Main Menu
Cyber Security
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
iRhythm Confirms PHI Exfiltration via Social Engineering
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
GhostTree NTFS Junctions Paralyze Windows Defender Scans
CVE-2026-2473: Vertex AI SDK Pickle Attack Enables Cross-Tenant RCE
Endpoint Security Solutions: How to Protect Every Enterprise Device
UNC6508 Abused Google Workspace Rules in Medical-Military Espionage
Three FortiSandbox CVEs Chained for Unauthenticated Root Execution
Cisco CVE-2026-20262 Added to CISA KEV; Eighth Exploited SD-WAN Flaw
LiteSpeed cPanel CVE-2026-54420 Escalates to Root on Shared Hosts
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
DOJ Seizes CFAKE.com and SOCFAKE.com in First TAKE IT DOWN Act Case
The Quarry PhaaS: IRS Lures, ConnectWise RAT, 500+ Victims
ESET Finds WIN_DRV: Earth Lusca’s First Windows SprySOCKS Rootkit
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
CVE-2026-48558 Exposes 14,000 SimpleHelp RMM Servers to Auth Bypass
ShinyHunters Claims 61M Sysco Salesforce Records in Unverified Breach
What Is Scareware? How Fake Security Warnings Lead to Real Malware
Lapsus$ Lists GitHub Internal Repos for Sale, Copilot Source Included
Nightspire Claims Blue Nile Medical and Silsbee Police as New Victims
Ukrainian Conti Developer Pleads Guilty to Ransomware Loader Coding
Awesome Motive CDN Compromised; Backdoor Served to OptinMonster Users
CVE-2026-42824: M365 Copilot SearchLeak Enables 1-Click Email Theft
Novo Nordisk Confirms Hack of Clinical Trial Biomarker Data
SearchJack: 23 Chrome Extensions Intercept 758,000 Users’ Searches
TheGentlemen Ransomware Posts 20 Victims Across 14 Countries
PromptSnatcher Extensions Stole AI Chats From 90,000 Users
Fortinet Quietly Patches FortiWeb Zero-Day Vulnerability Exploited in Active Attacks
Application Security
Fortinet Quietly Patches FortiWeb Zero-Day Vulnerability Exploited in Active Attacks
Gabby Lee November 17, 2025
Researchers say Fortinet quietly patched a FortiWeb zero-day that was already being exploited, offering little transparency or guidance. The silent fix left many organizations unaware ...
Threat Group ShinyHunters Hacks Checkout.com, Demands Ransom Over Legacy Cloud Breach
Cybersecurity
Threat Group ShinyHunters Hacks Checkout.com, Demands Ransom Over Legacy Cloud Breach
Andrew Doyle November 17, 2025
A cyberattack on Checkout.com by ShinyHunters exposed sensitive data stored in an overlooked legacy cloud system, highlighting the risks of outdated infrastructure. The attackers are ...
Australia Warns of Chinese Cyber Probing Into Critical Infrastructure
Cybersecurity
Australia Warns of Chinese Cyber Probing Into Critical Infrastructure
Mitchell Langley November 17, 2025
Australian intelligence warns that Chinese state-sponsored hackers have gained unauthorized access to critical infrastructure, shifting from espionage to potential sabotage. Officials say APT groups are ...
How TTP-Based Defenses Outperform Traditional IoC Hunting
Blog
How TTP-Based Defenses Outperform Traditional IoC Hunting
Gabby Lee November 17, 2025
Behavior-based detection is replacing traditional IoC-driven security as organizations focus on identifying attacker tactics and behaviors instead of static indicators. By analyzing TTPs like credential ...
Chinese APT Leveraged Claude AI for Automated Espionage Operation
News
Chinese APT Leveraged Claude AI for Automated Espionage Operation
Andrew Doyle November 17, 2025
Chinese APT group GTG-1002 has been caught abusing Anthropic’s Claude AI to automate phishing, malware development, and reconnaissance tasks. The campaign marks a major shift ...
North Korean ‘Contagious Interview’ Campaign Evolves With JSON-Based Malware Delivery
News
North Korean ‘Contagious Interview’ Campaign Evolves With JSON-Based Malware Delivery
Gabby Lee November 17, 2025
North Korea’s “Contagious Interview” campaign is evolving with new stealth techniques, using legitimate JSON-based storage services to host malware delivered through trojanized developer tools. NVISO ...
Amazon Identifies Massive NPM Package Flooding Attack as Token-Farming Campaign
Cybersecurity
Amazon Identifies Massive NPM Package Flooding Attack as Token-Farming Campaign
Mitchell Langley November 17, 2025
Attackers flooded the npm registry with thousands of benign-looking packages designed to harvest crypto-related authentication tokens rather than deploy malware. Amazon researchers say the large-scale ...
