Main Menu
Cyber Security
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
iRhythm Confirms PHI Exfiltration via Social Engineering
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
GhostTree NTFS Junctions Paralyze Windows Defender Scans
CVE-2026-2473: Vertex AI SDK Pickle Attack Enables Cross-Tenant RCE
Endpoint Security Solutions: How to Protect Every Enterprise Device
UNC6508 Abused Google Workspace Rules in Medical-Military Espionage
Three FortiSandbox CVEs Chained for Unauthenticated Root Execution
Cisco CVE-2026-20262 Added to CISA KEV; Eighth Exploited SD-WAN Flaw
LiteSpeed cPanel CVE-2026-54420 Escalates to Root on Shared Hosts
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
DOJ Seizes CFAKE.com and SOCFAKE.com in First TAKE IT DOWN Act Case
The Quarry PhaaS: IRS Lures, ConnectWise RAT, 500+ Victims
ESET Finds WIN_DRV: Earth Lusca’s First Windows SprySOCKS Rootkit
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
CVE-2026-48558 Exposes 14,000 SimpleHelp RMM Servers to Auth Bypass
ShinyHunters Claims 61M Sysco Salesforce Records in Unverified Breach
What Is Scareware? How Fake Security Warnings Lead to Real Malware
Lapsus$ Lists GitHub Internal Repos for Sale, Copilot Source Included
Nightspire Claims Blue Nile Medical and Silsbee Police as New Victims
Ukrainian Conti Developer Pleads Guilty to Ransomware Loader Coding
Awesome Motive CDN Compromised; Backdoor Served to OptinMonster Users
CVE-2026-42824: M365 Copilot SearchLeak Enables 1-Click Email Theft
Novo Nordisk Confirms Hack of Clinical Trial Biomarker Data
SearchJack: 23 Chrome Extensions Intercept 758,000 Users’ Searches
TheGentlemen Ransomware Posts 20 Victims Across 14 Countries
PromptSnatcher Extensions Stole AI Chats From 90,000 Users
MI5 Warns of Chinese Espionage Campaign Exploiting LinkedIn for Intelligence Gathering
News
MI5 Warns of Chinese Espionage Campaign Exploiting LinkedIn for Intelligence Gathering
Gabby Lee November 18, 2025
MI5 warns that Chinese intelligence operatives are using LinkedIn and fake recruiters to target UK professionals with access to sensitive information. Thousands have reportedly been ...
Pennsylvania Attorney General’s Office Confirms Data Breach After Ransomware Attack
Cybersecurity
Pennsylvania Attorney General’s Office Confirms Data Breach After Ransomware Attack
Andrew Doyle November 18, 2025
A ransomware attack by the Inc Ransom group has hit the Pennsylvania Office of the Attorney General, with attackers claiming to have stolen over 700GB ...
ShadowRay 2.0 Botnet Campaign Exploits Ray Clusters for Cryptomining
Endpoint Security
ShadowRay 2.0 Botnet Campaign Exploits Ray Clusters for Cryptomining
Mitchell Langley November 18, 2025
ShadowRay 2.0 is exploiting an unauthenticated RCE flaw in older Ray Cluster deployments, infecting more than 5,000 exposed nodes and turning them into a self-spreading ...
Attackers Exploit Open Source AI Framework Ray to Build Self-Replicating Botnet
Cybersecurity
Attackers Exploit Open Source AI Framework Ray to Build Self-Replicating Botnet
Gabby Lee November 18, 2025
A new wave of attacks is compromising unsecured Ray clusters and turning them into self-replicating botnets. By abusing exposed Ray endpoints, attackers deploy malware that ...
EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
Cybersecurity
EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
Mitchell Langley November 18, 2025
A malware campaign tied to the EVALUSION threat cluster is abusing fake ClickFix utilities to deploy Amatera Stealer or NetSupport RAT. The attackers use staged ...
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
Information Security
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
Mitchell Langley November 18, 2025
Government auditors warn that DoD personnel may be unintentionally leaking sensitive details on social media, including deployment data and unit locations. Outdated policies, weak training, ...
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
Data Security
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
Gabby Lee November 18, 2025
Eurofiber France disclosed a breach caused by a vulnerability in its ticketing system, allowing attackers to access historical support records containing contact details and service ...
Coinbase Under Fire for Alleged Delay in Disclosing Customer Data Breach
Information Security
Coinbase Under Fire for Alleged Delay in Disclosing Customer Data Breach
Andrew Doyle November 17, 2025
A researcher claims Coinbase knew months earlier about a December 2024 breach involving insider social-engineering that exposed data for nearly 70,000 users. Coinbase later confirmed ...
Princeton University Data Breach Exposes Sensitive Information in Cyberattack
Data Security
Princeton University Data Breach Exposes Sensitive Information in Cyberattack
Mitchell Langley November 17, 2025
A cyberattack on Princeton University exposed a database containing personal and institutional information tied to alumni, donors, faculty, staff, and students. Princeton is investigating with ...
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
News
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Mitchell Langley November 17, 2025
Dutch authorities have seized roughly 250 servers tied to a bulletproof hosting service that catered exclusively to cybercriminals, disrupting infrastructure used for malware, phishing, and ...
Malicious NPM Packages Use Adspect Cloaking to Evade Researchers and Target Victims
Cybersecurity
Malicious NPM Packages Use Adspect Cloaking to Evade Researchers and Target Victims
Gabby Lee November 17, 2025
Seven malicious npm packages used Adspect-based traffic cloaking to avoid detection and selectively deliver staged JavaScript payloads to targeted developers. The packages acted as downloaders ...
Azure Faces Record-Breaking 15.72 Tbps DDoS Attack by Aisuru Botnet
Application Security
Azure Faces Record-Breaking 15.72 Tbps DDoS Attack by Aisuru Botnet
Andrew Doyle November 17, 2025
A record-breaking 15.72 Tbps DDoS attack from the Aisuru botnet targeted Microsoft Azure, showcasing rapidly evolving botnet capabilities. Despite the massive, multi-vector assault, Azure’s automated ...
GoSign Desktop Vulnerability Exposes Users to Man-in-the-Middle and Supply Chain Attacks
Application Security
GoSign Desktop Vulnerability Exposes Users to Man-in-the-Middle and Supply Chain Attacks
Andrew Doyle November 17, 2025
Researchers uncovered serious flaws in GoSign Desktop, where disabled TLS certificate validation and an unsigned update mechanism expose users to MitM attacks and malicious updates. ...
Threat Actors Revive Legacy “Finger” Protocol to Evade Detection and Deliver Payloads
Cybersecurity
Threat Actors Revive Legacy “Finger” Protocol to Evade Detection and Deliver Payloads
Mitchell Langley November 17, 2025
Researchers have uncovered cybercriminals abusing the long-abandoned UNIX “finger” protocol to stealthily fetch and execute commands on Windows systems. By using this legacy tool for ...
Jaguar Land Rover Attributes £196 Million Quarterly Loss to Cyberattack Fallout
Cybersecurity
Jaguar Land Rover Attributes £196 Million Quarterly Loss to Cyberattack Fallout
Andrew Doyle November 17, 2025
Jaguar Land Rover revealed that a major cyberattack caused £196 million in losses this quarter, significantly impacting operations despite otherwise strong performance. The incident, linked ...
Microsoft Confirms KB5068781 Update Errors Impacting Windows 10 Devices
Application Security
Microsoft Confirms KB5068781 Update Errors Impacting Windows 10 Devices
Gabby Lee November 17, 2025
Microsoft is investigating installation failures affecting the Windows 10 KB5068781 ESU update, with error 0x800f0922 impacting volume-licensed enterprise systems. The issue leaves legacy environments temporarily ...
CISA Flags Critical Fortinet FortiWeb Path Traversal Flaw as Actively Exploited
CVE Vulnerability Alerts
CISA Flags Critical Fortinet FortiWeb Path Traversal Flaw as Actively Exploited
Mitchell Langley November 17, 2025
CISA has confirmed active exploitation of CVE-2024-40446, a critical path traversal flaw in Fortinet FortiWeb 8.0.0 that allows unauthenticated attackers to read arbitrary system files. ...
RondoDox Botnet Exploits Critical Eval Injection Flaw in XWiki
Application Security
RondoDox Botnet Exploits Critical Eval Injection Flaw in XWiki
Gabby Lee November 17, 2025
RondoDox botnet operators are exploiting CVE-2025-24893, a critical 9.8-rated eval injection flaw in XWiki that enables unauthenticated remote code execution. Attackers are hijacking unpatched XWiki ...
Critical Remote Code Execution Flaws Found in AI Inference Engines Due to Unsafe Deserialization
Application Security
Critical Remote Code Execution Flaws Found in AI Inference Engines Due to Unsafe Deserialization
Andrew Doyle November 17, 2025
New research reveals that popular AI inference engines—including Meta’s TorchServe, Nvidia’s Triton, vLLM, and Microsoft’s ONNX Runtime—contain critical ZeroMQ and Python pickle flaws that enable ...
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers
News
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers
Mitchell Langley November 17, 2025
A new phishing campaign is targeting Chinese-speaking individuals in the U.S., with scammers posing as health insurers and Chinese authorities to coerce victims into revealing ...
Application Security
Mastra AI npm Supply Chain Attack Hits 1.1M Weekly Downloads
Mitchell Langley June 17, 2026
Cybersecurity
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
Gabby Lee June 17, 2026
Cybersecurity
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
Mitchell Langley June 17, 2026
Cybersecurity
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Andrew Doyle June 17, 2026

TOP CYBERSECURITY HEADLINES

Application Security
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
Cybersecurity
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
Cybersecurity
iRhythm Confirms PHI Exfiltration via Social Engineering
Cybersecurity
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps

This Week’s Security Spotlight

Cybersecurity
iRhythm Confirms PHI Exfiltration via Social Engineering
Mitchell Langley June 17, 2026
Application Security
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
Mitchell Langley June 16, 2026
Application Security
PromptSnatcher Extensions Stole AI Chats From 90,000 Users
Mitchell Langley June 15, 2026
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Andrew Doyle June 12, 2026
More In News
Trending
Storm-3075 Uses ChatGPT and Claude Brands to Harvest Credentials
Fake Claude Code Installers on Google Sites Steal AI API Keys
Fake Chrome Web Store DMCA Notices Target Extension Developers
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Phished and Exposed: What the Co-op Hack Reveals About Retail Cybersecurity
July 17, 2025
Podcasts
FileFix Attacks Are Here: How Interlock’s Ransomware is Skipping Your Defenses
July 16, 2025
Podcasts
Ontinue Uncovers SVG-Based Phishing: Why Your Browser Could Be the Weak Link
July 16, 2025

Cyber Security News

Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Application Security
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
April 16, 2026
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
April 16, 2026
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Cybersecurity
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
April 16, 2026
Autovista Battles Ransomware Attack Across Europe and Australia
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
April 16, 2026
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
Cybersecurity
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
April 16, 2026
A 'By Design' Flaw in Anthropic's MCP Could Enable Widespread AI Supply Chain Attacks
Cybersecurity
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
April 16, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
ShadowRay 2.0 Botnet Campaign Exploits Ray Clusters for Cryptomining
November 18, 2025
ShadowRay 2.0 is exploiting an unauthenticated RCE flaw in older Ray Cluster deployments, infecting more than 5,000 exposed nodes and turning them into a self-spreading ...
Attackers Exploit Open Source AI Framework Ray to Build Self-Replicating Botnet
November 18, 2025
A new wave of attacks is compromising unsecured Ray clusters and turning them into self-replicating botnets. By abusing exposed Ray endpoints, attackers deploy malware that ...
EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
November 18, 2025
A malware campaign tied to the EVALUSION threat cluster is abusing fake ClickFix utilities to deploy Amatera Stealer or NetSupport RAT. The attackers use staged ...
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
November 18, 2025
Government auditors warn that DoD personnel may be unintentionally leaking sensitive details on social media, including deployment data and unit locations. Outdated policies, weak training, ...
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
November 18, 2025
Eurofiber France disclosed a breach caused by a vulnerability in its ticketing system, allowing attackers to access historical support records containing contact details and service ...
Coinbase Under Fire for Alleged Delay in Disclosing Customer Data Breach
November 17, 2025
A researcher claims Coinbase knew months earlier about a December 2024 breach involving insider social-engineering that exposed data for nearly 70,000 users. Coinbase later confirmed ...
Princeton University Data Breach Exposes Sensitive Information in Cyberattack
November 17, 2025
A cyberattack on Princeton University exposed a database containing personal and institutional information tied to alumni, donors, faculty, staff, and students. Princeton is investigating with ...
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
November 17, 2025
Dutch authorities have seized roughly 250 servers tied to a bulletproof hosting service that catered exclusively to cybercriminals, disrupting infrastructure used for malware, phishing, and ...
Malicious NPM Packages Use Adspect Cloaking to Evade Researchers and Target Victims
November 17, 2025
Seven malicious npm packages used Adspect-based traffic cloaking to avoid detection and selectively deliver staged JavaScript payloads to targeted developers. The packages acted as downloaders ...
Azure Faces Record-Breaking 15.72 Tbps DDoS Attack by Aisuru Botnet
November 17, 2025
A record-breaking 15.72 Tbps DDoS attack from the Aisuru botnet targeted Microsoft Azure, showcasing rapidly evolving botnet capabilities. Despite the massive, multi-vector assault, Azure’s automated ...
GoSign Desktop Vulnerability Exposes Users to Man-in-the-Middle and Supply Chain Attacks
November 17, 2025
Researchers uncovered serious flaws in GoSign Desktop, where disabled TLS certificate validation and an unsigned update mechanism expose users to MitM attacks and malicious updates. ...
Threat Actors Revive Legacy “Finger” Protocol to Evade Detection and Deliver Payloads
November 17, 2025
Researchers have uncovered cybercriminals abusing the long-abandoned UNIX “finger” protocol to stealthily fetch and execute commands on Windows systems. By using this legacy tool for ...
Jaguar Land Rover Attributes £196 Million Quarterly Loss to Cyberattack Fallout
November 17, 2025
Jaguar Land Rover revealed that a major cyberattack caused £196 million in losses this quarter, significantly impacting operations despite otherwise strong performance. The incident, linked ...
Microsoft Confirms KB5068781 Update Errors Impacting Windows 10 Devices
November 17, 2025
Microsoft is investigating installation failures affecting the Windows 10 KB5068781 ESU update, with error 0x800f0922 impacting volume-licensed enterprise systems. The issue leaves legacy environments temporarily ...
CISA Flags Critical Fortinet FortiWeb Path Traversal Flaw as Actively Exploited
November 17, 2025
CISA has confirmed active exploitation of CVE-2024-40446, a critical path traversal flaw in Fortinet FortiWeb 8.0.0 that allows unauthenticated attackers to read arbitrary system files. ...
RondoDox Botnet Exploits Critical Eval Injection Flaw in XWiki
November 17, 2025
RondoDox botnet operators are exploiting CVE-2025-24893, a critical 9.8-rated eval injection flaw in XWiki that enables unauthenticated remote code execution. Attackers are hijacking unpatched XWiki ...
Critical Remote Code Execution Flaws Found in AI Inference Engines Due to Unsafe Deserialization
November 17, 2025
New research reveals that popular AI inference engines—including Meta’s TorchServe, Nvidia’s Triton, vLLM, and Microsoft’s ONNX Runtime—contain critical ZeroMQ and Python pickle flaws that enable ...
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers
November 17, 2025
A new phishing campaign is targeting Chinese-speaking individuals in the U.S., with scammers posing as health insurers and Chinese authorities to coerce victims into revealing ...
Fortinet Quietly Patches FortiWeb Zero-Day Vulnerability Exploited in Active Attacks
November 17, 2025
Researchers say Fortinet quietly patched a FortiWeb zero-day that was already being exploited, offering little transparency or guidance. The silent fix left many organizations unaware ...
Threat Group ShinyHunters Hacks Checkout.com, Demands Ransom Over Legacy Cloud Breach
November 17, 2025
A cyberattack on Checkout.com by ShinyHunters exposed sensitive data stored in an overlooked legacy cloud system, highlighting the risks of outdated infrastructure. The attackers are ...
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
iRhythm Confirms PHI Exfiltration via Social Engineering
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
GhostTree NTFS Junctions Paralyze Windows Defender Scans
CVE-2026-2473: Vertex AI SDK Pickle Attack Enables Cross-Tenant RCE
Endpoint Security Solutions: How to Protect Every Enterprise Device
UNC6508 Abused Google Workspace Rules in Medical-Military Espionage
Three FortiSandbox CVEs Chained for Unauthenticated Root Execution
Cisco CVE-2026-20262 Added to CISA KEV; Eighth Exploited SD-WAN Flaw
LiteSpeed cPanel CVE-2026-54420 Escalates to Root on Shared Hosts
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
DOJ Seizes CFAKE.com and SOCFAKE.com in First TAKE IT DOWN Act Case
The Quarry PhaaS: IRS Lures, ConnectWise RAT, 500+ Victims
ESET Finds WIN_DRV: Earth Lusca’s First Windows SprySOCKS Rootkit
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
CVE-2026-48558 Exposes 14,000 SimpleHelp RMM Servers to Auth Bypass
ShinyHunters Claims 61M Sysco Salesforce Records in Unverified Breach