Main Menu
Cyber Security
Telegram’s Proxy Link Vulnerability Exposes IP Addresses
Endesa Cyberattack Results in Customer Data Exposure
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
Meta Addresses Security Vulnerability in Instagram Password Resets
AI and Security: Block’s CISO Discusses AI Agents’ Potential
Apex Legends Players Face Unprecedented Character Hijacking Over Weekend
Target’s Source Code Allegedly Exposed in Cyber Breach
Drones Are Now Critical Infrastructure—and Their Networks are the New Attack Surface
California Privacy Protection Agency Takes Action Against Datamasters for Unauthorized Data Sales
Instagram Data Breach Affects 17.5 Million Users: Security Implications Explored
U.S. Immigration and Customs Enforcement’s Surveillance Tactics Scrutinized
UK Government Faces Rising Cybersecurity Concerns Amid Legal Aid and Foreign Office Attacks
Ireland Recalls Thousands of Passports Due to Software-Induced Printing Defect
BreachForums Re-emerges Only to Fall Victim to Data Breach
Anthropic Responds to Viral Allegations of Account Bans
CISA Streamlines Security Measures With Vulnerability Catalog Adoption
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Email Security’s True Challenge: Evaluating Post-access Threats
APT28 Intensifies Credential Harvesting on Nuclear and Energy Sectors
NSA Announces Tim Kosiba as New Deputy Director
Threat Actors Target Vulnerable Proxy Servers in the Hunt for LLM Services
Illinois Department’s Database Error Leads to Massive Data Exposure
Trend Micro Addresses Vulnerabilities in Apex Central, Mitigates Security Risks
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
Vibe Hacking: How AI is Transforming Cybercrime’s Landscape
Logitech’s macOS Applications Disrupted by Expired Code-Signing Certificate
Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
Navigating the Challenges of Fileless Malware in Cybersecurity
Microsoft Acknowledges Issues With Outlook Encryption Feature
Malicious PyPI Packages Exploit Gmail and WebSockets to Hijack Systems
News
Malicious PyPI Packages Exploit Gmail and WebSockets to Hijack Systems
Mitchell Langley May 2, 2025
Seven malicious PyPI packages exploited Gmail and WebSockets for remote command execution and data theft, with some packages downloaded over 18,000 times.
iHeartMedia Breach Exposes Personal Data Including SSNs and Passport Numbers
News
iHeartMedia Breach Exposes Personal Data Including SSNs and Passport Numbers
Mitchell Langley May 2, 2025
iHeartMedia confirmed a December data breach exposing names, Social Security, and passport numbers from local station systems. The company is offering identity theft protection.
Ascension Discloses Data Breach Affecting 5.6 Million Individuals
News
Ascension Discloses Data Breach Affecting 5.6 Million Individuals
Andrew Doyle May 2, 2025
Ascension, a major U.S. healthcare provider, confirmed a ransomware breach affecting 5.6 million individuals, compromising medical, financial, and personal data.
Harrods Confirms Cyberattack Amid Growing Wave Targeting UK Retail Sector
News
Harrods Confirms Cyberattack Amid Growing Wave Targeting UK Retail Sector
Andrew Doyle May 2, 2025
Harrods joins M&S and Co-op as the latest UK retailer targeted in a cyberattack, prompting immediate security measures amid a surge in retail-focused intrusions.
Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack
News
Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack
Mitchell Langley April 30, 2025
Hitachi Vantara shut down servers to contain an Akira ransomware attack that disrupted systems and led to stolen data across corporate and government-related operations.
Vulnerability Alert - 30th April, 2025
CVE Vulnerability Alerts
Vulnerability Alert – 30th April, 2025
Gabby Lee April 30, 2025
Staying ahead of emerging cyber threats requires continuous monitoring of newly disclosed vulnerabilities, exploitation trends, and post-compromise behaviors. This page ...
Fighting AI with AI Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
Blog
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
Gabby Lee April 30, 2025
The rise of AI-driven cyberattacks necessitates a proactive approach. This blog explores how AI can combat AI cybersecurity threats, highlighting its benefits and risks ...
MTN Ghana Data Breach Impacts 5,700 Customers, Investigation Underway
News
MTN Ghana Data Breach Impacts 5,700 Customers, Investigation Underway
Andrew Doyle April 30, 2025
MTN Ghana confirms a data breach affecting 5,700 customers, with investigations ongoing and direct outreach underway to mitigate potential risks and prevent further exposure.
M&S Cyberattack Halts Online Sales, Triggers Major Financial Impact
News
M&S Cyberattack Halts Online Sales, Triggers Major Financial Impact
Mitchell Langley April 30, 2025
Marks & Spencer suspended online orders after a cyberattack over Easter weekend caused major disruptions, wiping £500 million off its stock and impacting daily sales. ...
CISA Flags Broadcom, CommVault, and Active! Mail Vulnerabilities as Actively Exploited
News
CISA Flags Broadcom, CommVault, and Active! Mail Vulnerabilities as Actively Exploited
Mitchell Langley April 30, 2025
CISA adds Broadcom, CommVault, and Active! Mail vulnerabilities to KEV catalog following active exploitation reports, urging immediate patching by enterprise and critical infrastructure operators.
SK Telecom Offers Free SIM Replacements After Malware Breach Impacts USIM Data
News
SK Telecom Offers Free SIM Replacements After Malware Breach Impacts USIM Data
Andrew Doyle April 30, 2025
SK Telecom is replacing SIM cards for 25 million users after a malware breach exposed USIM data. Supply limits restrict replacements to 6 million by ...
27 Million Records Allegedly Leaked from French Retailer Boulanger
Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
Andrew Doyle April 29, 2025
Personal data linked to over 27 million customer records of French electronics giant Boulanger has been leaked on a public ...
Over 1,200 SAP NetWeaver Servers Exposed to Actively Exploited Critical Vulnerability
News
Over 1,200 SAP NetWeaver Servers Exposed to Actively Exploited Critical Vulnerability
Mitchell Langley April 29, 2025
A critical SAP NetWeaver flaw (CVE-2025-31324) is being actively exploited. Over 1,200 servers are exposed, with hundreds already compromised by remote webshell deployments.
VeriSource Confirms Data Breach Impacted 4 Million People After Year-Long Investigation
News
VeriSource Confirms Data Breach Impacted 4 Million People After Year-Long Investigation
Andrew Doyle April 29, 2025
VeriSource Confirms Data Breach Impacted 4 Million People After Year-Long Investigation
Marks & Spencer Cyberattack Tied to Scattered Spider Ransomware Group
News
Marks & Spencer Cyberattack Tied to Scattered Spider Ransomware Group
Mitchell Langley April 29, 2025
Marks & Spencer is battling an ongoing outage caused by Scattered Spider ransomware attackers, who breached its systems, stole password data, and encrypted virtual machines. ...
Darcula: AI-Enhanced Phishing Platform Targets Users Worldwide
News
Darcula: AI-Enhanced Phishing Platform Targets Users Worldwide
Mitchell Langley April 29, 2025
The Darcula phishing platform has been upgraded with AI, enabling cybercriminals to quickly generate multilingual phishing scams and harvest user credentials on a global scale. ...
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
News
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
Andrew Doyle April 28, 2025
Researchers uncovered a major AI vulnerability allowing attackers to bypass safeguards with a single prompt, gaining control over AI systems to generate dangerous content.
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Cybersecurity
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Andrew Doyle April 28, 2025
Cybersecurity myths are more dangerous than you think. Here are 13 common myths that are silently sabotaging your security—and what to do instead.
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
News
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
Mitchell Langley April 28, 2025
A new phishing campaign is targeting WooCommerce administrators with fake security alerts designed to hijack websites by installing hidden backdoors and persistent malware.
Marks & Spencer Halts Online Orders Following Cyberattack
News
Marks & Spencer Halts Online Orders Following Cyberattack
Andrew Doyle April 28, 2025
Marks & Spencer suspended online orders following a cyberattack impacting digital and in-store services, while investigations continue in collaboration with external cybersecurity specialists.
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
Cybersecurity
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
Mitchell Langley January 13, 2026
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
Cybersecurity
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
Mitchell Langley January 13, 2026
Diplomatic Exchange Between Nations Highlights Tensions in Cybercrime Prosecutions
News
Diplomatic Exchange Between Nations Highlights Tensions in Cybercrime Prosecutions
Mitchell Langley January 11, 2026
Ledger Breach Due to Global-e Attack Compromises Customer Data
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Andrew Doyle January 6, 2026

TOP CYBERSECURITY HEADLINES

Endesa Cyberattack Results in Customer Data Exposure
Data Security
Endesa Cyberattack Results in Customer Data Exposure
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
Application Security
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
Meta Addresses Security Vulnerability in Instagram Password Resets
Application Security
Meta Addresses Security Vulnerability in Instagram Password Resets
AI and Security Block's CISO Discusses AI Agents' Potential
Cybersecurity
AI and Security: Block’s CISO Discusses AI Agents’ Potential

This Week’s Security Spotlight

Telegram's Proxy Link Vulnerability Exposes IP Addresses
Application Security
Telegram’s Proxy Link Vulnerability Exposes IP Addresses
Andrew Doyle January 13, 2026
Apex Legends Players Face Unprecedented Character Hijacking Over Weekend
Application Security
Apex Legends Players Face Unprecedented Character Hijacking Over Weekend
Mitchell Langley January 13, 2026
BreachForums Re-emerges Only to Fall Victim to Data Breach
Application Security
BreachForums Re-emerges Only to Fall Victim to Data Breach
Mitchell Langley January 12, 2026
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Application Security
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Gabby Lee January 11, 2026
More In News
Trending
Phishers Pose as Booking.com to Compromise European Hotels
Phishing Campaign Targets Users with Google Cloud Application Exploitation
Silver Fox Exploits Tax Lures in India to Spread ValleyRAT
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Phished and Exposed: What the Co-op Hack Reveals About Retail Cybersecurity
July 17, 2025
Podcasts
FileFix Attacks Are Here: How Interlock’s Ransomware is Skipping Your Defenses
July 16, 2025
Podcasts
Ontinue Uncovers SVG-Based Phishing: Why Your Browser Could Be the Weak Link
July 16, 2025

Cyber Security News

Malicious NuGet Packages Found With Time-Delay Payloads Targeting Databases and ICS Devices
Application Security
Malicious NuGet Packages Found With Time-Delay Payloads Targeting Databases and ICS Devices
November 9, 2025
LANDFALL Spyware Exploited Samsung Galaxy Zero-Day in Targeted Middle East Attacks
CVE Vulnerability Alerts
LANDFALL Spyware Exploited Samsung Galaxy Zero-Day in Targeted Middle East Attacks
November 9, 2025
AI-Generated Malicious VS Code Extension Raises Concerns Over Marketplace Security
Application Security
AI-Generated Malicious VS Code Extension Raises Concerns Over Marketplace Security
November 7, 2025
ClickFix Malware Evolves New Tactics Use Video Guides and Timers to Increase Infection Rates
Cybersecurity
ClickFix Malware Evolves: New Tactics Use Video Guides and Timers to Increase Infection Rates
November 6, 2025
Nevada Completes Full Recovery from Devastating Statewide Ransomware Attack
Cybersecurity
Nevada Completes Full Recovery from Devastating Statewide Ransomware Attack
November 6, 2025
Truffle Security Secures $25 Million to Expand Secrets Scanning Capabilities
Application Security
Truffle Security Secures $25 Million to Expand Secrets Scanning Capabilities
November 6, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
July 3, 2025
Stormous ransomware is a pro-Russian ransomware gang using double extortion and RaaS tools to target global enterprises, especially in the U.S., Ukraine, and Europe.
Kelly Benefits Breach: Over 550,000 Victims and the Rising Identity Theft Crisis
July 3, 2025
In one of the latest large-scale data breaches to hit the U.S. private sector, Kelly Benefits, a provider of payroll and benefits administration services, disclosed ...
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
July 2, 2025
Explore how hospitality businesses can defend against hotel cyber attacks, summer cyber threats, and guest data breaches with smart cybersecurity strategies tailored for the industry. ...
FileFix, HTA, and MotW Bypass—The Alarming Evolution of HTML-Based Attacks
July 2, 2025
A newly disclosed exploit dubbed FileFix is redefining how attackers bypass Microsoft Windows’ built-in security protections—specifically the Mark-of-the-Web (MotW) mechanism. Developed and detailed by security ...
Critical Flaws in Microsens NMP Web+ Threaten Industrial Network Security
July 2, 2025
In a major red flag for the industrial cybersecurity community, three newly disclosed vulnerabilities in Microsens NMP Web+, a popular network management solution used across ...
Sophisticated Cyberattack on the International Criminal Court: Justice in the Crosshairs
July 2, 2025
The International Criminal Court (ICC), the world’s foremost tribunal for prosecuting war crimes, genocide, and crimes against humanity, has confirmed yet another sophisticated cyberattack, highlighting ...
Qantas Data Breach: Third-Party Hack Exposes Millions of Frequent Flyers
July 2, 2025
In a stark reminder of the aviation industry’s growing exposure to cyber threats, Australian airline Qantas recently confirmed a serious data breach—this time not from ...
International Criminal Court Investigates Another Sophisticated Cyberattack
July 2, 2025
The International Criminal Court confirms a second cyberattack in two years, citing a sophisticated breach and ongoing threats targeting its global judicial infrastructure.
Aeza Group Sanctioned by U.S. Treasury for Enabling Cybercriminal Infrastructure
July 2, 2025
The U.S. Treasury sanctioned Aeza Group for hosting ransomware and malware infrastructure used by threat groups like BianLian, RedLine, and darknet marketplace BlackSprut.
Berlin Regulator Targets DeepSeek AI Over Data Transfers to China
July 1, 2025
Germany’s battle over digital sovereignty and data privacy has intensified, with the Berlin Commissioner for Data Protection formally requesting that Google and Apple remove the ...
CISA Flags Citrix NetScaler Flaws: What CVE-2025-6543 Means for Federal and Private Networks
July 1, 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added multiple Citrix NetScaler vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog—an urgent signal for federal ...
Cato Networks Secures $359M to Fuel AI-Powered SASE Expansion
July 1, 2025
Cato Networks just raised $359 million in Series G funding, pushing its valuation past $4.8 billion and its total funding beyond the $1 billion mark—a ...
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
July 1, 2025
Europol dismantles a $540 million crypto investment fraud ring targeting thousands across borders. The syndicate used AI tools, shell companies, and crypto wallets for laundering. ...
FBI Issues Alert as Cybercriminals Impersonate Health Fraud Investigators to Steal Patient Data
July 1, 2025
FBI warns of cybercriminals impersonating health fraud investigators to steal sensitive medical data. Fraudulent emails and texts are targeting patients and providers nationwide.
Johnson Controls Begins Notifying Individuals Impacted by 2023 Ransomware Attack
July 1, 2025
Johnson Controls is notifying individuals impacted by a 2023 ransomware attack that exposed data and disrupted global operations. Dark Angels ransomware group is believed responsible. ...
Ransomware Attack on Swiss Government Vendor Leads to Massive Data Leak
July 1, 2025
Switzerland confirms government data was stolen in a ransomware attack on Radix. Leaked records include documents, contracts, and communications now circulating on the dark web. ...
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
July 1, 2025
Europol dismantles a $540 million crypto investment fraud ring targeting thousands across borders. The syndicate used AI tools, shell companies, and crypto wallets for laundering. ...
Canada Orders Hikvision to Shut Down National Operations Over Security Concerns
July 1, 2025
Canada orders Hikvision to shut down operations after a national security review. Government bans all public sector use of Hikvision surveillance equipment nationwide.
Chrome’s Latest Zero-Day: CVE-2025-6554 and Remote Code Execution Risks
July 1, 2025
A new high-severity zero-day vulnerability in Google Chrome—CVE-2025-6554—has sent shockwaves across the cybersecurity landscape. This episode dives into the technical details, real-world impact, and broader ...
Russia’s 16KB Curtain: Cloudflare Throttling and the Future of the RuNet
June 30, 2025
Russia has entered a new phase of digital authoritarianism. In a sweeping move, Russian Internet Service Providers (ISPs) have begun systematically throttling access to Cloudflare ...
Telegram’s Proxy Link Vulnerability Exposes IP Addresses
Endesa Cyberattack Results in Customer Data Exposure
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
Meta Addresses Security Vulnerability in Instagram Password Resets
AI and Security: Block’s CISO Discusses AI Agents’ Potential
Apex Legends Players Face Unprecedented Character Hijacking Over Weekend
Target’s Source Code Allegedly Exposed in Cyber Breach
Drones Are Now Critical Infrastructure—and Their Networks are the New Attack Surface
California Privacy Protection Agency Takes Action Against Datamasters for Unauthorized Data Sales
Instagram Data Breach Affects 17.5 Million Users: Security Implications Explored
U.S. Immigration and Customs Enforcement’s Surveillance Tactics Scrutinized
UK Government Faces Rising Cybersecurity Concerns Amid Legal Aid and Foreign Office Attacks
Authorities in Spain Dismantle Cyber Fraud Network Tied to Black Axe Group
Ireland Recalls Thousands of Passports Due to Software-Induced Printing Defect
BreachForums Re-emerges Only to Fall Victim to Data Breach
Anthropic Responds to Viral Allegations of Account Bans
Iranian APT Group MuddyWater Launches Sophisticated Spear-Phishing Campaign
CISA Streamlines Security Measures With Vulnerability Catalog Adoption
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Illinois Man Charged for Snapchat Phishing Scheme