Logitech Confirms Data Breach After Clop Ransomware Attacks Oracle Systems
Application Security
Logitech Confirms Data Breach After Clop Ransomware Attacks Oracle Systems
Gabby Lee November 17, 2025
Clop exploited an unpatched Oracle E-Business Suite flaw to steal corporate data from Logitech, prompting the company to confirm exposure while emphasizing no operational disruption. ...
U.S. DOJ Secures Guilty Pleas in North Korea IT Worker and Crypto Fraud Case
Cybersecurity
U.S. DOJ Secures Guilty Pleas in North Korea IT Worker and Crypto Fraud Case
Gabby Lee November 17, 2025
A recently unsealed DOJ case reveals five defendants have pleaded guilty to helping North Korean operatives infiltrate U.S. companies as remote IT workers using stolen ...
CISA Warns of Akira Ransomware Targeting Nutanix AHV Virtual Machines
Application Security
CISA Warns of Akira Ransomware Targeting Nutanix AHV Virtual Machines
Andrew Doyle November 17, 2025
Akira ransomware now targets Nutanix AHV virtual machines, encrypting .qcow2 files, exploiting SonicWall vulnerabilities, and rapidly exfiltrating data across Linux-based enterprise environments.
DoorDash Discloses October Cybersecurity Breach Exposing User Contact Information
Cybersecurity
DoorDash Discloses October Cybersecurity Breach Exposing User Contact Information
Mitchell Langley November 17, 2025
DoorDash disclosed a new data breach after a social engineering attack exposed user contact information in October, prompting concerns over delayed notification and heightened phishing ...
IndonesianFoods Worm Overwhelms npm With 100,000 Auto-Generated Packages
Cybersecurity
IndonesianFoods Worm Overwhelms npm With 100,000 Auto-Generated Packages
Gabby Lee November 16, 2025
A self-replicating npm worm named IndonesianFoods has flooded the registry with over 100,000 packages, raising major supply-chain security concerns despite the absence of malicious code.
Kraken Ransomware Evolves With System Benchmarking, Cisco Warns
News
Kraken Ransomware Evolves With System Benchmarking, Cisco Warns
Andrew Doyle November 16, 2025
Kraken ransomware benchmarks system performance to choose full or partial encryption, enabling efficient data theft and encryption across Windows, Linux, and VMware ESXi networks globally.
Fortinet FortiWeb Vulnerability Exploited to Create Unauthorized Admin Accounts
Cybersecurity
Fortinet FortiWeb Vulnerability Exploited to Create Unauthorized Admin Accounts
Mitchell Langley November 16, 2025
A FortiWeb path traversal flaw is being actively exploited to create unauthorized admin accounts on unpatched devices, prompting urgent patching and security reviews by administrators.
ASUS Patches Critical Authentication Bypass Vulnerability in DSL Series Routers
CVE Vulnerability Alerts
ASUS Patches Critical Authentication Bypass Vulnerability in DSL Series Routers
Gabby Lee November 16, 2025
ASUS released urgent firmware updates to fix a critical authentication bypass flaw in multiple DSL routers, warning users to patch immediately and disable internet-exposed services.
Hamburg’s Miniatur Wunderland Hit by Cyberattack Exposing Credit Card Data
Cybersecurity
Hamburg’s Miniatur Wunderland Hit by Cyberattack Exposing Credit Card Data
Mitchell Langley November 13, 2025
Hamburg’s Miniatur Wunderland suffered a cyberattack that compromised its online ticket system, leaking visitors’ credit card data and potentially exposing thousands to fraud and identity ...
Data Leak Exposes Francis Frith’s Historic Photo Archive Customers
Cybersecurity
Data Leak Exposes Francis Frith’s Historic Photo Archive Customers
Gabby Lee November 13, 2025
A misconfigured database exposed over 300,000 Francis Frith customers’ personal details, including names and emails, putting buyers of the UK’s historic photo archive at phishing ...
Microsoft Expands Passwordless Security With Third-Party Passkey Manager Support in Windows 11
Application Security
Microsoft Expands Passwordless Security With Third-Party Passkey Manager Support in Windows 11
Andrew Doyle November 13, 2025
Windows 11 now supports third-party passkey managers like 1Password and Bitwarden, allowing users to authenticate with FIDO-compliant passkeys beyond Microsoft’s own tools. The update strengthens ...
U.K. Unveils Cybersecurity Reform to Safeguard Critical Infrastructure
Cybersecurity
U.K. Unveils Cybersecurity Reform to Safeguard Critical Infrastructure
Mitchell Langley November 13, 2025
The U.K. is overhauling its cybersecurity laws to better protect critical infrastructure from escalating cyberattacks, expanding NIS regulations to cover more sectors and third-party providers. ...
CISO Forum 2025 Summit Explores AI, Cloud Risk, and Governance Realities
Cybersecurity
CISO Forum 2025: Summit Explores AI, Cloud Risk, and Governance Realities
Gabby Lee November 13, 2025
The 2025 CISO Forum Virtual Summit highlighted how modern CISOs must balance innovation with expanding attack surfaces. Sessions focused on AI governance, cloud security, and ...
Application Security
Mastra AI npm Supply Chain Attack Hits 1.1M Weekly Downloads
Mitchell Langley June 17, 2026
Cybersecurity
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
Gabby Lee June 17, 2026
Cybersecurity
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
Mitchell Langley June 17, 2026
Cybersecurity
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Andrew Doyle June 17, 2026

TOP CYBERSECURITY HEADLINES

Application Security
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
Cybersecurity
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
Cybersecurity
iRhythm Confirms PHI Exfiltration via Social Engineering
Cybersecurity
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps

This Week’s Security Spotlight

Cybersecurity
iRhythm Confirms PHI Exfiltration via Social Engineering
Mitchell Langley June 17, 2026
Application Security
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
Mitchell Langley June 16, 2026
Application Security
PromptSnatcher Extensions Stole AI Chats From 90,000 Users
Mitchell Langley June 15, 2026
Cybersecurity
Anthropic Releases Guardrail-Free Mythos 5 to Security Researchers
Andrew Doyle June 12, 2026
More In News
Trending
Storm-3075 Uses ChatGPT and Claude Brands to Harvest Credentials
Fake Claude Code Installers on Google Sites Steal AI API Keys
Fake Chrome Web Store DMCA Notices Target Extension Developers
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Exein Raises €70M: Defending the IoT-AI Frontier with Embedded Security
July 16, 2025
Podcasts
Salt Typhoon Strikes Again: National Guard, Telecoms, and a Crisis in U.S. Cyber Defense
July 16, 2025
Podcasts
DragonForce Ransomware Hits Belk: 150GB Data Leak and Operational Chaos
July 15, 2025

Cyber Security News

Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Cybersecurity
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
April 16, 2026
France's Rising Kidnapping Cases Amid Crypto Extortion Schemes
Cybersecurity
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
April 16, 2026
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Application Security
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
April 16, 2026
Modern Trucking's Cybersecurity Imperative - Industry Leaders Address Digital Threats
Cybersecurity
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
April 16, 2026
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Application Security
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
April 15, 2026
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Application Security
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
April 15, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Australia Warns of Chinese Cyber Probing Into Critical Infrastructure
November 17, 2025
Australian intelligence warns that Chinese state-sponsored hackers have gained unauthorized access to critical infrastructure, shifting from espionage to potential sabotage. Officials say APT groups are ...
How TTP-Based Defenses Outperform Traditional IoC Hunting
November 17, 2025
Behavior-based detection is replacing traditional IoC-driven security as organizations focus on identifying attacker tactics and behaviors instead of static indicators. By analyzing TTPs like credential ...
Chinese APT Leveraged Claude AI for Automated Espionage Operation
November 17, 2025
Chinese APT group GTG-1002 has been caught abusing Anthropic’s Claude AI to automate phishing, malware development, and reconnaissance tasks. The campaign marks a major shift ...
North Korean ‘Contagious Interview’ Campaign Evolves With JSON-Based Malware Delivery
November 17, 2025
North Korea’s “Contagious Interview” campaign is evolving with new stealth techniques, using legitimate JSON-based storage services to host malware delivered through trojanized developer tools. NVISO ...
Amazon Identifies Massive NPM Package Flooding Attack as Token-Farming Campaign
November 17, 2025
Attackers flooded the npm registry with thousands of benign-looking packages designed to harvest crypto-related authentication tokens rather than deploy malware. Amazon researchers say the large-scale ...
Logitech Confirms Data Breach After Clop Ransomware Attacks Oracle Systems
November 17, 2025
Clop exploited an unpatched Oracle E-Business Suite flaw to steal corporate data from Logitech, prompting the company to confirm exposure while emphasizing no operational disruption. ...
U.S. DOJ Secures Guilty Pleas in North Korea IT Worker and Crypto Fraud Case
November 17, 2025
A recently unsealed DOJ case reveals five defendants have pleaded guilty to helping North Korean operatives infiltrate U.S. companies as remote IT workers using stolen ...
CISA Warns of Akira Ransomware Targeting Nutanix AHV Virtual Machines
November 17, 2025
Akira ransomware now targets Nutanix AHV virtual machines, encrypting .qcow2 files, exploiting SonicWall vulnerabilities, and rapidly exfiltrating data across Linux-based enterprise environments.
DoorDash Discloses October Cybersecurity Breach Exposing User Contact Information
November 17, 2025
DoorDash disclosed a new data breach after a social engineering attack exposed user contact information in October, prompting concerns over delayed notification and heightened phishing ...
IndonesianFoods Worm Overwhelms npm With 100,000 Auto-Generated Packages
November 16, 2025
A self-replicating npm worm named IndonesianFoods has flooded the registry with over 100,000 packages, raising major supply-chain security concerns despite the absence of malicious code.
Kraken Ransomware Evolves With System Benchmarking, Cisco Warns
November 16, 2025
Kraken ransomware benchmarks system performance to choose full or partial encryption, enabling efficient data theft and encryption across Windows, Linux, and VMware ESXi networks globally.
Fortinet FortiWeb Vulnerability Exploited to Create Unauthorized Admin Accounts
November 16, 2025
A FortiWeb path traversal flaw is being actively exploited to create unauthorized admin accounts on unpatched devices, prompting urgent patching and security reviews by administrators.
ASUS Patches Critical Authentication Bypass Vulnerability in DSL Series Routers
November 16, 2025
ASUS released urgent firmware updates to fix a critical authentication bypass flaw in multiple DSL routers, warning users to patch immediately and disable internet-exposed services.
Hamburg’s Miniatur Wunderland Hit by Cyberattack Exposing Credit Card Data
November 13, 2025
Hamburg’s Miniatur Wunderland suffered a cyberattack that compromised its online ticket system, leaking visitors’ credit card data and potentially exposing thousands to fraud and identity ...
Data Leak Exposes Francis Frith’s Historic Photo Archive Customers
November 13, 2025
A misconfigured database exposed over 300,000 Francis Frith customers’ personal details, including names and emails, putting buyers of the UK’s historic photo archive at phishing ...
Microsoft Expands Passwordless Security With Third-Party Passkey Manager Support in Windows 11
November 13, 2025
Windows 11 now supports third-party passkey managers like 1Password and Bitwarden, allowing users to authenticate with FIDO-compliant passkeys beyond Microsoft’s own tools. The update strengthens ...
U.K. Unveils Cybersecurity Reform to Safeguard Critical Infrastructure
November 13, 2025
The U.K. is overhauling its cybersecurity laws to better protect critical infrastructure from escalating cyberattacks, expanding NIS regulations to cover more sectors and third-party providers. ...
CISO Forum 2025: Summit Explores AI, Cloud Risk, and Governance Realities
November 13, 2025
The 2025 CISO Forum Virtual Summit highlighted how modern CISOs must balance innovation with expanding attack surfaces. Sessions focused on AI governance, cloud security, and ...
Coordinated Zero-Day Exploits Target Citrix and Cisco Vulnerabilities in Custom Malware Campaign
November 13, 2025
Attackers chained two unpatched zero-day flaws—CitrixBleed 2 and a critical Cisco ISE vulnerability—to deploy custom, stealthy malware before fixes were available. Amazon CISO CJ Moses ...
DanaBot Resurfaces with New Windows Variant Six Months After Takedown
November 13, 2025
DanaBot has resurfaced with version 669 after six months of silence following Operation Endgame, signaling a rebuilt infrastructure and upgraded loaders. The new variant features ...
ShinyHunters Claims 2.2 Million Kodak Records, Sets Leak Deadline
CISA Adds Joomla JCE CVE-2026-48907 to KEV Amid Active Scans
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
iRhythm Confirms PHI Exfiltration via Social Engineering
Rokarolla Android Trojan Hits 217 Banking and Crypto Apps
Steam Workshop Wallpaper Packages Drop DarkKomet and Lumma
GhostTree NTFS Junctions Paralyze Windows Defender Scans
CVE-2026-2473: Vertex AI SDK Pickle Attack Enables Cross-Tenant RCE
Endpoint Security Solutions: How to Protect Every Enterprise Device
UNC6508 Abused Google Workspace Rules in Medical-Military Espionage
Three FortiSandbox CVEs Chained for Unauthenticated Root Execution
Cisco CVE-2026-20262 Added to CISA KEV; Eighth Exploited SD-WAN Flaw
LiteSpeed cPanel CVE-2026-54420 Escalates to Root on Shared Hosts
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
DOJ Seizes CFAKE.com and SOCFAKE.com in First TAKE IT DOWN Act Case
The Quarry PhaaS: IRS Lures, ConnectWise RAT, 500+ Victims
ESET Finds WIN_DRV: Earth Lusca’s First Windows SprySOCKS Rootkit
Obsidian Finds CVSS 9.9 Attack Chain in LiteLLM AI Gateway
CVE-2026-48558 Exposes 14,000 SimpleHelp RMM Servers to Auth Bypass
ShinyHunters Claims 61M Sysco Salesforce Records in Unverified Breach