Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Aeza Group Sanctioned by U.S. Treasury for Enabling Cybercriminal Infrastructure
News
Aeza Group Sanctioned by U.S. Treasury for Enabling Cybercriminal Infrastructure
Mitchell Langley July 2, 2025
The U.S. Treasury sanctioned Aeza Group for hosting ransomware and malware infrastructure used by threat groups like BianLian, RedLine, and darknet marketplace BlackSprut.
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
News
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
Mitchell Langley July 1, 2025
Europol dismantles a $540 million crypto investment fraud ring targeting thousands across borders. The syndicate used AI tools, shell companies, and crypto wallets for laundering. ...
FBI Issues Alert as Cybercriminals Impersonate Health Fraud Investigators to Steal Patient Data
News
FBI Issues Alert as Cybercriminals Impersonate Health Fraud Investigators to Steal Patient Data
Andrew Doyle July 1, 2025
FBI warns of cybercriminals impersonating health fraud investigators to steal sensitive medical data. Fraudulent emails and texts are targeting patients and providers nationwide.
Johnson Controls Begins Notifying Individuals Impacted by 2023 Ransomware Attack
News
Johnson Controls Begins Notifying Individuals Impacted by 2023 Ransomware Attack
Mitchell Langley July 1, 2025
Johnson Controls is notifying individuals impacted by a 2023 ransomware attack that exposed data and disrupted global operations. Dark Angels ransomware group is believed responsible. ...
Ransomware Attack on Swiss Government Vendor Leads to Massive Data Leak
News
Ransomware Attack on Swiss Government Vendor Leads to Massive Data Leak
Andrew Doyle July 1, 2025
Switzerland confirms government data was stolen in a ransomware attack on Radix. Leaked records include documents, contracts, and communications now circulating on the dark web. ...
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
News
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
Mitchell Langley July 1, 2025
Europol dismantles a $540 million crypto investment fraud ring targeting thousands across borders. The syndicate used AI tools, shell companies, and crypto wallets for laundering. ...
Canada Orders Hikvision to Shut Down National Operations Over Security Concerns
News
Canada Orders Hikvision to Shut Down National Operations Over Security Concerns
Mitchell Langley July 1, 2025
Canada orders Hikvision to shut down operations after a national security review. Government bans all public sector use of Hikvision surveillance equipment nationwide.
This Week In Cybersecurity: 23rd June to 27th June
Cybersecurity Newsletter
This Week In Cybersecurity: 23rd June to 27th June
Andrew Doyle June 30, 2025
News Stories New ‘FileFix’ Attack Exploits Windows File Explorer to Deliver Stealthy Commands Threat actors use the search-ms URI protocol ...
INC Ransomware: TTPs, Impact and Mitigation
Blog
INC Ransomware: TTPs, Impact and Mitigation
Gabby Lee June 30, 2025
INC Ransomware is a sophisticated threat actor employing advanced techniques for devastating double extortion attacks. This in-depth analysis reveals their methods, targets, and the critical ...
Cyberattack on Hannaford Exposes Data of Over 2.2 Million, Including 95,000 Mainers
News
Cyberattack on Hannaford Exposes Data of Over 2.2 Million, Including 95,000 Mainers
Andrew Doyle June 30, 2025
A cyberattack on Hannaford in late 2024 exposed personal data of over 2.2 million people, including 95,000 Mainers, affecting customers and employees alike.
Scattered Spider Expands Attacks to Aviation and Transportation Sectors
News
Scattered Spider Expands Attacks to Aviation and Transportation Sectors
Mitchell Langley June 30, 2025
Scattered Spider hackers have shifted their campaign toward aviation and transport, exploiting identity systems and help desks to breach major airlines using sophisticated social engineering. ...
Scattered Spider Ransomware Group Turns Its Focus to North American Airlines
News
Scattered Spider Ransomware Group Turns Its Focus to North American Airlines
Andrew Doyle June 30, 2025
Scattered Spider ransomware group is now targeting North American airlines, with Hawaiian Airlines likely the first victim in a wider campaign against aviation and transportation. ...
Data Breaches at Sheffield City Council Surge to Three-Year High Amid Growing Cybersecurity Concerns
News
Data Breaches at Sheffield City Council Surge to Three-Year High Amid Growing Cybersecurity Concerns
Mitchell Langley June 30, 2025
Sheffield City Council faced over 1,500 data breaches since 2022, paying £20,000 in claims amid rising human error and cyberattack incidents targeting local governments.
