Main Menu
Cyber Security
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
Harrods Confirms Cyberattack Amid Growing Wave Targeting UK Retail Sector
News
Harrods Confirms Cyberattack Amid Growing Wave Targeting UK Retail Sector
Andrew Doyle May 2, 2025
Harrods joins M&S and Co-op as the latest UK retailer targeted in a cyberattack, prompting immediate security measures amid a surge in retail-focused intrusions.
Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack
News
Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack
Mitchell Langley April 30, 2025
Hitachi Vantara shut down servers to contain an Akira ransomware attack that disrupted systems and led to stolen data across corporate and government-related operations.
MTN Ghana Data Breach Impacts 5,700 Customers, Investigation Underway
News
MTN Ghana Data Breach Impacts 5,700 Customers, Investigation Underway
Andrew Doyle April 30, 2025
MTN Ghana confirms a data breach affecting 5,700 customers, with investigations ongoing and direct outreach underway to mitigate potential risks and prevent further exposure.
M&S Cyberattack Halts Online Sales, Triggers Major Financial Impact
News
M&S Cyberattack Halts Online Sales, Triggers Major Financial Impact
Mitchell Langley April 30, 2025
Marks & Spencer suspended online orders after a cyberattack over Easter weekend caused major disruptions, wiping £500 million off its stock and impacting daily sales. ...
CISA Flags Broadcom, CommVault, and Active! Mail Vulnerabilities as Actively Exploited
News
CISA Flags Broadcom, CommVault, and Active! Mail Vulnerabilities as Actively Exploited
Mitchell Langley April 30, 2025
CISA adds Broadcom, CommVault, and Active! Mail vulnerabilities to KEV catalog following active exploitation reports, urging immediate patching by enterprise and critical infrastructure operators.
SK Telecom Offers Free SIM Replacements After Malware Breach Impacts USIM Data
News
SK Telecom Offers Free SIM Replacements After Malware Breach Impacts USIM Data
Andrew Doyle April 30, 2025
SK Telecom is replacing SIM cards for 25 million users after a malware breach exposed USIM data. Supply limits restrict replacements to 6 million by ...
27 Million Records Allegedly Leaked from French Retailer Boulanger
Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
Andrew Doyle April 29, 2025
Personal data linked to over 27 million customer records of French electronics giant Boulanger has been leaked on a public ...
Over 1,200 SAP NetWeaver Servers Exposed to Actively Exploited Critical Vulnerability
News
Over 1,200 SAP NetWeaver Servers Exposed to Actively Exploited Critical Vulnerability
Mitchell Langley April 29, 2025
A critical SAP NetWeaver flaw (CVE-2025-31324) is being actively exploited. Over 1,200 servers are exposed, with hundreds already compromised by remote webshell deployments.
VeriSource Confirms Data Breach Impacted 4 Million People After Year-Long Investigation
News
VeriSource Confirms Data Breach Impacted 4 Million People After Year-Long Investigation
Andrew Doyle April 29, 2025
VeriSource Confirms Data Breach Impacted 4 Million People After Year-Long Investigation
Marks & Spencer Cyberattack Tied to Scattered Spider Ransomware Group
News
Marks & Spencer Cyberattack Tied to Scattered Spider Ransomware Group
Mitchell Langley April 29, 2025
Marks & Spencer is battling an ongoing outage caused by Scattered Spider ransomware attackers, who breached its systems, stole password data, and encrypted virtual machines. ...
Darcula: AI-Enhanced Phishing Platform Targets Users Worldwide
News
Darcula: AI-Enhanced Phishing Platform Targets Users Worldwide
Mitchell Langley April 29, 2025
The Darcula phishing platform has been upgraded with AI, enabling cybercriminals to quickly generate multilingual phishing scams and harvest user credentials on a global scale. ...
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
News
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
Andrew Doyle April 28, 2025
Researchers uncovered a major AI vulnerability allowing attackers to bypass safeguards with a single prompt, gaining control over AI systems to generate dangerous content.
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
News
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
Mitchell Langley April 28, 2025
A new phishing campaign is targeting WooCommerce administrators with fake security alerts designed to hijack websites by installing hidden backdoors and persistent malware.
Marks & Spencer Halts Online Orders Following Cyberattack
News
Marks & Spencer Halts Online Orders Following Cyberattack
Andrew Doyle April 28, 2025
Marks & Spencer suspended online orders following a cyberattack impacting digital and in-store services, while investigations continue in collaboration with external cybersecurity specialists.
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
News
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
Mitchell Langley April 28, 2025
Pro-Russian hackers NoName057(16) have intensified DDoS attacks against German organizations, targeting banks, manufacturers, and government websites in retaliation for political decisions related to Ukraine.
DragonForce Expands Ransomware Model with White-Label Branding
News
DragonForce Expands Ransomware Model with White-Label Branding
Andrew Doyle April 28, 2025
DragonForce expands its ransomware cartel with a white-label model, allowing affiliates to use its infrastructure under their own brand, taking a 20% cut of ransoms. ...
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
News
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
Mitchell Langley April 28, 2025
SK Telecom Reports Customer Data Breach Linked to Cyberattack SK Telecom, South Korea’s largest mobile carrier, announced that it suffered ...
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
News
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
Mitchell Langley April 25, 2025
Spyware hidden in a fake AlpineQuest app is stealing sensitive data from Russian soldiers, revealing operational plans via location tracking and real-time Telegram monitoring.
Frederick Health Data Breach Impacts 934,326 Patients
News
Frederick Health Data Breach Impacts 934,326 Patients
Mitchell Langley April 25, 2025
In January, a ransomware attack on Frederick Health Medical Group exposed sensitive data of 934,326 patients, triggering law enforcement involvement and mandatory federal breach reporting. ...
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
News
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
Andrew Doyle April 25, 2025
MTN confirms a data breach exposing limited customer data, assures core systems are safe. Law enforcement and regulators have been notified as investigations continue.
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Syed Arslan May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle April 21, 2025

TOP CYBERSECURITY HEADLINES

Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
News
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
News
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
News
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
News
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang

SECURITYWEEK INDUSTRY EXPERTS

Medical Data Breach Affected Dental Service Infrastructure
News
Medical Data Breach Affected Dental Service Infrastructure
Andrew Doyle June 4, 2025
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
News
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
Andrew Doyle June 4, 2025
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
News
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
Mitchell Langley June 4, 2025
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
News
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
Mitchell Langley June 4, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
DragonForce Breaches MSPs via SimpleHelp Flaws: Inside CVE-2024-57726
May 28, 2025
Podcasts
Fentanyl, Firearms, and $200M in Crypto: Dark Web Crime Meets Global Law Enforcement
May 27, 2025
Podcasts
Marlboro-Chesterfield Pathology Ransomware Breach: 235,000 Patients Affected
May 27, 2025

Cyber Security News

Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
Cybersecurity
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
January 29, 2025
List of 15 Networking Certifications by Security Vendors to Supercharge Your Career in 2025
Blog
Top 15 Networking Certifications to Supercharge Your Career in 2025
January 22, 2025
Top 10 Ransomware Groups of 2024 The Year's Most Active Cyber Threats
Blog
Top 10 Ransomware Groups of 2024: The Year’s Most Active Cyber Threats
January 14, 2025
Top 15 Cyberattacks of 2024 The Worst Incidents for Enterprise
Blog
Top 15 Cyberattacks of 2024: The Worst Incidents for Enterprise
January 8, 2025
Nuclei Vulnerability Allows Signature Bypass and Code Execution
Cybersecurity
Nuclei Vulnerability Allows Signature Bypass and Code Execution
January 7, 2025
This Week In Cybersecurity: 30th December to 03rd January
Cybersecurity
This Week In Cybersecurity: 30th December to 03rd January
January 3, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
OpenAI Testing Model Context Protocol Integration for ChatGPT
May 16, 2025
OpenAI is testing Model Context Protocol support in ChatGPT, allowing secure access to third-party tools and enterprise platforms for more powerful, contextual task handling.
Proofpoint Acquires Hornetsecurity for $1B: A New Era in Microsoft 365 Security
May 16, 2025
 In a major move within the cybersecurity space, Proofpoint has announced the acquisition of Hornetsecurity for over $1 billion. This deal significantly strengthens Proofpoint’s foothold ...
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
May 16, 2025
Russian-linked hackers exploited XSS flaws in Roundcube, Zimbra, and others to steal government emails globally through a no-click attack dubbed the RoundPress campaign.
North Korean Hackers TA406 Target Ukraine to Gauge Russia’s Military Demands
May 15, 2025
North Korean hackers TA406 target Ukrainian government entities to assess Russia’s war demands, using phishing, PowerShell malware, and credential theft to inform DPRK military strategy. ...
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
May 15, 2025
Bank Street College of Education exposed 500,000+ personal files via a misconfigured AWS bucket, including resumes and contact details. Risk of phishing and ID fraud ...
Dior Confirms Data Breach Exposing Chinese Customer Information
May 15, 2025
Christian Dior confirms a customer data breach affecting Chinese users. Names, contacts, and shopping data were leaked; no financial details were compromised. Investigation ongoing.
Nucor Shuts Down Production Lines Following Cybersecurity Incident
May 15, 2025
Nucor Corporation has shut down select production operations following a cybersecurity incident that compromised internal systems. The company is investigating and restoring operations.
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
May 15, 2025
Hackers are selling 89 million Steam user records in an apparent supply chain breach involving vendor access. Valve denies a direct Steam breach but continues ...
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
May 15, 2025
HireClick leaked over 5.7 million resume files after leaving an AWS bucket unsecured. The data exposure poses significant risks of fraud, phishing, and identity theft. ...
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
May 15, 2025
Valve denies claims of a Steam data breach, stating leaked data consists of expired SMS codes with no account credentials, passwords, or personal information.
Memphis-Shelby County Schools Joins Growing Lawsuit Against PowerSchool After Data Breach
May 15, 2025
Tennessee’s largest school district has filed a federal lawsuit against PowerSchool, citing breach of contract and security failures linked to a December 2023 data breach. ...
Exploited in the Wild: SAP NetWeaver Zero-Days Hit Fortune 500
May 14, 2025
In this episode, we dive into the active exploitation of two critical zero-day vulnerabilities in SAP NetWeaver—CVE-2025-31324 and CVE-2025-42999. Threat actors have been leveraging these ...
Checkout Chaos: Inside the £3.5 Million-a-Day M&S Cyber-Shutdown
May 14, 2025
The recent ransomware attack on Marks & Spencer (M&S) is a sobering example of the evolving cyber threat landscape confronting the retail industry. In this ...
Targeted iOS Attacks: The Zero-Days Apple Had to Patch Fast
May 14, 2025
In this episode, we break down Apple’s massive May 2025 security update blitz—a sweeping patch release that spanned iOS, macOS, iPadOS, tvOS, visionOS, and watchOS. ...
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
May 14, 2025
Russian-aligned ransomware group DragonForce hit UK retailer Co-op, exposing customer data and disrupting operations, in a hybrid cyberattack blending financial and geopolitical motives.
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
May 14, 2025
The EU launches its own vulnerability database (EUVD) to strengthen cybersecurity, reduce reliance on CVE, and ensure greater digital sovereignty across European infrastructure.
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
May 14, 2025
Twilio denies breach after leaked Steam 2FA codes appear online. Experts suspect a third-party SMS provider may be the source of the data exposure.
Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations
May 13, 2025
In this episode, we unpack the groundbreaking $1.4 billion privacy settlement between Google and the state of Texas—now the largest of its kind in U.S. ...
Marbled Dust’s Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
May 13, 2025
In April 2024, a sophisticated cyber espionage campaign orchestrated by the Türkiye-linked hacker group, Marbled Dust, began exploiting a previously unknown zero-day vulnerability in the ...
M&S Confirms Customer Data Breach Following Cyberattack
May 13, 2025
M&S confirms a customer data breach exposing contact details and order history after a cyberattack, but reassures no payment data or passwords were compromised.
Chrome Under Fire: Three Zero-Days, One Month, and Nation-State Exploits
Medical Data Breach Affected Dental Service Infrastructure
Australia Forces Transparency: The World’s First Mandatory Ransomware Payment Reporting Law
$25M for AI Email Security: Trustifi’s Big Bet on the MSP Market
GhostSec: From Hacktivist Roots to RaaS Powerhouse
Malicious RubyGems Impersonate Fastlane Plugins to Steal Telegram Bot Data
Victoria’s Secret Postpones Q1 Earnings Amid System Restoration After Security Incident
The Exploding Threat of Cybercrime-as-a-Service (CaaS): How it’s Reshaping the Cybercrime Landscape
Volkswagen Probes Hacker Claims Amid Ongoing Ransomware Threats
CISA Issues Alert on Actively Exploited ScreenConnect, ASUS Router, and Craft CMS Vulnerabilities
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
Google Chrome vs. Failing CAs: The Policy Behind the Distrust
CVE-2025-48827 & 48828: How vBulletin’s API and Template Engine Got Weaponized
JINX-0132: How Cryptojackers Hijacked DevOps Infrastructure via Nomad and Docker
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
Multi-Stage Phishing Attacks Now Use Google Infrastructure—Here’s How
Password Hashes Leaked via Linux Crash Handlers: The Truth Behind CVE-2025-5054 & 4598