Main Menu
Cyber Security
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
CISA Warns of Craft CMS Code Injection Flaw
Top Cyber Threats Facing Enterprise Businesses in 2025: A Comprehensive Guide
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
CISA Warns of Fast Flux DNS Evasion Used by Cybercrime Gangs
News
CISA Warns of Fast Flux DNS Evasion Used by Cybercrime Gangs
Andrew Doyle April 4, 2025
CISA warns of Fast Flux DNS evasion, a technique used by cybercrime gangs to mask malicious activity by rapidly changing DNS records, making detection and ...
Texas State Bar Data Breach: INC Ransomware Gang Claims Responsibility
News
Texas State Bar Data Breach: INC Ransomware Gang Claims Responsibility
Mitchell Langley April 4, 2025
The Texas State Bar suffered a data breach between January 28 and February 9, 2025, with the INC ransomware gang claiming responsibility and leaking stolen ...
GitHub Supply Chain Attack Traced to Leaked SpotBugs Token
News
GitHub Supply Chain Attack Traced to Leaked SpotBugs Token
Mitchell Langley April 4, 2025
A devastating GitHub supply chain attack, targeting Coinbase, stemmed from a leaked SpotBugs token, exposing secrets in 218 repositories and highlighting critical vulnerabilities in open-source ...
Oracle Cloud Breach Confirmed, Data Theft Impacts Legacy Systems
News
Oracle Cloud Breach Confirmed, Data Theft Impacts Legacy Systems
Andrew Doyle April 4, 2025
Oracle confirms a data breach impacting its legacy Oracle Cloud Classic system, resulting in the theft of client credentials. Investigations are underway, but the company's ...
$500,000 Lost in Australian Superannuation Fund Data Breach
News
$500,000 Lost in Australian Superannuation Fund Data Breach
Mitchell Langley April 4, 2025
Major Australian superannuation funds experienced a data breach, resulting in $500,000 in losses and impacting thousands of members via a credential stuffing attack.
Hunters International Shifts to Data Extortion and Rebrands as World Leaks
News
Hunters International Shifts to Data Extortion and Rebrands as World Leaks
Andrew Doyle April 4, 2025
Hunters International, a notorious ransomware operation, has rebranded as World Leaks, shifting its focus to data extortion.
ChatGPT is Down Worldwide Impacting Millions
Cybersecurity
ChatGPT is Down Worldwide Impacting Millions
Mitchell Langley April 3, 2025
Global ChatGPT outage caused widespread disruption, displaying a "Something went wrong" error. OpenAI acknowledged the problem and implemented a fix.
Royal Mail Data Breach: No Operational Impact Reported
News
Royal Mail Data Breach: No Operational Impact Reported
Andrew Doyle April 3, 2025
Royal Mail investigates a data breach involving third-party supplier Spectos GmbH. Over 144GB of data, including customer PII, was leaked; however, Royal Mail operations remain ...
Triada Malware Preloaded on Counterfeit Android Devices
News
Triada Malware Preloaded on Counterfeit Android Devices
Andrew Doyle April 3, 2025
Counterfeit Android phones are infecting users with Triada malware pre-installed in the firmware, stealing data and cryptocurrency. This supply chain attack highlights the risks of ...
Urgent Security Alert: Exploited CSLU Backdoor Threatens Cisco Systems
News
Urgent Security Alert: Exploited CSLU Backdoor Threatens Cisco Systems
Mitchell Langley April 3, 2025
Exploited Cisco CSLU backdoor admin account enables unauthorized access and control. Immediate patching is critical to prevent attacks.
SimonMed Imaging Confirms Cybersecurity Breach in January 2025
News
SimonMed Imaging Confirms Cybersecurity Breach in January 2025
Andrew Doyle April 3, 2025
SimonMed Imaging confirmed a cybersecurity breach in January 2025, exposing patient data through a vendor, prompting investigations, security upgrades, and at least one class-action lawsuit. ...
173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach
News
173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach
Andrew Doyle April 3, 2025
Chord Specialty Dental Partners reports a data breach impacting 173,000 patients, exposing personal and health data, and offering free credit monitoring services to affected individuals. ...
openSNP to Shut Down: Genetic Data Privacy Concerns Lead to Platform Closure
News
openSNP to Shut Down: Genetic Data Privacy Concerns Lead to Platform Closure
Mitchell Langley April 3, 2025
openSNP, a genetic data sharing platform, will close and delete all data on April 30th due to escalating privacy concerns and the risk of government ...
RedCurl Cyberespionage Group Deploys Ransomware Targeting Hyper-V
News
RedCurl Cyberespionage Group Deploys Ransomware Targeting Hyper-V
Mitchell Langley March 27, 2025
RedCurl, a known cyberespionage group, has deployed QWCrypt ransomware targeting Hyper-V servers, marking a significant shift in their tactics and raising concerns about their motivations.
Garden of Life Faces Three Class-Action Lawsuits Following Data Breach
News
Garden of Life Faces Three Class-Action Lawsuits Following Data Breach
Andrew Doyle March 27, 2025
Garden of Life faces three class-action lawsuits after a data breach exposed customer payment card information, alleging negligence and inadequate data security.
NSW Government Website Data Breach With 9,000 Court files
News
NSW Government Website Data Breach With 9,000 Court files
Andrew Doyle March 27, 2025
major data breach exposed 9,000 sensitive NSW court files. Authorities are investigating, aiming to identify accessed data within a week. Victims are urged to ...
StreamElements Confirms Third-Party Data Breach Affecting 210,000 Users
News
StreamElements Confirms Third-Party Data Breach Affecting 210,000 Users
Mitchell Langley March 27, 2025
StreamElements confirms a third-party data breach exposing data for 210,000 users, highlighting the risks of relying on external vendors.
Oracle Customers Validate Stolen Data from Cloud Server Breach
News
Oracle Customers Validate Stolen Data from Cloud Server Breach
Andrew Doyle March 27, 2025
Oracle denies a data breach affecting 6 million users, but independent verification confirms the authenticity of stolen data, contradicting their claims.
Sydney Tools Data Breach Exposes 34 Million+ Customer Orders
News
Sydney Tools Data Breach Exposes 34 Million+ Customer Orders
Mitchell Langley March 26, 2025
A massive data breach at Sydney Tools exposed over 34 million customer orders and sensitive employee data, including names, addresses, and salaries. The unsecured database ...
South Carolina Eye Clinic Suffers Data Breach: Ransomware Suspected
News
South Carolina Eye Clinic Suffers Data Breach: Ransomware Suspected
Mitchell Langley March 26, 2025
Columbia Eye Clinic in South Carolina suffered a data breach, potentially a ransomware attack, exposing patient data including names, contact information, and procedure codes.
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Syed Arslan May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle April 21, 2025

TOP CYBERSECURITY HEADLINES

Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
News
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
News
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
Cybersecurity
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
Cybersecurity
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty

SECURITYWEEK INDUSTRY EXPERTS

M&S Confirms Customer Data Breach Following Cyberattack
News
M&S Confirms Customer Data Breach Following Cyberattack
Mitchell Langley May 13, 2025
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
News
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Mitchell Langley May 13, 2025
Thousands of Node Developers Compromised by Malware in Popular npm Packages
News
Thousands of Node Developers Compromised by Malware in Popular npm Packages
Andrew Doyle May 13, 2025
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
News
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Mitchell Langley May 13, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Endor Labs Raises $93M to Cut AppSec Noise and Secure the Software Supply Chain
May 5, 2025
Podcasts
CVE-2025-3928: How One Vulnerability Breached Commvault’s Azure Stack
May 5, 2025
Podcasts
Nova Scotia Power, a Canadian Utility, Breached: A Global Warning for Critical Infrastructure
May 2, 2025

Cyber Security News

Nuclei Vulnerability Allows Signature Bypass and Code Execution
Cybersecurity
Nuclei Vulnerability Allows Signature Bypass and Code Execution
January 7, 2025
This Week In Cybersecurity: 30th December to 03rd January
Cybersecurity
This Week In Cybersecurity: 30th December to 03rd January
January 3, 2025
US Treasury Hack: Escalating Cyber Warfare Between US and China
Cybersecurity
US Treasury Hack: Escalating Cyber Warfare Between US and China
January 2, 2025
Massive Healthcare Breaches Prompt Overhaul of US Cybersecurity Rules
Cybersecurity
Massive Healthcare Breaches Prompt Overhaul of US Cybersecurity Rules
December 31, 2024
WhatsApp Wins Against NSO Group: Judge Finds NSO Liable for Pegasus
Cybersecurity
WhatsApp Wins Against NSO Group: Judge Finds NSO Liable for Pegasus
December 24, 2024
This Week In Cybersecurity: 16th December to 20th December
Cybersecurity
This Week In Cybersecurity: 16th December to 20th December
December 20, 2024
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Ransomware Victims on Dark Web – 05th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 06th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
April 21, 2025
Secure your Remote Desktop Protocol (RDP) with these essential tips. Learn how to mitigate risks and protect your systems from cyberattacks targeting RDP vulnerabilities.
Attackers Abuse Google OAuth in Sophisticated DKIM Replay Phishing Scheme
April 21, 2025
Attackers exploited Google’s OAuth and DKIM signing process to send phishing emails that appeared authentic, bypassing traditional security checks and targeting unsuspecting recipients.
MGM Resorts to Pay $45 Million in Data Breach Settlement Covering 2019 and 2023 Incidents
April 21, 2025
MGM Resorts will pay $45 million to settle a lawsuit over data breaches in 2019 and 2023, offering up to $75 per affected individual.
State-Backed Threat Actors Adopt ClickFix Social Engineering in Espionage Campaigns
April 21, 2025
State-backed hackers from North Korea, Iran, and Russia are now using ClickFix, a social engineering method that tricks users into manually executing malware payloads.
New Android Malware ‘SuperCard X’ Enables NFC Relay Attacks for Payment Card Theft
April 21, 2025
A new Android malware called SuperCard X enables NFC relay attacks by stealing card data via fake banking support calls and emulating it on attacker ...
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
April 21, 2025
Interlock ransomware operators now use ClickFix attacks with fake IT tools to deploy malware, exfiltrate data, and encrypt systems, targeting corporate environments through social engineering. ...
Critical Security Flaw in Asus AiCloud Routers Prompts Urgent Firmware Update
April 21, 2025
Asus urges immediate firmware updates after a critical security flaw in AiCloud routers is discovered, allowing unauthorized function execution via crafted remote requests.
This Week In Cybersecurity: 14th April to 18th April
April 18, 2025
Sure! Here's a 25-word excerpt summarizing the entire newsletter: **Widespread service outages, ransomware attacks, zero-day exploits, and data breaches impacted major platforms including Jira, Binance, ...
Ahold Delhaize Data Breach Confirmed After INC Ransomware Claims Responsibility
April 18, 2025
Ahold Delhaize confirms data theft from U.S. systems after INC Ransom's cyberattack. Investigation continues as stolen files appear on a dark web extortion site.
Legends International Confirms Data Breach Following Cyberattack in November 2024
April 18, 2025
Legends International disclosed a data breach affecting venue visitors and employees after a November 2024 cyberattack. The breach involved unauthorized access and data exfiltration.
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
April 18, 2025
Google has been hit with a £5 billion antitrust lawsuit in the UK, alleging it used its dominance to inflate search advertising prices for British ...
Jira Down, Atlassian Users Face Widespread Service Disruption
April 17, 2025
Atlassian's Jira platform is experiencing a global outage, affecting multiple products and causing significant disruptions for enterprise users.
UK Law Firm Fined £60,000 Over Ransomware Data Breach That Exposed Sensitive Case Files
April 17, 2025
DPP Law was fined £60,000 after a ransomware data breach exposed sensitive client data, due to outdated systems, delayed reporting, and lack of cybersecurity controls. ...
Over 16,000 Fortinet Devices Compromised via Symlink Backdoor Exploit
April 17, 2025
Over 16,000 Fortinet devices have been compromised via a symlink backdoor, allowing persistent read-only access to sensitive files despite applied patches.
Fake Binance Installers Spreading Malware in New Crypto -Themed Malvertising Campaign
April 17, 2025
Cybercriminals are using fake Binance and TradingView installers to deliver stealthy malware that steals browser credentials and disables system security settings.
Pennsylvania State Education Association Data Breach Exposes Over 500,000 Individuals
April 17, 2025
Class Action Lawsuit Filed Over Delayed Response to Pennsylvania State Education Association Data Breach
Inside the Breach: What Recent Cyberattacks Reveal About Your Data Security
April 16, 2025
Cyberattacks are no longer rare shocks—they’re a constant drumbeat in the background of our digital lives. In this episode, we take you on a deep ...
MedEx Ambulance Data Breach: 118,000 Patient Records Exposed
April 16, 2025
MedEx ambulance service confirms a breach impacting 118,418 patients. Sensitive personal, medical, and financial data was exposed, adding to the expanding Landmark Admin data breach ...
Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations
Marbled Dust’s Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
M&S Confirms Customer Data Breach Following Cyberattack
TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Thousands of Node Developers Compromised by Malware in Popular npm Packages
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
rand-user-agent: The NPM Package That Opened a Backdoor
160,000 Victims Later: The Aspire USA Breach Under Valsoft’s Watch
Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain
Pegasus Spyware, WhatsApp v. NSO Group, and the Global Battle for Data Privacy
How CodeAnt AI is Automating Code Reviews for 50+ Dev Teams
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure