avoid security breaches.
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
News
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
Andrew Doyle June 18, 2025
Scattered Spider may have pivoted from retail to insurance, with Erie Indemnity likely its first U.S. victim. Experts urge insurers to prepare for advanced phishing ...
Why is Activity Logging Crucial for Detecting Cyberattacks
Blog
Why is Activity Logging Crucial for Detecting Cyberattacks
Mitchell Langley July 15, 2025
Stormous Ransomware: Unmasking the Pro-Russian Cyber Threat
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee July 3, 2025
INC Ransom: Master of Double Extortion
Ransomware
INC Ransomware: Master of Double Extortion
Gabby Lee June 10, 2025

TOP CYBERSECURITY HEADLINES

ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
News
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
News
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
News
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
New CrushFTP Zero-Day Exploit Enables Admin Access on Unpatched Servers
News
New CrushFTP Zero-Day Exploit Enables Admin Access on Unpatched Servers

SECURITYWEEK INDUSTRY EXPERTS

Ransomware Attack Destroys 158-Year-Old Firm After Weak Password Breach
News
Ransomware Attack Destroys 158-Year-Old Firm After Weak Password Breach
Andrew Doyle July 22, 2025
Veeam Recovery Orchestrator Locks Out Users After MFA Rollout in Faulty Update
News
Veeam Recovery Orchestrator Locks Out Users After MFA Rollout in Faulty Update
Andrew Doyle July 22, 2025
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
News
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
Mitchell Langley July 22, 2025
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
News
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
Mitchell Langley July 22, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
NVIDIA Issues Urgent Rowhammer Warning: Enable ECC or Risk AI Integrity
July 15, 2025
Podcasts
Zip Security Secures $13.5M to Simplify and Scale Cyber Defense
July 15, 2025
Podcasts
Century Support Services Breach: 160,000 Identities Compromised in Silent Cyberattack
July 15, 2025

Cyber Security News

Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Cybersecurity
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
April 16, 2025
Hacker Forum 'Cracked' Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Cybersecurity
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
April 14, 2025
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Cybersecurity
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
April 14, 2025
Fall River Public Schools Responds to Cybersecurity Breach
Cybersecurity
Fall River Public Schools Responds to Cybersecurity Breach
April 9, 2025
COBIT 2019 vs. COBIT 5 What’s New and Why It Matters
Blog
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
April 4, 2025
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
Blog
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
April 4, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
July 7, 2025
Cybercriminals are increasingly using PDFs to impersonate trusted brands like Microsoft, PayPal, and DocuSign in phishing campaigns designed to steal credentials or deploy malware.
ANSSI vs. Houken: France Battles Advanced Chinese Hacking Threat
July 4, 2025
In this episode, we uncover a high-stakes cyber campaign targeting the heart of French digital infrastructure. ANSSI, France’s national cybersecurity agency, has exposed a Chinese-linked ...
Psychological Manipulation and AI Fraud: How Spain Exposed a $12M Scam
July 4, 2025
In this episode, we examine a growing threat reshaping financial crime in Europe: sophisticated, technology-driven investment fraud. Spanish law enforcement has recently dismantled a fraud ...
CVE-2025-20309: Critical Cisco Root Access Flaw Threatens VoIP Security
July 4, 2025
A devastating vulnerability—CVE-2025-20309—has been discovered in Cisco’s Unified Communications Manager (Unified CM) and its Session Management Edition (SME), threatening the security of over a thousand ...
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
July 4, 2025
IdeaLab confirms ransomware attackers stole sensitive employee and contractor data in a 2024 breach. Hunters International claimed responsibility and leaked 137,000 files on the dark ...
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
July 4, 2025
Kelly Benefits confirms 2024 breach exposed personal data of 553,660 individuals, affecting 46 organizations. Stolen info includes SSNs, medical records, and financial data.
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
July 4, 2025
Esse Health confirms cyberattack exposed data of 263,601 patients, including medical record and insurance info, after system disruptions in April. Investigation suggests possible ransomware involvement. ...
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
July 4, 2025
Spanish police arrest two hackers behind cyberattacks on government and media figures, seizing devices in a national security case tied to stolen state data.
Citrix Patch for Critical NetScaler Vulnerabilities Causes Login Issues for Some Customers
July 4, 2025
Citrix warns that patches for critical NetScaler flaws may cause broken logins due to CSP conflicts. Admins must disable headers and clear cache to restore ...
Forminator Plugin Flaw Leaves 600,000+ WordPress Sites at Risk of Full Takeover
July 4, 2025
A critical vulnerability in Forminator exposes over 600,000 WordPress sites to takeover attacks. Enterprises are urged to patch immediately and review recovery strategies.
Grafana Issues Critical Security Fixes for Image Renderer Plugin and Synthetic Monitoring Agent
July 4, 2025
Grafana Labs patched critical Chromium-based vulnerabilities in its Image Renderer and Monitoring Agent. Enterprises using self-hosted deployments must update immediately to prevent remote code execution ...
Hunters International Ransomware Group Shuts Down, Offers Free Decryptors Amid Exit
July 4, 2025
Hunters International ransomware gang shuts down and releases free decryptors for victims. The group may be rebranding as an extortion-only operation under World Leaks.
Spanish Authorities Dismantle €10 Million Investment Scam Network With Fake Advisors and Crypto Portals
July 4, 2025
Spanish police arrested 21 individuals linked to a €10 million investment scam that used fake crypto platforms, call centers, and social media to defraud victims. ...
Cisco Removes Hardcoded Root Account from Unified CM to Prevent Remote Takeover
July 4, 2025
Cisco warns of critical backdoor vulnerability in Unified Communications Manager allowing root access. No workaround exists—organizations must patch immediately to prevent remote system takeover.
Fake Crypto Wallet Add-ons Flood Firefox Store in Ongoing Credential Theft Campaign
July 4, 2025
Over 40 fake Firefox extensions posing as crypto wallets are stealing seed phrases. Victims unknowingly lose funds in attacks that mimic trusted browser plugins.
Qantas Confirms Data Breach Following Cyberattack on Third-Party Platform
July 4, 2025
Qantas confirmed a cyberattack impacting six million customers. Linked to aviation-targeting threat actors, the breach highlights growing risks to identity systems and third-party platforms.
macOS Under Siege: NimDoor Malware Targets Telegram, Wallets, and Keychains
July 3, 2025
A new, highly advanced malware strain—NimDoor—has emerged as the latest cyber weapon in the arsenal of North Korean state-sponsored hackers, specifically targeting macOS systems used ...
Cisco Unified CM Vulnerability: Root Access Risk for Enterprise VoIP Networks
July 3, 2025
A newly disclosed vulnerability—CVE-2025-20309—in Cisco’s Unified Communications Manager (Unified CM) and Session Management Edition has sent shockwaves through enterprise VoIP and IT security teams. The ...
Forminator Flaw Exposes WordPress Sites to Takeover Attacks: Vulnerability Threatens 600,000+ Sites
July 3, 2025
A critical new WordPress vulnerability—CVE-2025-6463—has been discovered in the widely used Forminator plugin, affecting over 600,000 active installations and putting hundreds of thousands of websites ...
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
July 3, 2025
Stormous ransomware is a pro-Russian ransomware gang using double extortion and RaaS tools to target global enterprises, especially in the U.S., Ukraine, and Europe.
Dell Breach by World Leaks: Extortion Attempt Hits Demo Platform
Termite Ransomware: The Silent Invader
Ransomware-as-a-Service (RaaS): The Industrialization of Cybercrime and What Enterprises Must Do
Critical VPN Vulnerability: ExpressVPN Exposed IPs via RDP Misrouting
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
Dior Data Breach Exposes U.S. Customer Info in LVMH Vendor Attack
StrongestLayer Raises $5.2M to Fight AI-Powered Phishing with TRACE
750,000 Records Exposed: Inside the TADTS Data Breach by BianLian
SS7 Is Still Broken: How Surveillance Firms Are Bypassing Telco Defenses
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
New CrushFTP Zero-Day Exploit Enables Admin Access on Unpatched Servers
Widespread Cyberattack Exploits Microsoft SharePoint Zero-Day, Hits U.S. Agencies and Global Targets
Weekly Cybersecurity Newsletter: 14th to 18th August
BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks