Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
The Exploding Threat of Cybercrime-as-a-Service (CaaS) How it's Reshaping the Cybercrime Landscape
Blog
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Andrew Doyle June 4, 2025
The rise of Cybercrime-as-a-Service (CaaS) is transforming the threat landscape, democratizing cyberattacks and making them more frequent and diverse. This blog explores the various CaaS ...
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
News
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
Mitchell Langley June 4, 2025
Volkswagen is investigating Stormous ransomware group’s breach claims, but internal reviews show no unauthorized access or compromised data within the company’s systems so far.
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
News
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
Mitchell Langley June 4, 2025
CISA has warned U.S. agencies of active attacks exploiting a ScreenConnect vulnerability and critical flaws in ASUS routers and Craft CMS. Patches and mitigations are ...
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
News
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
Mitchell Langley June 3, 2025
The North Face has confirmed a credential stuffing attack in April, exposing customer data including names, addresses, and emails. Payment information remains unaffected.
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
News
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
Andrew Doyle June 3, 2025
North Dakota-based Nokota Packers has reportedly suffered a ransomware attack by the J Group gang, with hackers claiming to have stolen 50GB of sensitive data. ...
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
News
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
Mitchell Langley June 3, 2025
Stormous ransomware gang claims a breach at Volkswagen, but provides no sample data. Researchers find no evidence yet of compromised systems or stolen information.
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
News
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
Andrew Doyle June 3, 2025
Cartier has confirmed a cyberattack that exposed limited customer data, including names and email addresses. Sensitive financial and login information was not compromised.
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
News
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
Mitchell Langley June 3, 2025
The Russian Market has surged in popularity as a major cybercrime marketplace, offering stolen credentials harvested by info-stealer malware like Lumma and Acreed.
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
News
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
Mitchell Langley June 1, 2025
Two critical vBulletin vulnerabilities, actively exploited in the wild, allow attackers to execute code remotely by abusing template logic and PHP’s Reflection API.
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
News
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
Andrew Doyle June 1, 2025
Exploit details for a critical Cisco IOS XE Wireless LAN Controller vulnerability (CVE-2025-20188) are now public, raising urgent concerns about remote code execution risks.
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
News
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
Mitchell Langley June 1, 2025
Germany has named Vitaly Kovalev, aka "Stern," as the leader of the Conti ransomware and TrickBot gangs in a major breakthrough tied to Operation Endgame. ...
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
News
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
Andrew Doyle June 1, 2025
Latrodectus malware infected over 44,000 IP addresses before Operation Endgame's global takedown, with Shadowserver warning of critical ongoing threats across infected systems.
Kaiser Permanente Recovers from Widespread Network Outage That Disrupted Patient Services Nationwide
News
Kaiser Permanente Recovers from Widespread Network Outage That Disrupted Patient Services Nationwide
Mitchell Langley June 1, 2025
Kaiser Permanente suffered a major network outage that disrupted electronic health records and patient services across the U.S. System functionality was restored the following day. ...
184 Million Login Credentials Exposed in Major Unprotected Database Leak
News
184 Million Login Credentials Exposed in Major Unprotected Database Leak
Andrew Doyle June 1, 2025
Over 184 million login credentials were exposed online in plain text, revealing widespread negligence in data protection and the growing threat of credential-based cyberattacks.
This Week In Cybersecurity: 26th to 30th May, 2025
Cybersecurity Newsletter
This Week In Cybersecurity: 26th to 30th May, 2025
Andrew Doyle May 30, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
Victoria’s Secret Takes Website Offline Following Security Incident
News
Victoria’s Secret Takes Website Offline Following Security Incident
Mitchell Langley May 30, 2025
Victoria’s Secret temporarily disabled its website and limited in-store services to address a cybersecurity incident. Third-party experts have been engaged; stores remain open.
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
News
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
Mitchell Langley May 30, 2025
An exposed Unimed server leaked over 14 million private patient-doctor messages, including medical data, documents, and IDs—posing major cybersecurity and privacy risks.
Russian Nuclear Facility Blueprints Exposed in Massive Security Breach
News
Russian Nuclear Facility Blueprints Exposed in Massive Security Breach
Andrew Doyle May 30, 2025
Russian nuclear facility blueprints were exposed in a public procurement database, revealing sensitive layouts of missile silos and bunkers tied to Moscow’s nuclear modernization.
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
News
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
Mitchell Langley May 30, 2025
Chinese APT41 hackers used Google Calendar to run malware operations and exfiltrate data, exploiting Calendar events for covert command-and-control and stealth communications.
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
News
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
Mitchell Langley May 29, 2025
Medusa ransomware claims a 150GB data breach at RE/MAX and demands $200K ransom. Exposed files include agent details, commissions, and internal property documents.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
NVIDIA Issues Urgent Rowhammer Warning: Enable ECC or Risk AI Integrity
July 15, 2025
Podcasts
Zip Security Secures $13.5M to Simplify and Scale Cyber Defense
July 15, 2025
Podcasts
Century Support Services Breach: 160,000 Identities Compromised in Silent Cyberattack
July 15, 2025

Cyber Security News

Naver's Cryptocurrency Exchange Acquisition Marred by Cyberattack
Cybersecurity
Naver’s Cryptocurrency Exchange Acquisition Marred by Cyberattack
November 28, 2025
Ex-NCSC Chief to Investigate Premature Online Leak of Budget Forecast
Cybersecurity
Ex-NCSC Chief to Investigate Premature Online Leak of Budget Forecast
November 28, 2025
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
Cybersecurity
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
November 27, 2025
ShadowV2 Botnet Malware Exploits IoT Vulnerabilities in D-Link and TP-Link Devices
Network Security
ShadowV2 Botnet Malware Exploits IoT Vulnerabilities in D-Link and TP-Link Devices
November 27, 2025
Comcast's $1.5 Million Settlement in Data Breach Incident with FCC
Data Security
Comcast’s $1.5 Million Settlement in Data Breach Incident with FCC
November 27, 2025
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
Cybersecurity
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
November 27, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
AMEOS Healthcare Network Confirms Cyberattack, Patient and Employee Data Potentially Exposed
July 23, 2025
AMEOS Group, a leading healthcare provider in Central Europe, has confirmed a data breach affecting patients, employees, and partners. Investigation and containment measures are ongoing. ...
Scammers Exploit Net Financing and Corporate Identities to Steal High-Value Tech Equipment
July 23, 2025
Scammers posing as real businesses use stolen corporate identities and net financing to order expensive equipment—vanishing with goods before invoices come due.
Naval Group Suffers Cyberattack: Hackers Claim Access to French Warship Combat Systems
July 23, 2025
Naval Group, France’s top warship builder, is allegedly breached by hackers claiming access to combat systems source code, raising serious national security concerns.
ToolShell: SharePoint Zero-Day Chain Gives Hackers Full Remote Access
July 22, 2025
A new wave of zero-day attacks—collectively known as ToolShell—is actively targeting Microsoft SharePoint servers, with two vulnerabilities (CVE-2025-53770 and CVE-2025-53771) allowing unauthenticated remote code execution ...
Ransomware Attack Destroys 158-Year-Old Firm After Weak Password Breach
July 22, 2025
A weak employee password allowed ransomware hackers to cripple 158-year-old logistics firm KNP, causing 700 job losses and highlighting the growing threat of ransomware attacks. ...
Veeam Recovery Orchestrator Locks Out Users After MFA Rollout in Faulty Update
July 22, 2025
Veeam Recovery Orchestrator's latest update causes user lockouts after enabling MFA. A fix is available, but affected users must contact support for remediation.
CVE-2025-54309: CrushFTP Zero-Day Exploited in Global Admin Access Attacks
July 22, 2025
A critical zero-day vulnerability in CrushFTP (CVE-2025-54309) is being actively exploited, giving attackers administrative access to over a thousand unpatched servers globally. This severe security ...
Dell Breach by World Leaks: Extortion Attempt Hits Demo Platform
July 22, 2025
Dell Technologies is the latest target in a growing trend of data extortion attacks as threat actors pivot away from traditional ransomware. The cybercrime group ...
Termite Ransomware: The Silent Invader
July 22, 2025
Termite ransomware, active since at least late 2024, targets high-profile organizations. Recent victims include Blue Yonder and Zschimmer & Schwarz, highlighting its broad reach and ...
Ransomware-as-a-Service (RaaS): The Industrialization of Cybercrime and What Enterprises Must Do
July 22, 2025
Ransomware-as-a-Service (RaaS) enables cybercriminals to launch attacks at scale. Learn how it works, why it’s dangerous, and how enterprises can defend and recover effectively.
Critical VPN Vulnerability: ExpressVPN Exposed IPs via RDP Misrouting
July 22, 2025
A critical vulnerability in ExpressVPN’s Windows client has put a spotlight on the often-overlooked dangers of debug code making its way into production software. This ...
California Engineer Admits to Stealing U.S. Missile Detection Secrets for China
July 22, 2025
A California engineer admitted to stealing top-secret U.S. missile tracking technology and funneling it to China, exposing a deep insider espionage operation.
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
July 22, 2025
Dior is alerting U.S. customers about a data breach that exposed personal data. The cyberattack, linked to ShinyHunters, targeted LVMH brands via a third-party vendor. ...
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
July 22, 2025
A bug in ExpressVPN's Windows client leaked real IP addresses during RDP sessions. The issue, now fixed, affected traffic over port 3389 outside the VPN ...
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
July 22, 2025
A backend glitch at Ring caused customers to see unknown devices logged into their accounts, but Amazon insists there’s been no security breach or unauthorized ...
Dior Data Breach Exposes U.S. Customer Info in LVMH Vendor Attack
July 21, 2025
In this episode, we unpack the January 2025 data breach at Dior, the iconic luxury fashion house, which exposed sensitive personal information of U.S. customers—including ...
StrongestLayer Raises $5.2M to Fight AI-Powered Phishing with TRACE
July 21, 2025
In an era where generative AI is being used not just for productivity but for precision cybercrime, a San Francisco-based startup, StrongestLayer, is taking a ...
750,000 Records Exposed: Inside the TADTS Data Breach by BianLian
July 21, 2025
In July 2024, The Alcohol & Drug Testing Service (TADTS), a Texas-based company handling sensitive employment-related data, suffered a catastrophic data breach. Nearly 750,000 individuals ...
SS7 Is Still Broken: How Surveillance Firms Are Bypassing Telco Defenses
July 21, 2025
A new attack technique is exposing just how vulnerable global mobile networks remain in 2025. Cybersecurity firm Enea has discovered a surveillance operation that bypasses ...
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
July 21, 2025
Arch Linux pulled three AUR packages after discovering they delivered Chaos RAT malware through a malicious GitHub script, compromising Linux systems via community-sourced PKGBUILD files. ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited