Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
Blog
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
Gabby Lee July 7, 2025
AI cyber threats are changing the face of digital warfare. From adaptive malware to deepfake scams, learn how Cybersecurity AI fights back against AI cyber ...
BMW Financial Services Caught in Third-Party Data Breach Involving Texas Fintech Firm
News
BMW Financial Services Caught in Third-Party Data Breach Involving Texas Fintech Firm
Andrew Doyle July 7, 2025
BMW Financial Services confirms indirect exposure from a third-party breach at AIS. The incident affected over 1,950 individuals but did not compromise BMW’s own systems. ...
Telefónica Faces New Data Leak Allegations After Hacker Publishes Sample Files
News
Telefónica Faces New Data Leak Allegations After Hacker Publishes Sample Files
Mitchell Langley July 7, 2025
A hacker linked to Hellcat ransomware claims to have stolen 106GB of Telefónica data and has started leaking files after the company denied the breach. ...
Ingram Micro Confirms SafePay Ransomware Attack Behind Major Outage
News
Ingram Micro Confirms SafePay Ransomware Attack Behind Major Outage
Mitchell Langley July 7, 2025
Ingram Micro confirms ransomware attack by SafePay as the cause of ongoing system outages, disrupting ordering platforms and forcing VPN shutdowns across multiple global locations. ...
Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
News
Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
Mitchell Langley July 7, 2025
Cybercriminals are increasingly using PDFs to impersonate trusted brands like Microsoft, PayPal, and DocuSign in phishing campaigns designed to steal credentials or deploy malware.
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
News
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
Mitchell Langley July 4, 2025
IdeaLab confirms ransomware attackers stole sensitive employee and contractor data in a 2024 breach. Hunters International claimed responsibility and leaked 137,000 files on the dark ...
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
News
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
Andrew Doyle July 4, 2025
Kelly Benefits confirms 2024 breach exposed personal data of 553,660 individuals, affecting 46 organizations. Stolen info includes SSNs, medical records, and financial data.
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
News
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
Mitchell Langley July 4, 2025
Esse Health confirms cyberattack exposed data of 263,601 patients, including medical record and insurance info, after system disruptions in April. Investigation suggests possible ransomware involvement. ...
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
News
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
Mitchell Langley July 4, 2025
Spanish police arrest two hackers behind cyberattacks on government and media figures, seizing devices in a national security case tied to stolen state data.
Citrix Patch for Critical NetScaler Vulnerabilities Causes Login Issues for Some Customers
News
Citrix Patch for Critical NetScaler Vulnerabilities Causes Login Issues for Some Customers
Andrew Doyle July 4, 2025
Citrix warns that patches for critical NetScaler flaws may cause broken logins due to CSP conflicts. Admins must disable headers and clear cache to restore ...
Forminator Plugin Flaw Leaves 600,000+ WordPress Sites at Risk of Full Takeover
News
Forminator Plugin Flaw Leaves 600,000+ WordPress Sites at Risk of Full Takeover
Mitchell Langley July 4, 2025
A critical vulnerability in Forminator exposes over 600,000 WordPress sites to takeover attacks. Enterprises are urged to patch immediately and review recovery strategies.
Grafana Issues Critical Security Fixes for Image Renderer Plugin and Synthetic Monitoring Agent
News
Grafana Issues Critical Security Fixes for Image Renderer Plugin and Synthetic Monitoring Agent
Andrew Doyle July 4, 2025
Grafana Labs patched critical Chromium-based vulnerabilities in its Image Renderer and Monitoring Agent. Enterprises using self-hosted deployments must update immediately to prevent remote code execution ...
Hunters International Ransomware Group Shuts Down, Offers Free Decryptors Amid Exit
News
Hunters International Ransomware Group Shuts Down, Offers Free Decryptors Amid Exit
Andrew Doyle July 4, 2025
Hunters International ransomware gang shuts down and releases free decryptors for victims. The group may be rebranding as an extortion-only operation under World Leaks.
Spanish Authorities Dismantle €10 Million Investment Scam Network With Fake Advisors and Crypto Portals
News
Spanish Authorities Dismantle €10 Million Investment Scam Network With Fake Advisors and Crypto Portals
Mitchell Langley July 4, 2025
Spanish police arrested 21 individuals linked to a €10 million investment scam that used fake crypto platforms, call centers, and social media to defraud victims. ...
Cisco Removes Hardcoded Root Account from Unified CM to Prevent Remote Takeover
News
Cisco Removes Hardcoded Root Account from Unified CM to Prevent Remote Takeover
Mitchell Langley July 4, 2025
Cisco warns of critical backdoor vulnerability in Unified Communications Manager allowing root access. No workaround exists—organizations must patch immediately to prevent remote system takeover.
Fake Crypto Wallet Add-ons Flood Firefox Store in Ongoing Credential Theft Campaign
News
Fake Crypto Wallet Add-ons Flood Firefox Store in Ongoing Credential Theft Campaign
Andrew Doyle July 4, 2025
Over 40 fake Firefox extensions posing as crypto wallets are stealing seed phrases. Victims unknowingly lose funds in attacks that mimic trusted browser plugins.
Qantas Confirms Data Breach Following Cyberattack on Third-Party Platform
News
Qantas Confirms Data Breach Following Cyberattack on Third-Party Platform
Mitchell Langley July 4, 2025
Qantas confirmed a cyberattack impacting six million customers. Linked to aviation-targeting threat actors, the breach highlights growing risks to identity systems and third-party platforms.
Stormous Ransomware: Unmasking the Pro-Russian Cyber Threat
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee July 3, 2025
Stormous ransomware is a pro-Russian ransomware gang using double extortion and RaaS tools to target global enterprises, especially in the U.S., Ukraine, and Europe.
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
Blog
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
Andrew Doyle July 2, 2025
Explore how hospitality businesses can defend against hotel cyber attacks, summer cyber threats, and guest data breaches with smart cybersecurity strategies tailored for the industry. ...
International Criminal Court Investigates Another Sophisticated Cyberattack
News
International Criminal Court Investigates Another Sophisticated Cyberattack
Andrew Doyle July 2, 2025
The International Criminal Court confirms a second cyberattack in two years, citing a sophisticated breach and ongoing threats targeting its global judicial infrastructure.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Cisco ISE Critical Flaws Now Actively Exploited: No Workarounds, Just Root Access
July 23, 2025
Podcasts
ToolShell: SharePoint Zero-Day Chain Gives Hackers Full Remote Access
July 22, 2025
Podcasts
CVE-2025-54309: CrushFTP Zero-Day Exploited in Global Admin Access Attacks
July 22, 2025

Cyber Security News

North Korea's Covert IT Workforce Exposed Unmasking the Chollima Scheme
Cybersecurity
North Korea’s Covert IT Workforce Exposed: Unmasking the Chollima Scheme
December 3, 2025
FTC Targets EdTech Giant Illuminate After Data Breach Exposes 10 Million Students
Cybersecurity
FTC Targets EdTech Giant Illuminate After Data Breach Exposes 10 Million Students
December 3, 2025
Cybersecurity Incident at Three-Council Data Breach Adds Complexity
Cybersecurity
Cybersecurity Incident at Three-Council: Data Breach Adds Complexity
December 3, 2025
GlassWorm Supply Chain Attack Compromises Developer Tools
Cybersecurity
GlassWorm Supply Chain Attack Compromises Developer Tools
December 3, 2025
Shai-Hulud Strikes Again Massive Data Exposure from NPM Attack
Cybersecurity
Shai-Hulud Strikes Again: Massive Data Exposure from NPM Attack
December 3, 2025
Application Security
Microsoft Investigates Defender XDR Portal Access Disruptions
December 3, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Bitdefender Launches Cybersecurity Advisory Services to Address Security Gaps
August 12, 2025
Bitdefender has launched its Cybersecurity Advisory Services to help enterprises close skills gaps, strengthen compliance, and boost resilience. The program offers tailored strategy, risk management, ...
Palo Alto Networks Acquires CyberArk in $25 Billion Deal
August 12, 2025
Palo Alto Networks is acquiring CyberArk for $25B, marking one of cybersecurity’s largest deals. The move signals a strategic pivot to identity security, addressing human ...
UK Now Third Most Targeted Nation for Malware Attacks in 2025
August 12, 2025
The UK is now the third most targeted country for malware, recording over 100 million attacks in three months. Rising ransomware, phishing, and identity fraud ...
US Becomes Ransomware Capital with 146% Increase in Attacks
August 12, 2025
The U.S. now accounts for 50% of global ransomware incidents, with attacks surging 146% year-over-year. Critical sectors like manufacturing, healthcare, and energy face escalating threats ...
Ransomware-as-a-Service (RaaS) Fuels Record Cyberattack Surge in 2025
August 12, 2025
Ransomware-as-a-Service is driving a surge in cyberattacks, making sophisticated ransomware accessible to low-skilled criminals. With incidents up 149% in early 2025, experts warn that RaaS ...
Pacific HealthWorks Hit By Everest Ransomware; Patient Data From 50+ Practices Published
August 12, 2025
Everest ransomware posted hundreds of Pacific HealthWorks files, exposing patient and billing records from 50+ medical groups; leaked samples show SSNs, claims and medical IDs. ...
Kimsuky Data Leak Exposes 8.9GB of Alleged North Korean APT Tooling and Stolen Records
August 12, 2025
Two hackers leaked an 8.9GB dump they say came from North Korea’s Kimsuky APT, exposing phishing logs, toolkits, source code and possible campaign data today. ...
U.S. Judiciary Confirms Breach Of Federal Court Electronic Records System
August 12, 2025
The U.S. Federal Judiciary confirmed a cyberattack on its case management systems, prompting heightened security for sealed court filings amid escalating, sophisticated cyber threats targeting ...
MuddyWater’s DarkBit Ransomware Cracked, Allowing Free Data Recovery
August 12, 2025
Profero cracked DarkBit ransomware’s encryption, exploiting weak key generation to recover a victim’s ESXi server data for free, disrupting a politically driven MuddyWater-linked cyberattack.
Germany’s Top Court Limits Police Spyware to Serious Crimes Only
August 11, 2025
Germany’s Federal Constitutional Court has issued a landmark ruling sharply restricting the use of state spyware by law enforcement. The decision directly addresses 2017 regulations ...
Security Firms Warn GPT-5 Is Wide Open to Jailbreaks and Prompt Attacks
August 11, 2025
Two independent security assessments have revealed serious vulnerabilities in GPT-5, the latest large language model release. NeuralTrust’s red team demonstrated a “storytelling” jailbreak, a multi-turn ...
Global Cybersecurity Spending Projected to Reach $213 Billion in 2025
August 11, 2025
Global cybersecurity spending is projected to hit $213 billion in 2025, driven by rising ransomware threats, cloud adoption, and generative AI risks. Gartner forecasts sustained ...
Senate Committee Advances Nominee to Lead Cybersecurity Agency
August 11, 2025
Amid heightened scrutiny over election security and foreign cyber threats, the U.S. Senate Homeland Security Committee has advanced the nomination of Sean Plankey to lead ...
BadCam: Lenovo Webcam Flaw Turns Everyday Cameras into Remote BadUSB Attack Tools
August 11, 2025
A new hardware security warning has emerged with the discovery of BadCam, a set of vulnerabilities in certain Lenovo webcams that could allow attackers to ...
Google Calendar Invites Let Researchers Hijack Gemini in Stealthy Prompt-Injection Attack
August 11, 2025
Researchers used poisoned Google Calendar invites to exploit a Gemini vulnerability, enabling email exfiltration, smart-home control and other actions; Google says the bug is fixed. ...
Google Confirms Salesforce CRM Breach Exposed Google Ads Customers
August 11, 2025
Google confirms a Salesforce CRM breach exposed business contact information for prospective Google Ads customers; ShinyHunters claim roughly 2.55 million records were stolen in total. ...
WinRAR Zero-Day (CVE-2025-8088) Exploited in Phishing Attacks to Drop RomCom Backdoors
August 11, 2025
WinRAR zero-day CVE-2025-8088 let attackers craft RARs that extract executables into autorun folders, enabling RomCom backdoors via spearphishing; the bug is fixed in WinRAR 7.13. ...
Ivy League University Hack Exposed Personal, Financial and Health Records of 868,969 People
August 11, 2025
Columbia University says a May 16, 2025 network intrusion exposed personal, financial and health data for 868,969 people; the university offers two years of credit ...
U.S. Judiciary Confirms Cyberattack on Court Electronic Records Service, Tightens Access to Sealed Filings
August 11, 2025
The U.S. Judiciary confirmed a cyberattack on its electronic case systems, tightening access to sealed filings after reports suggested confidential informant identities were exposed publicly. ...
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
August 11, 2025
A critical Cisco ISE vulnerability (CVE-2025-20337) exposes systems to remote code execution and root access. Enterprises must upgrade to Patch 7 or Patch 2 immediately. ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited