Main Menu
Cyber Security
Intel Engineer Allegedly Walks off With 18,000 Confidential Files in Data Theft Lawsuit
AI Startups Leak Cloud Secrets on GitHub, Exposing Model Data
Critical Vulnerability in ‘expr-eval’ Library Enables Remote Code Execution
Russian Initial Access Broker Pleads Guilty in Yanluowang Ransomware Campaign
Firefox 145 Brings Major Privacy Upgrade to Defend Against Fingerprinting
Triofox CVE-2025-12480 Exploited in Attacks Despite Available Patch
CISA Orders Federal Agencies to Patch Samsung Zero-Day Exploited by LandFall Spyware
Konni Campaign Impersonates Human Rights Groups in Cross-Platform Espionage Operation
NAKIVO Enhances Disaster Recovery With Real-Time Replication and Multilingual Support
Microsoft Reveals Whisper Leak Side-Channel Attack That Threatens LLM Communication Privacy
Critical runC Vulnerabilities Undermine Container Isolation in Docker and Kubernetes
QNAP Patches Seven Zero-Day Vulnerabilities Exploited at Pwn2Own 2025
GlassWorm Returns With Malicious VSCode Extensions Infecting Thousands
Sensitive Data at OB/GYN Associates Exposed in Data Breach
SonicWall Confirms State-Sponsored Hackers Targeted Cloud Backup Service
Microsoft Enhances Quick Machine Recovery and Smart App Control in Windows Insider Build
Malicious NuGet Packages Found With Time-Delay Payloads Targeting Databases and ICS Devices
LANDFALL Spyware Exploited Samsung Galaxy Zero-Day in Targeted Middle East Attacks
AI-Generated Malicious VS Code Extension Raises Concerns Over Marketplace Security
ClickFix Malware Evolves: New Tactics Use Video Guides and Timers to Increase Infection Rates
Nevada Completes Full Recovery from Devastating Statewide Ransomware Attack
Truffle Security Secures $25 Million to Expand Secrets Scanning Capabilities
U.S. Congressional Budget Office Hit by Suspected Foreign Cyberattack
Tenable Researchers Uncover Vulnerabilities in GPT-4o’s Memory and Search Capabilities
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
News
Guardian Ransomware Attack Linked to Change Healthcare Cyberattack
Andrew Doyle November 8, 2024
On February 21, a ransomware attack targeting the systems of Change Healthcare, a key service provider, was detected, affecting numerous ...
SETU Cyberattack: Waterford Campus IT Systems Down, Classes Suspended
News
SETU Cyberattack: Waterford Campus IT Systems Down, Classes Suspended
Mitchell Langley November 6, 2024
Ireland's South East Technological University (SETU) suffered a cyberattack, temporarily halting classes and disrupting IT services on its Waterford campus. The university is working to ...
Singtel Data Breach: Volt Typhoon's Test Run Before Targeting US Telecoms
Cybersecurity
Singtel Data Breach: Volt Typhoon’s Test Run Before Targeting US Telecoms
Gabby Lee November 6, 2024
Chinese government-backed hackers, Volt Typhoon, reportedly breached Singtel in a test run before targeting US telecoms, using a web shell and exploiting a Versa SD-WAN ...
Nokia Investigates Third-Party Breach After Hacker Claims to Steal Source Code
News
Nokia Investigates Third-Party Breach After Hacker Claims to Steal Source Code
Mitchell Langley November 6, 2024
A hacker claims to have stolen Nokia source code via a third-party vendor breach, prompting an investigation by Nokia. The alleged stolen data includes sensitive ...
FIN11
Resources
FIN11 – A Critical Healthcare Cyberthreat
Mitchell Langley November 6, 2024
FIN11, also known as DEV-0950, Lace Tempest, TA505, TEMP.Warlock, and UNC902, is a cybercrime group that has been conducting financially-motivated intrusions since at least 2017.
LA Housing Authority Confirms Data Breach Claimed by Cactus Ransomware
News
LA Housing Authority Confirms Data Breach Claimed by Cactus Ransomware
Mitchell Langley November 5, 2024
The LA Housing Authority (HACLA) confirmed a cyberattack by the Cactus ransomware gang, following a previous breach by LockBit. Sensitive data may have been compromised, ...
City of Columbus Ransomware Attack: 500,000 Individuals Affected by Rhysida Ransomware Data Breach
News
City of Columbus Ransomware Attack: 500,000 Individuals Affected by Rhysida Ransomware Data Breach
Gabby Lee November 5, 2024
The City of Columbus suffered a devastating ransomware attack in July 2024, resulting in the theft of personal data from 500,000 individuals, highlighting cybersecurity vulnerabilities
Blog
How the Dark Web Has Fueled the 32% Rise in Healthcare Cyberattacks
Mitchell Langley November 4, 2024
The healthcare industry is facing an unprecedented crisis. A recent report reveals a staggering 32% increase in global healthcare cyberattacks, fueled by the booming trade ...
Ukraine's Cyberattack Cripples Crimean Banks in DIU's Massive DDoS Operation
News
Ukraine’s Cyberattack Cripples Crimean Banks in DIU’s Massive DDoS Operation
Mitchell Langley November 4, 2024
Ukraine's Defense Intelligence (DIU) launched a 24-hour Distributed Denial of Service (DDoS) attack targeting four Russian banks operating illegally in Crimea, disrupting online banking services ...
Central Bank Cyprus Says 14.3% of Businesses Hit by Cyberattacks
Cybersecurity
Central Bank Cyprus Says 14.3% of Businesses Hit by Cyberattacks
Gabby Lee November 4, 2024
Cyprus reports 14.3% of businesses experienced cyberattacks, highlighting rising EU cybersecurity risks. Proactive measures like mandatory penetration testing are being implemented to address vulnerabilities.
Claim your TfL Refund for Oyster Photocard Disruptions After Cyberattack
News
Transport for London (TFL) Restores Oyster Photocards Services and Offers Refunds
Mitchell Langley November 4, 2024
Transport for London (TfL) is now processing TfL refunds for Oyster photocard users affected by a recent cyberattack. Learn how to claim your reimbursement for ...
This Week In Cybersecurity: 28th October to 1st November
Cybersecurity
This Week In Cybersecurity: 28th October to 1st November
Mitchell Langley November 3, 2024
CRA Data Breach Exposes Tens of Thousands of Taxpayer Accounts, Millions Lost in Bogus Refunds A significant data breach at ...
Trinity Ransomware Major Threat to the Healthcare Industry
Blog
Trinity Ransomware: Major Threat to the Healthcare Industry
Gabby Lee November 1, 2024
The newly discovered Trinity ransomware is a significant threat to the healthcare industry, with at least one U.S. hospital already affected. HHS issued a warning ...
Nine Class-Action Lawsuits Filed After New Jersey Water Company Data Breached
News
Nine Class-Action Lawsuits Filed After New Jersey Water Company Data Breached
Mitchell Langley October 31, 2024
Nine class-action lawsuits have been filed against a New Jersey utility company following a data breach of unknown scope. The company, American Water, serves over ...
ZircoDATA Cybersecurity Breach Exposes Sensitive Australian Data
News
ZircoDATA Cybersecurity Breach Exposes Sensitive Australian Data
Gabby Lee October 31, 2024
A major cybersecurity breach at ZircoDATA, an Australian data firm, exposed sensitive personal information, impacting hundreds of organizations and highlighting the need for stronger data ...
PSAUX Ransomware Attack Cripples 22,000 CyberPanel Instances
News
PSAUX Ransomware Attack Cripples 22,000 CyberPanel Instances
Mitchell Langley October 31, 2024
The PSAUX ransomware attack exploited critical vulnerabilities in CyberPanel, crippling over 22,000 instances and encrypting countless files. A decryptor is now available.
Interbank Confirms Data Breach Following Failed Extortion Attempt
News
Interbank Confirms Data Breach Following Failed Extortion Attempt
Mitchell Langley October 31, 2024
Interbank, a Peruvian bank, confirms a massive data breach after a failed extortion attempt. Millions of customer records, including financial details, were leaked online.
LottieFiles npm Supply Chain Attack Drains Cryptocurrency Wallets
News
LottieFiles npm Supply Chain Attack Drains Cryptocurrency Wallets
Gabby Lee October 31, 2024
A npm supply chain attack targeted LottieFiles, compromising versions 2.0.5-2.0.7 of its "lottie-player" package and leading to cryptocurrency theft. Users are urged to upgrade immediately.
Advanced Recovery Equipment & Supplies Data Breach Impacts Customer Information
News
Advanced Recovery Equipment & Supplies Data Breach Impacts Customer Information
Mitchell Langley October 31, 2024
Advanced Recovery Equipment & Supplies LLC suffered a data breach in 2023, exposing customer names, Social Security numbers, medical information, and more. Data breach notification ...
Ticking Time Bomb or Opportunity How to Secure Remote Work Environments
Blog
Ticking Time Bomb or Opportunity? How to Secure Remote Work Environments
Mitchell Langley October 31, 2024
Remote work has revolutionized the workplace, but it has also introduced a new wave of security threats. Unvetted software, vulnerable home networks, and public Wi-Fi ...
Doctor Alliance Breach Exposes 1.2 Million Patient Records Online
Cybersecurity
Doctor Alliance Breach Exposes 1.2 Million Patient Records Online
Mitchell Langley November 11, 2025
AI Startups Leak Cloud Secrets on GitHub, Exposing Model Data
Data Security
AI Startups Leak Cloud Secrets on GitHub, Exposing Model Data
Mitchell Langley November 11, 2025
KISS FM Hit by Rhysida Ransomware in Major Spanish Media Breach
News
KISS FM Hit by Rhysida Ransomware in Major Spanish Media Breach
Gabby Lee November 9, 2025
ClickFix Malware Evolves New Tactics Use Video Guides and Timers to Increase Infection Rates
Cybersecurity
ClickFix Malware Evolves: New Tactics Use Video Guides and Timers to Increase Infection Rates
Mitchell Langley November 6, 2025

TOP CYBERSECURITY HEADLINES

Intel Engineer Allegedly Walks off With 18,000 Confidential Files in Data Theft Lawsuit
Information Security
Intel Engineer Allegedly Walks off With 18,000 Confidential Files in Data Theft Lawsuit
AI Startups Leak Cloud Secrets on GitHub, Exposing Model Data
Data Security
AI Startups Leak Cloud Secrets on GitHub, Exposing Model Data
Critical Vulnerability in 'expr-eval' Library Enables Remote Code Execution
Application Security
Critical Vulnerability in ‘expr-eval’ Library Enables Remote Code Execution
LinkedIn Becomes a Launchpad for Phishing Campaigns Targeting Executives
News
LinkedIn Becomes a Launchpad for Phishing Campaigns Targeting Executives

This Week’s Security Spotlight

Intel Engineer Allegedly Walks off With 18,000 Confidential Files in Data Theft Lawsuit
Information Security
Intel Engineer Allegedly Walks off With 18,000 Confidential Files in Data Theft Lawsuit
Gabby Lee November 11, 2025
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Data Security
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Gabby Lee November 6, 2025
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Application Security
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Mitchell Langley November 4, 2025
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
Application Security
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
Gabby Lee November 3, 2025
More In News
Trending
Rhysida Ransomware Gang Exploits Bing Ads to Spread Malware
Cybercriminals Target Shipping Sector With RMM-Based Cargo Theft Attacks
How Device Code Phishing Abuses OAuth Flows on Google and Azure
CoPhish Exploit via Microsoft Copilot: OAuth Token Theft Exposes Trusted Domains

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Cracking eSIM: Exposing the Hidden Threats in Next-Gen Mobile Security
July 11, 2025
Podcasts
Qantas Breach and Beyond: Cybersecurity Risks in Australia’s Digital Supply Chains
July 10, 2025
Podcasts
Taiwan Sounds the Alarm: TikTok, WeChat, and the Chinese Data Threat
July 8, 2025

Cyber Security News

Global Cybersecurity Spending Projected to Reach $213 Billion in 2025
Cybersecurity
Global Cybersecurity Spending Projected to Reach $213 Billion in 2025
August 11, 2025
Senate Committee Advances Nominee to Lead Cybersecurity Agency
Cybersecurity
Senate Committee Advances Nominee to Lead Cybersecurity Agency
August 11, 2025
Mastering the Metasploit Framework The Ultimate Guide to Exploits, Payloads, and Ethical Hacking
Blog
Mastering the Metasploit Framework: The Ultimate Guide to Exploits, Payloads, and Ethical Hacking
August 1, 2025
Shadow IT in the Enterprise Risks You Didn’t Know You Had
Blog
Shadow IT in the Enterprise: Risks You Didn’t Know You Had
July 31, 2025
Scattered Spider Ransomware Group Ramps Up Sophisticated Attacks Targeting Enterprises Globally
Cybersecurity
Scattered Spider Ransomware Group Ramps Up Sophisticated Attacks Targeting Enterprises Globally
July 30, 2025
Ransomware-as-a-Service (RaaS) The Industrialization of Cybercrime and What Enterprises Must Do
Blog
Ransomware-as-a-Service (RaaS): The Industrialization of Cybercrime and What Enterprises Must Do
July 22, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Critical Cisco Smart Licensing Utility Flaws Exploited in Attacks
March 21, 2025
Cisco's Smart Licensing Utility vulnerabilities CVE-2024-20439 and CVE-2024-20440 are now exploited, allowing unauthorized access through a backdoor admin account.
HellCat Hacking Spree Targets Jira Servers Worldwide
March 21, 2025
HellCat hackers are exploiting compromised Jira credentials in a worldwide hacking spree, targeting companies like Ascom and Jaguar Land Rover, stealing sensitive data including source ...
RansomHub Ransomware Leverages New Betruger Backdoor for Enhanced Attacks
March 21, 2025
RansomHub ransomware uses a new multi-function backdoor, Betruger, for enhanced attacks, streamlining the deployment process and minimizing detection.
Critical MegaRAC Bug Lets Attackers Hijack and Brick Servers
March 21, 2025
MI MegaRAC BMC vulnerability (CVE-2024-54085) lets attackers remotely hijack and brick servers, impacting numerous vendors and potentially causing significant damage.
This Week In Cybersecurity: 17th March to 21st March, 2025
March 21, 2025
This week in cybersecurity reports on a range of incidents, including a major data breach at California Cryobank and a supply chain attack affecting GitHub ...
No More Warnings? The Risks of Losing CIPAC’s Cyber Threat Coordination
March 20, 2025
The Department of Homeland Security (DHS) has abruptly shut down the Critical Infrastructure Partnership Advisory Council (CIPAC), the central hub for cybersecurity collaboration between the ...
517,000 Victims: How a Ransomware Gang Targeted Pennsylvania’s Largest Educators’ Union
March 20, 2025
Over 517,000 individuals are now at risk after the Pennsylvania State Education Association (PSEA) suffered a massive data breach in July 2024—claimed by the Rhysida ...
Veeam Backup & Replication Flaw Allows Remote Execution of Malicious Code
March 20, 2025
A critical vulnerability in Veeam Backup & Replication allows remote code execution, affecting various versions and posing significant security risks.
DollyWay: The 8-Year WordPress Malware Campaign Infecting 20,000 Sites
March 20, 2025
For nearly a decade, a malware campaign dubbed DollyWay has silently compromised over 20,000 WordPress websites, evolving from a ransomware and banking trojan distributor to ...
Microsoft Exchange Online Outage Impacts Outlook Web Users
March 20, 2025
A Microsoft Exchange Online outage severely impacted Outlook on the web users globally, causing login and access issues. Microsoft attributed the problem to a code ...
DollyWay Malware Campaign Compromises 20,000 WordPress Sites
March 20, 2025
The DollyWay malware campaign, active since 2016, has compromised over 20,000 WordPress sites, redirecting users to malicious sites and generating millions of fraudulent impressions monthly.
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
March 20, 2025
WhatsApp has patched a zero-click vulnerability exploited by Paragon spyware, affecting journalists and activists globally, highlighting ongoing cybersecurity challenges.
Ukrainian Military Targeted in New Signal Spear-Phishing Attacks
March 20, 2025
krainian military personnel are facing sophisticated spear-phishing attacks using compromised Signal accounts to deliver Dark Crystal RAT malware. Urgent security updates are needed.
Arcane Infostealer Infects YouTube and Discord Users Through Game Cheats
March 20, 2025
The Arcane infostealer, a new malware, is stealing data from YouTube and Discord users via game cheats, targeting VPNs, messengers, and cryptocurrency wallets. Its sophisticated ...
Pennsylvania Education Union Data Breach Impacts 500,000 Individuals
March 20, 2025
he Pennsylvania State Education Association (PSEA) suffered a data breach exposing the personal information of over 500,000 individuals, including financial and health records. Rhysida ransomware ...
Ransomware Victims on Dark Web – 12th March, 2025
March 20, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 3rd March, 2025
March 20, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Qilin/Agenda Ransomware: The Credential Stealers
March 20, 2025
Overview The Qilin ransomware group, also known as Agenda, is a Russia-based ransomware-as-a-service (RaaS) operation active since at least July 2022. Initially operating under the ...
MegaRAC CVE-2024-54085 Vulnerability: Critical BMC Flaw Threatening Data Centers
March 19, 2025
A newly discovered critical vulnerability (CVE-2024-54085) in AMI’s MegaRAC Baseboard Management Controller (BMC) software puts thousands of servers at risk—including those from HPE, Asus, and ...
California Cryobank Data Breach Exposes Sensitive Customer Information
March 19, 2025
California Cryobank, a major US sperm bank, suffered a data breach exposing customer names, bank details, Social Security numbers, and more. The company is offering ...
Intel Engineer Allegedly Walks off With 18,000 Confidential Files in Data Theft Lawsuit
AI Startups Leak Cloud Secrets on GitHub, Exposing Model Data
Critical Vulnerability in ‘expr-eval’ Library Enables Remote Code Execution
LinkedIn Becomes a Launchpad for Phishing Campaigns Targeting Executives
Russian Initial Access Broker Pleads Guilty in Yanluowang Ransomware Campaign
Firefox 145 Brings Major Privacy Upgrade to Defend Against Fingerprinting
Triofox CVE-2025-12480 Exploited in Attacks Despite Available Patch
CISA Orders Federal Agencies to Patch Samsung Zero-Day Exploited by LandFall Spyware
Konni Campaign Impersonates Human Rights Groups in Cross-Platform Espionage Operation
Route Redirect Automates Large-Scale Microsoft 365 Phishing
NAKIVO Enhances Disaster Recovery With Real-Time Replication and Multilingual Support
Microsoft Reveals Whisper Leak Side-Channel Attack That Threatens LLM Communication Privacy
Critical runC Vulnerabilities Undermine Container Isolation in Docker and Kubernetes
Swiss Cybersecurity Agency Warns of Phishing Scam Targeting Apple ID Credentials
Graphite Spyware Targets Italian Political Adviser Francesco Nicodemo
QNAP Patches Seven Zero-Day Vulnerabilities Exploited at Pwn2Own 2025
GlassWorm Returns With Malicious VSCode Extensions Infecting Thousands
Sensitive Data at OB/GYN Associates Exposed in Data Breach
SonicWall Confirms State-Sponsored Hackers Targeted Cloud Backup Service
KISS FM Hit by Rhysida Ransomware in Major Spanish Media Breach