Massive Data Breach Hits U.S. Federal Bureau of Prisons, Exposes Sensitive Inmate Information
News
Massive Data Breach Hits U.S. Federal Bureau of Prisons, Exposes Sensitive Inmate Information
Mitchell Langley June 30, 2025
A major data breach allegedly targeting the U.S. Federal Bureau of Prisons has exposed 320GB of sensitive inmate and staff records, prompting a federal investigation. ...
Cross-Border Cyber Fraud Ring Busted After Stealing Over €400,000 Through Compromised Online Seller Accounts
News
Cross-Border Cyber Fraud Ring Busted After Stealing Over €400,000 Through Compromised Online Seller Accounts
Andrew Doyle June 27, 2025
Authorities in Germany and Romania dismantled a phishing fraud ring that stole over €400,000 using hijacked online seller accounts and fake listings on a major ...
Hawaiian Airlines Investigates Cybersecurity Event Amid IT Outage, Ransomware Suspected
News
Hawaiian Airlines Investigates Cybersecurity Event Amid IT Outage, Ransomware Suspected
Mitchell Langley June 27, 2025
Hawaiian Airlines reports a major cybersecurity event affecting its IT systems. Flights remain operational as authorities investigate a possible ransomware attack targeting the aviation sector. ...
Nth Degree Data Breach Exposes Nearly 40,000 Identities, Including Event Staff and Partners
News
Nth Degree Data Breach Exposes Nearly 40,000 Identities, Including Event Staff and Partners
Andrew Doyle June 27, 2025
A data breach at event vendor Nth Degree exposed nearly 40,000 records, including full names and SSNs, raising privacy concerns across high-profile client organizations.
Ahold Delhaize USA Cyberattack Exposes Over 2 Million Individuals in Widespread Data Breach
News
Ahold Delhaize USA Cyberattack Exposes Over 2 Million Individuals in Widespread Data Breach
Mitchell Langley June 27, 2025
Ahold Delhaize USA confirms over 2.2 million individuals impacted in a 2024 cyberattack that exposed personal, financial, and medical data from internal company systems.
Why External Attack Surface Management Belongs at the Core of Your Cybersecurity Strategy
Application Security
Why External Attack Surface Management Belongs at the Core of Your Cybersecurity Strategy
Mitchell Langley June 26, 2025
Discover why External Attack Surface Management (EASM) is vital for modern digital risk protection and how it enhances visibility, threat detection, and cyber resilience strategies. ...
Pro-Russian Hackers Disrupt Dutch Government Websites Amid Heightened NATO Security
News
Pro-Russian Hackers Disrupt Dutch Government Websites Amid Heightened NATO Security
Andrew Doyle June 26, 2025
Pro-Russian hacker group NoName057(16) claims responsibility for a DDoS attack that disrupted Dutch municipal websites during the NATO Summit’s peak security deployment.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Dell Breach by World Leaks: Extortion Attempt Hits Demo Platform
July 22, 2025
Podcasts
Critical VPN Vulnerability: ExpressVPN Exposed IPs via RDP Misrouting
July 22, 2025
Podcasts
Dior Data Breach Exposes U.S. Customer Info in LVMH Vendor Attack
July 21, 2025

Cyber Security News

University of Pennsylvania Data Breach Clop's Zero-Day Exploit Targets Oracle's E-Business Suite
Cybersecurity
University of Pennsylvania Data Breach: Clop’s Zero-Day Exploit Targets Oracle’s E-Business Suite
December 3, 2025
Zafran Security Accelerates Global Expansion with $60 Million Series C Funding
Cybersecurity
Zafran Security Accelerates Global Expansion with $60 Million Series C Funding
December 3, 2025
Albiriox Banking Trojan Poses New Threat to Android Devices
Cybersecurity
Albiriox Banking Trojan Poses New Threat to Android Devices
December 2, 2025
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Cybersecurity
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
December 2, 2025
Young Cybercriminals Rebels Without a Cause in the Digital World
Cybersecurity
Young Cybercriminals: Rebels Without a Cause in the Digital World
December 2, 2025
$29 Million in Bitcoin Seized from Cryptomixer Implications for Cybercrime
Cybersecurity
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
December 2, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Free Wi-Fi Loophole Lets Hackers Breach Smart Bus Control Systems
August 11, 2025
A new cybersecurity investigation has revealed that the same free passenger Wi-Fi offered on many smart buses is directly connected to critical onboard systems — ...
RiteCheck Notifies Nearly 70,000 After Year-Old Cyberattack Exposed Sensitive Customer Data
August 11, 2025
Nearly 70,000 customers and employees of RiteCheck had personal and payment data exposed in a 2024 breach. Notification letters were only sent out this week. ...
BlackSuit Ransomware and Royal Operations Breached 450+ U.S. Companies
August 8, 2025
DHS reports BlackSuit and Royal ransomware gangs hit over 450 U.S. victims, collected $370 million, and saw infrastructure seized in international Operation Checkmate last month. ...
Pandora Confirms Third-Party Data Breach, Advises Customers to Stay Alert
August 8, 2025
Pandora confirms a third-party data breach exposing customer names and emails, warns users of potential phishing risks as attackers exploit basic contact details without breaching ...
CISA Orders Federal Agencies to Patch Critical Exchange Hybrid Vulnerability by Monday Morning
August 8, 2025
CISA orders federal agencies to fix a critical Exchange hybrid vulnerability (CVE-2025-53786) by Monday; migration to a dedicated hybrid app is required to prevent tenant ...
Bouygues Telecom Data Breach Exposes 6.4 Million Customers’ Information
August 8, 2025
Bouygues Telecom confirms cyberattack exposed personal data for 6.4 million customers, including contact details and IBANs; investigation ongoing and authorities notified; customers informed via SMS. ...
Technical Glitch Briefly Erases Sections of U.S. Constitution from Congress.gov, Restored Quickly
August 8, 2025
Critical sections of the Constitution briefly vanished from Congress.gov due to a software glitch; the Library of Congress restored them within hours and is implementing ...
ReVault: Critical Dell Firmware Flaws Allow Windows Login Bypass and Persistent Implants
August 7, 2025
In a powerful reminder that hardware security is just as critical as software defense, Cisco Talos researchers have uncovered “ReVault,” a collection of five high-severity ...
Air France–KLM Data Breach Exposes Customer Info via Compromised Third-Party Platform
August 7, 2025
The aviation industry has suffered yet another major cybersecurity incident. Air France and KLM have confirmed a data breach impacting customer records via an external ...
Critical Flaws in CyberArk Conjur and HashiCorp Vault Put Enterprise Secrets at Risk
August 7, 2025
Enterprise secrets managers—long considered the most secure components in modern infrastructure—are now under fire. In a groundbreaking report, cybersecurity firm Cyata revealed 14 critical zero-day ...
Prompt Injection Nightmare: Critical AI Vulnerabilities in ChatGPT, Copilot, Gemini & More
August 7, 2025
Enterprise AI assistants are revolutionizing productivity—but they’re also opening new doors for cyberattacks. In this episode, we explore explosive research from Zenity Labs, which reveals ...
Air France and KLM Confirm Third-Party Data Breach Impacting Customer Information
August 7, 2025
Air France and KLM have confirmed a data breach via a third-party vendor, exposing personal information of loyalty members and airline customers to potential cyber ...
Akira Ransomware Disables Microsoft Defender Using Intel Driver Exploit in New Wave of Attacks
August 7, 2025
Akira ransomware disables Microsoft Defender using Intel’s driver in BYOVD attacks. Researchers warn of new techniques, SonicWall VPN exploits, and trojanized IT tool installers.
MagentaTV Data Leak Exposes Over 324 Million Logs Linked to Deutsche Telekom’s Streaming Platform
August 7, 2025
A data leak tied to Deutsche Telekom’s MagentaTV platform exposed over 324 million logs, including user IPs, MAC addresses, and session details.
Meta Blocks 6.8 Million WhatsApp Accounts Amid Rising Scam Group Abuse
August 7, 2025
Meta has blocked 6.8 million WhatsApp accounts tied to scam operations, rolling out new security features to prevent abuse of group invites and direct messaging. ...
Google Confirms Data Breach as Part of Ongoing Salesforce CRM Attacks by ShinyHunters
August 7, 2025
Google confirms a Salesforce data breach linked to ShinyHunters, who are targeting enterprise CRM systems in a widespread extortion campaign affecting major global brands.
Cisco Reports Data Breach Following Vishing Attack on Employee
August 7, 2025
Cisco disclosed a data breach impacting Cisco.com user accounts after a vishing attack on an employee, exposing basic user details but no passwords or sensitive ...
Rhysida Ransomware Group Claims Attack on Cookeville Regional Medical Center
August 6, 2025
Rhysida ransomware gang has claimed the attack on Cookeville Regional Medical Center, threatening to leak sensitive patient and financial data unless the hospital pays a ...
Pandora Confirms Data Breach Linked to Salesforce Credential Theft Campaign
August 6, 2025
Pandora confirms a data breach linked to Salesforce credential theft campaigns, exposing customer data while attackers continue to target global enterprises through phishing and OAuth ...
PBS Confirms Data Breach After Employee Information Circulates on Discord
August 6, 2025
PBS confirmed a data breach after corporate contact details for nearly 4,000 employees were leaked and shared on Discord communities, raising concerns over unauthorized exposure ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited