Main Menu
Cyber Security
UK Government Faces Rising Cybersecurity Concerns Amid Legal Aid and Foreign Office Attacks
Ireland Recalls Thousands of Passports Due to Software-Induced Printing Defect
BreachForums Re-emerges Only to Fall Victim to Data Breach
Anthropic Responds to Viral Allegations of Account Bans
CISA Streamlines Security Measures With Vulnerability Catalog Adoption
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Email Security’s True Challenge: Evaluating Post-access Threats
APT28 Intensifies Credential Harvesting on Nuclear and Energy Sectors
NSA Announces Tim Kosiba as New Deputy Director
Threat Actors Target Vulnerable Proxy Servers in the Hunt for LLM Services
Illinois Department’s Database Error Leads to Massive Data Exposure
Trend Micro Addresses Vulnerabilities in Apex Central, Mitigates Security Risks
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
Vibe Hacking: How AI is Transforming Cybercrime’s Landscape
Logitech’s macOS Applications Disrupted by Expired Code-Signing Certificate
Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
Navigating the Challenges of Fileless Malware in Cybersecurity
Microsoft Acknowledges Issues With Outlook Encryption Feature
Stalkerware Vendor’s Guilty Plea: A Rare Legal Victory in Consumer Spyware Prosecution
The Influence of Security Advice and Accountability in Cybersecurity
Chrome Extensions Masquerading as AITOPIA Pose Risk
Microsoft Alters Exchange Online User Email Limitations After Customer Pushback
European Space Agency Confronts Repeated Data Breaches with Legal Action
Generative AI Elevates Active Directory Password Attacks
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
News
Blue Shield of California Exposes Health Data of 4.7 Million Members to Google Due to Analytics Misconfiguration
Mitchell Langley April 24, 2025
Blue Shield of California disclosed a data breach impacting 4.7 million members after misconfigured Google Analytics exposed protected health information to Google Ads platforms.
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
News
Massive 1.33 Million-Device Botnet Drives Unprecedented DDoS Attacks Surge in Q1 2025
Andrew Doyle April 24, 2025
A record-breaking 1.33 million-device botnet has driven a 110% surge in DDoS attacks in Q1 2025, targeting fintech, e-commerce, and telecom sectors.
New Android Malware ‘SuperCard X’ Uses NFC to Drain Bank Accounts in Real Time
Cybersecurity
New Android Malware ‘SuperCard X’ Uses NFC to Drain Bank Accounts in Real Time
Mitchell Langley April 24, 2025
New Android malware 'SuperCard X' uses NFC technology and social engineering to clone cards and drain bank accounts in real-time through a convincing multi-step scam. ...
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
News
Data Breach at Yale New Haven Health Exposes Personal Information of 5.5 Million Patients
Andrew Doyle April 24, 2025
A data breach at Yale New Haven Health exposed personal details of 5.5 million patients, with names, SSNs, and medical IDs among the data stolen. ...
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
News
Cybercrime Losses in the U.S. Reached $16.6 Billion in 2024, FBI Reports
Mitchell Langley April 24, 2025
Cybercrime losses in the U.S. hit $16.6 billion in 2024, with older adults and businesses suffering the most, according to new FBI complaint data.
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
News
Marks & Spencer Cyberattack Disrupts Services and Delays Customer Orders
Mitchell Langley April 23, 2025
Marks & Spencer confirms a cyberattack disrupting services, leading to delayed orders and affecting contactless payments, while assuring customers of ongoing efforts to resolve the ...
Qilin Ransomware Tactics, Techniques, Procedures and Mitigation
Blog
Qilin Ransomware: Tactics, Techniques, Procedures and Mitigation
Andrew Doyle April 23, 2025
Qilin ransomware, a potent threat emerging in 2022, has rapidly gained notoriety. This blog post delves into its advanced tactics, techniques, and procedures (TTPs), providing ...
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Cybersecurity
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Andrew Doyle April 23, 2025
Varonis researchers reveal Cookie-Bite, a proof-of-concept Chrome extension attack that steals Azure Entra ID session cookies to bypass MFA and access Microsoft 365 services.
SK Telecom Malware Incident Targets USIM Customer Data
News
SK Telecom Malware Incident Targets USIM Customer Data
Andrew Doyle April 23, 2025
SK Telecom has disclosed a malware attack that exposed sensitive USIM data, prompting swift containment, investigation, and enhanced security measures for its 34 million subscribers. ...
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
News
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
Mitchell Langley April 23, 2025
Baltimore City Public Schools confirms 25,000 people were impacted by a February ransomware attack that exposed sensitive employee and student information, including identification documents.
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
News
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
Andrew Doyle April 23, 2025
A zero-day flaw in Active! Mail is under active exploitation in Japan, affecting major providers and exposing data across enterprise, education, and government sectors.
Ad Fraud Operation 'Scallywag' Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Cybersecurity
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Mitchell Langley April 22, 2025
The Scallywag ad fraud network used WordPress plugins to generate 1.4 billion daily ad requests, monetizing piracy and redirect sites before being dismantled.
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Cybersecurity
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Gabby Lee April 22, 2025
The FBI warns of a scam where criminals impersonate IC3 officials, targeting prior fraud victims with false promises of fund recovery to steal financial information. ...
Abilene, Texas Shuts Down City Systems Following Cyberattack
News
Abilene, Texas Shuts Down City Systems Following Cyberattack
Mitchell Langley April 22, 2025
Abilene, Texas has taken key systems offline after a cyberattack. City services are disrupted but emergency response remains intact. Investigation and recovery efforts continue.
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
News
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
Mitchell Langley April 22, 2025
Google confirms a phishing campaign targeting Gmail users that abused DKIM and Google Sites to send spoofed legal requests and steal user credentials undetected.
Imaflex Inc. Data Breach Exposes Personal and Employment Data
News
Imaflex Inc. Data Breach Exposes Personal and Employment Data
Andrew Doyle April 22, 2025
Imaflex Inc. Data Breach Exposes Personal and Employment Data: Legal Investigation Underway Imaflex Inc. has disclosed a data breach that exposed sensitive personal and employment-related ...
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
Resources
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
Andrew Doyle April 22, 2025
Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance, for financial gain and potential ...
Cybersecurity Newsletter
This Week In Cybersecurity: April 1st to 5th, 2025
Andrew Doyle April 21, 2025
This week in cybersecurity covers a range of incidents, including the shutdown of openSNP over privacy concerns, a data breach affecting 173,000 patients, and a ...
This Week In Cybersecurity: 03rd March to 07th March
Cybersecurity Newsletter
This Week In Cybersecurity: March 3rd to 7th, 2025
Gabby Lee April 21, 2025
This Week in Cybersecurity: Data Breaches, Ransomware, Threat Actors, Ransomware Protection and more!
Ransomware Victims on Dark Web – 10th March, 2025
News
Ransomware Victims on Dark Web – 10th March, 2025
Mitchell Langley April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
California Privacy Protection Agency Takes Action Against Datamasters for Unauthorized Data Sales
Data Security
California Privacy Protection Agency Takes Action Against Datamasters for Unauthorized Data Sales
Gabby Lee January 12, 2026
California Privacy Protection Agency Takes Action Against Datamasters for Unauthorized Data Sales
Data Security
California Privacy Protection Agency Takes Action Against Datamasters for Unauthorized Data Sales
Gabby Lee January 12, 2026
Diplomatic Exchange Between Nations Highlights Tensions in Cybercrime Prosecutions
News
Diplomatic Exchange Between Nations Highlights Tensions in Cybercrime Prosecutions
Mitchell Langley January 11, 2026
Ledger Breach Due to Global-e Attack Compromises Customer Data
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Andrew Doyle January 6, 2026

TOP CYBERSECURITY HEADLINES

UK Government Faces Rising Cybersecurity Concerns Amid Legal Aid and Foreign Office Attacks
Cybersecurity
UK Government Faces Rising Cybersecurity Concerns Amid Legal Aid and Foreign Office Attacks
Authorities in Spain Dismantle Cyber Fraud Network Tied to Black Axe Group
News
Authorities in Spain Dismantle Cyber Fraud Network Tied to Black Axe Group
Ireland Recalls Thousands of Passports Due to Software-Induced Printing Defect
Data Security
Ireland Recalls Thousands of Passports Due to Software-Induced Printing Defect
BreachForums Re-emerges Only to Fall Victim to Data Breach
Application Security
BreachForums Re-emerges Only to Fall Victim to Data Breach

This Week’s Security Spotlight

BreachForums Re-emerges Only to Fall Victim to Data Breach
Application Security
BreachForums Re-emerges Only to Fall Victim to Data Breach
Mitchell Langley January 12, 2026
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Application Security
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Gabby Lee January 11, 2026
Chrome Extensions Masquerading as AITOPIA Pose Risk
Application Security
Chrome Extensions Masquerading as AITOPIA Pose Risk
Mitchell Langley January 7, 2026
European Space Agency Confronts Repeated Data Breaches with Legal Action
Data Security
European Space Agency Confronts Repeated Data Breaches with Legal Action
Gabby Lee January 7, 2026
More In News
Trending
Phishers Pose as Booking.com to Compromise European Hotels
Phishing Campaign Targets Users with Google Cloud Application Exploitation
Silver Fox Exploits Tax Lures in India to Spread ValleyRAT
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Exein Raises €70M: Defending the IoT-AI Frontier with Embedded Security
July 16, 2025
Podcasts
Salt Typhoon Strikes Again: National Guard, Telecoms, and a Crisis in U.S. Cyber Defense
July 16, 2025
Podcasts
DragonForce Ransomware Hits Belk: 150GB Data Leak and Operational Chaos
July 15, 2025

Cyber Security News

U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
Information Security
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
November 6, 2025
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
Cybersecurity
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
November 6, 2025
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
Cybersecurity
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
November 6, 2025
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
Cybersecurity
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
November 5, 2025
Attackers Exploit Critical Plugin Flaw to Hijack Admin Access on 400,000+ WordPress Sites
Application Security
Attackers Exploit Critical Plugin Flaw to Hijack Admin Access on 400,000+ WordPress Sites
November 5, 2025
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Application Security
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
November 4, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Microsoft 365 Direct Send Exploited: How Phishing Emails Masquerade as Internal Messages
June 27, 2025
Phishing has long been a favored weapon of cybercriminals, but a recent revelation about Microsoft 365’s Direct Send feature has elevated the threat to a ...
Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Risk
June 27, 2025
A critical flaw in the Open VSX Registry—an open-source alternative to the Visual Studio Code Marketplace—recently put over 8 million developers at risk of mass ...
CitrixBleed 2: Critical NetScaler Vulnerability Enables Session Hijacking and MFA Bypass
June 27, 2025
A new critical vulnerability in Citrix NetScaler ADC and Gateway systems, dubbed CitrixBleed 2 (CVE-2025-5777), has emerged as a serious threat to remote access infrastructure. ...
Cross-Border Cyber Fraud Ring Busted After Stealing Over €400,000 Through Compromised Online Seller Accounts
June 27, 2025
Authorities in Germany and Romania dismantled a phishing fraud ring that stole over €400,000 using hijacked online seller accounts and fake listings on a major ...
Hawaiian Airlines Investigates Cybersecurity Event Amid IT Outage, Ransomware Suspected
June 27, 2025
Hawaiian Airlines reports a major cybersecurity event affecting its IT systems. Flights remain operational as authorities investigate a possible ransomware attack targeting the aviation sector. ...
Ahold Delhaize USA Cyberattack Exposes Over 2 Million Individuals in Widespread Data Breach
June 27, 2025
Ahold Delhaize USA confirms over 2.2 million individuals impacted in a 2024 cyberattack that exposed personal, financial, and medical data from internal company systems.
Nth Degree Data Breach Exposes Nearly 40,000 Identities, Including Event Staff and Partners
June 27, 2025
A data breach at event vendor Nth Degree exposed nearly 40,000 records, including full names and SSNs, raising privacy concerns across high-profile client organizations.
OneClik Cyberattack Campaign Targets Energy Sector Using Microsoft ClickOnce and AWS
June 26, 2025
A sophisticated cyber-espionage campaign named OneClik is actively targeting energy, oil, and gas organizations using a combination of legitimate cloud infrastructure and novel attack techniques. ...
Zero-Day Level Cisco ISE Flaws: Urgent Patch Required for Enterprise Security
June 26, 2025
Cisco has disclosed two critical security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products, both earning a maximum CVSS ...
Bonfy.AI Launches $9.5M Adaptive Content Security Platform to Govern AI and Human Data
June 26, 2025
In a major development at the intersection of cybersecurity and AI governance, Israeli startup Bonfy.AI has officially launched its adaptive content security platform, backed by ...
Central Kentucky Radiology’s 2024 Data Breach Affects 167,000
June 26, 2025
In October 2024, Central Kentucky Radiology (CKR), a Lexington-based imaging provider, became the latest victim of a growing trend in healthcare cyberattacks. An unauthorized actor ...
Why External Attack Surface Management Belongs at the Core of Your Cybersecurity Strategy
June 26, 2025
Discover why External Attack Surface Management (EASM) is vital for modern digital risk protection and how it enhances visibility, threat detection, and cyber resilience strategies. ...
Pro-Russian Hackers Disrupt Dutch Government Websites Amid Heightened NATO Security
June 26, 2025
Pro-Russian hacker group NoName057(16) claims responsibility for a DDoS attack that disrupted Dutch municipal websites during the NATO Summit’s peak security deployment.
OneClik Campaign Exploits Microsoft ClickOnce and AWS to Breach Energy and Industrial Networks
June 26, 2025
A stealthy malware campaign abuses Microsoft ClickOnce and AWS services to deploy Golang-based RunnerBeacon backdoors targeting energy and industrial organizations with advanced evasion techniques.
French Authorities Arrest BreachForums v2 Operators Behind Global Data Theft Campaigns
June 26, 2025
French police arrest BreachForums v2 operators, including ShinyHunters and IntelBroker, tied to major global and national data breaches affecting millions of users and enterprises.
Hacker ‘IntelBroker’ Indicted in $25M Global Data Theft Campaign
June 26, 2025
British hacker ‘IntelBroker’ charged by U.S. authorities for stealing and selling sensitive data worldwide, causing $25 million in damage to governments and global enterprises.
CISA Confirms Active Exploitation of Critical AMI MegaRAC BMC Vulnerability Enabling Remote Server Hijack
June 26, 2025
CISA confirms that a critical vulnerability in AMI MegaRAC BMC firmware is being exploited to hijack servers remotely, prompting urgent patching across government and enterprise ...
Columbia University Struggles to Restore Services Following Suspected Cyberattack
June 26, 2025
Columbia University is working to restore critical systems following a suspected cyberattack that has caused widespread outages, impacting thousands of students and faculty.
U.S. Government Pushes Back on Meta: WhatsApp Labeled a High-Risk App
June 25, 2025
The U.S. House of Representatives has officially banned the use of WhatsApp on all House-managed devices, citing significant data security risks. This move places WhatsApp ...
How Cyberattacks on Mainline Health and Select Medical Exposed Over 200,000 Patients
June 25, 2025
The healthcare industry is facing a relentless wave of cyber threats, as demonstrated by two recent breaches impacting Mainline Health Systems and Select Medical Holdings. ...
UK Government Faces Rising Cybersecurity Concerns Amid Legal Aid and Foreign Office Attacks
Authorities in Spain Dismantle Cyber Fraud Network Tied to Black Axe Group
Ireland Recalls Thousands of Passports Due to Software-Induced Printing Defect
BreachForums Re-emerges Only to Fall Victim to Data Breach
Anthropic Responds to Viral Allegations of Account Bans
Iranian APT Group MuddyWater Launches Sophisticated Spear-Phishing Campaign
CISA Streamlines Security Measures With Vulnerability Catalog Adoption
Chinese-Speaking Threat Actors Allegedly Exploit SonicWall VPN for VMware ESXi Breach
Illinois Man Charged for Snapchat Phishing Scheme
Email Security’s True Challenge: Evaluating Post-access Threats
APT28 Intensifies Credential Harvesting on Nuclear and Energy Sectors
Diplomatic Exchange Between Nations Highlights Tensions in Cybercrime Prosecutions
NSA Announces Tim Kosiba as New Deputy Director
Threat Actors Target Vulnerable Proxy Servers in the Hunt for LLM Services
North Korean Hackers Exploit QR Codes to Breach Enterprise Cloud Security
Illinois Department’s Database Error Leads to Massive Data Exposure
Trend Micro Addresses Vulnerabilities in Apex Central, Mitigates Security Risks
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
Vibe Hacking: How AI is Transforming Cybercrime’s Landscape
How Misconfigured Email Routing Opens the Door for Credential Theft