Cyber Security
Cybersecurity
TwoNet Hacktivists Breach Decoy Water Treatment Plant, Alter PLC Setpoints and Disable Alarms Within 26 Hours
TwoNet breached a decoy water-treatment HMI in September, altering PLC setpoints and disabling alarms within about 26 hours after exploiting a known XSS vulnerability.
Cybersecurity
AI Companion Apps Expose Millions of Intimate Messages after Unprotected Kafka Instances
Two AI companion apps exposed 43 million messages and 600,000 media files after an unprotected Kafka Broker leaked data for over 400,000 users; instance now ...
Cybersecurity
Salesforce Refuses to Pay Ransom After Widespread CRM Data-Theft Campaigns
Salesforce refused extortion demands after attackers stole large CRM datasets via OAuth social engineering and stolen SalesLoft tokens; companies are revoking tokens and investigating scope.
Cybersecurity
Avnet Confirms EMEA Data Breach, Says Stolen Information Is Mostly Unreadable Without Internal Tools
Avnet confirmed a cyberattack on an EMEA cloud storage system. The company said stolen data was largely unreadable without its proprietary tools and global operations ...
Cybersecurity
Doctors Imaging Group Data Breach Exposes 171,000 Patients’ Medical and Financial Records
A November 2024 breach at Doctors Imaging Group exposed PHI and PII for 171,000 patients; forensics concluded in August 2025 and patient notifications followed.
Cybersecurity
DraftKings Says Credential Reuse Behind Targeted Account Intrusions, Not Internal Breach
DraftKings confirmed credential stuffing attacks targeting customer accounts, exposing limited personal data. The company ordered password resets, mandated multifactor authentication, and confirmed no internal breach ...
Cybersecurity
BK Technologies Cyberattack Contained as Employee Data Accessed by Threat Actors
BK Technologies confirmed a late-September cyberattack compromising internal systems and employee data, but swift containment and forensic analysis prevented further escalation or operational disruption.
Cybersecurity
Red Hat Data Breach Escalates as ShinyHunters Joins Extortion
Red Hat faces escalated extortion as ShinyHunters lists sampled Customer Engagement Reports from the breach; samples name major clients and set an October 10 ransom ...
Cybersecurity
RediShell Zero-Day in Redis Permits Remote Code Execution on Exposed Instances
Critical RediShell zero-day (CVE-2025-49844) enables Lua-based remote code execution on Redis; administrators must patch, disable Lua where possible and secure exposed instances immediately.
Cybersecurity
Oracle E-Business Suite Zero-Day Exploited, Authorities Urge Immediate Patching
Oracle E-Business Suite zero-day CVE-2025-61882 is under active exploitation; emergency patches are available and organizations must patch and investigate potential compromise immediately.
Cybersecurity
NIST Flags DeepSeek Adoption Over Security, Censorship and Cost Concerns
NIST analysis finds DeepSeek models lag U.S. counterparts, cost more, are easier to hijack, and exhibit CCP-aligned censorship, prompting security and policy warnings for adopters.
Cybersecurity
Unity Engine Flaw Permits Code Execution on Android and Escalation on Windows
A Unity runtime flaw (CVE-2025-59489) allows malicious apps or inputs to load attacker libraries, enabling code execution on Android and privilege escalation on Windows; developers ...
Cybersecurity
Salesforce Faces Extortion Threat After Salesloft OAuth Token Exploits
A hacking consortium claims Salesloft OAuth tokens were abused to extract CRM records from 700+ companies; Salesforce says claims relate to past or unverified incidents ...
Cybersecurity
Discord Discloses Support Ticket Breach After Unauthorized Access to Third-Party System
Discord confirmed attackers accessed a third-party support system, stealing support tickets, IDs, IPs, messages and partial billing data; investigation and user notifications are ongoing.
Cybersecurity
VMware Virtual Machines Targeted in Zero-Day Exploitation by China-Linked Hackers
Broadcom warns of zero-day flaws in VMware software exploited by China-linked hackers, allowing privilege escalation for months, raising concerns over virtualization security and global enterprise ...
Cybersecurity
Boeing Supplier Dimensional Control Systems Targeted in Ransomware Attack
J Group ransomware gang claims to have stolen 11GB of sensitive internal documents from Boeing supplier Dimensional Control Systems, raising cybersecurity concerns across global manufacturing ...
Cybersecurity
Lynx Claims Ransomware Intrusion at TriMed Subsidiary of Henry Schein
Lynx claims a ransomware intrusion at TriMed, posting alleged executive, legal, employee and proprietary files; Henry Schein is investigating with law enforcement and forensic partners.
Cybersecurity
Red Hat Confirms Breach of Consulting GitLab Instance After Claim of 570.2 GB Leak
Red Hat confirmed unauthorized access to a consulting GitLab instance; an extortion group claims to have exfiltrated 570.2 GB from 28,000 repositories, including ~800 CERs.
Cybersecurity
DrayTek Vigor RCE Vulnerability Prompts Urgent Firmware Updates
DrayTek patched CVE-2025-10547, an uninitialized-variable flaw in Vigor routers that can lead to memory corruption and potential remote code execution; administrators must update firmware and ...
Cybersecurity
WestJet Data Breach Exposes Passports and IDs for 1.2 Million Customers
WestJet confirmed a June cyberattack exposed passports, IDs, and travel records of 1.2 million customers. The airline is notifying victims and offering two years of ...
Application Security
Ghost CMS CVE-2026-26980 Exploited in ClickFix Campaign
TOP CYBERSECURITY HEADLINES
Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Application Security
LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited
This Week’s Security Spotlight
Application Security
Anthropic’s Project Glasswing Finds 10,000+ CVEs in One Month
Application Security
Trump Mobile Exposes 27,000 Customer Records via Insecure API
CVE Vulnerability Alerts
Cisco Secure Workload CVE-2026-20223 Earns CVSS 10.0
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Sotheby’s Confirms Data Breach Exposing Financial Information
Sotheby’s confirmed a cyber intrusion in July 2025 that exposed names, Social Security numbers and financial account details. It is offering identity monitoring and investigating.
Fake LastPass and Bitwarden “Breach Alerts” Lead to PC Hijacks via Remote Access Tools
Phishing emails impersonating LastPass and Bitwarden lure users to install malicious binaries. The payload deploys Syncro and ScreenConnect for remote PC control, code execution and ...
PowerSchool Hacker Sentenced to Four Years for Cyberattack on Education Platform
A 20-year-old college student has been sentenced to four years in prison for hacking PowerSchool and stealing data from more than 70 million students and ...
ICTBroadcast Servers Under Threat: Cookie Vulnerability Enables Remote Code Execution
A critical vulnerability in ICTBroadcast (CVE-2025-2611) enables unauthenticated remote code execution through malicious session cookies. With public exploits and Metasploit modules available, attackers are actively ...
SAP NetWeaver Patch Released for CVSS 10.0 Deserialization Flaw Vulnerability
A critical CVSS 10.0 vulnerability in SAP NetWeaver AS Java (CVE-2025-42944) allows unauthenticated attackers to remotely execute OS commands through insecure deserialization in the RMI-P4 ...
Redis Releases Update to Fix CVE-2025-49844 Critical RCE Vulnerability
A critical use-after-free vulnerability in Redis (CVE-2025-49844) enables remote code execution via Lua scripting. Affecting all versions up to 8.2.1, the flaw is already being ...
Industrial Control at Risk: Red Lion RTU Vulnerabilities Score 10.0 CVSS
Researchers uncovered two critical Red Lion Sixnet RTU vulnerabilities that allow attackers to bypass authentication and execute root-level commands remotely. Widely used in energy, water, ...
Salesforce Hacks: Extortion Group Leaks Millions of Sensitive Records
A unified extortion group known as Scattered Lapsus$ Hunters exploited OAuth token leaks from Salesloft integrations to infiltrate Salesforce-connected systems. At least 44 major companies ...
Capita Hit with £14M Fine for Data Breach Impacting 6.6M Individuals
Capita has been fined £14 million by the UK ICO for failing to prevent a 2023 cyberattack that exposed data from over 6.6 million people. ...
U.S. Seizes $15 Billion in Bitcoin Linked to Major Pig Butchering Crypto Scam
U.S. authorities seized $15 billion in bitcoin linked to a major “pig butchering” scam run by Chen Zhi and Prince Holding Group, combining fraud and ...
Pixnapping Attack Steals MFA Codes Pixel by Pixel on Android Devices
Pixnapping is a new Android attack that steals 2FA codes and on-screen data by reading pixel rendering side-channels—no permissions needed, and effective in under 30 ...
Vietnam Airlines Confirms Customer Data Breach Linked to Third-Party Support Platform
Vietnam Airlines says a third-party customer-service platform was breached, possibly exposing customer contact data; payments, passwords and passports were not affected, investigation and notifications are ...
Oracle Quietly Patches Zero-Day Vulnerability Revealed by ShinyHunters Leak
Oracle quietly patched a zero-day exploit leaked by ShinyHunters, enabling remote command execution in enterprise applications. Customers are urged to deploy updates immediately and audit ...
CoinbaseCartel Threatens to Publish SK Telecom Source Code unless Ransom Talks Start
Ransom group CoinbaseCartel claims to have stolen SK Telecom source code, build files and cloud keys via a repository compromise and threatens public disclosure this ...
Russia Suspected in Jaguar Land Rover Cyberattack That Halted Production for Weeks
UK investigators probe Russian involvement after a September cyberattack at Jaguar Land Rover disabled 800 systems and halted production; government underwrites a £1.5bn loan guarantee.
Northern Rivers Resilient Homes Program Breach Exposes Personal Data of 2,031 Residents
An internal AI upload exposed the personal and health data of 2,031 Northern Rivers Resilient Homes participants. The NSW Reconstruction Authority opened investigations and issued ...
Qantas Customer Data Leaked on Dark Web After July Cyberattack
Hackers have leaked data of nearly six million Qantas customers on the dark web after a Salesforce-linked breach, exposing names, contact details, and frequent flyer ...
Discord Breach Exposes 70,000 ID Photos and Raises Questions about Third-Party Age Verification
Discord has confirmed that government-issued identification photos belonging to roughly 70,000 users may have been exposed in a third-party breach that impacted a vendor used ...
SimonMed Confirms Data Breach Exposed 1.2 Million Patients in January
SimonMed Imaging says a January 2025 breach exposed data for 1.2 million patients. Medusa claimed theft of 212 GB including scanned IDs, medical records, and ...
The “Shotgun” Botnet: How RondoDox Hijacks Routers, Cameras, and Servers Worldwide
A new and fast-growing botnet dubbed RondoDox is shaking up the global cybersecurity landscape with its “shotgun” exploitation strategy, targeting over 50 known and unknown ...