Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
This Week In Cybersecurity: 19th to 23rd May, 2025
Cybersecurity Newsletter
This Week In Cybersecurity: 19th to 23rd May, 2025
Andrew Doyle May 23, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
Coca-Cola Investigates Alleged Data Breach Tied to Everest Ransomware Group
News
Coca-Cola Investigates Alleged Data Breach Tied to Everest Ransomware Group
Andrew Doyle May 23, 2025
Hackers from the Everest group claim to have leaked Coca-Cola employee and HR data, including PII and internal documents, potentially tied to a Middle East ...
Chinese Hackers Exploit Ivanti EPMM Zero-Day to Breach Government Agencies
News
Chinese Hackers Exploit Ivanti EPMM Zero-Day to Breach Government Agencies
Mitchell Langley May 23, 2025
Chinese hackers exploited a zero-day flaw in Ivanti EPMM to breach global government systems. Immediate patching and security monitoring are strongly advised.
BlackLock Ransomware Group Claims Breach of Toho, But Evidence Falls Short
News
BlackLock Ransomware Group Claims Breach of Toho, But Evidence Falls Short
Andrew Doyle May 23, 2025
Cybercriminal group BlackLock claims to have breached Japanese film giant Toho, but researchers found no credible data, casting doubt on the authenticity of the attack. ...
iOS Sleep App Exposes Personal and Health Data of Over 25,000 Users
News
iOS Sleep App Exposes Personal and Health Data of Over 25,000 Users
Mitchell Langley May 23, 2025
Sleep Journey iOS app exposed over 25,000 users' personal and health data due to a misconfigured Firebase database, posing significant privacy and security risks.
Chinese Hackers Exploit Cityworks Zero-Day to Breach U.S. Local Government Systems
News
Chinese Hackers Exploit Cityworks Zero-Day to Breach U.S. Local Government Systems
Mitchell Langley May 23, 2025
Hackers from the Everest group claim to have leaked Coca-Cola employee and HR data, including PII and internal documents, potentially tied to a Middle East ...
Quantum Hacking Is Coming How to Prepare with Post-Quantum Security Today
Blog
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
Gabby Lee May 22, 2025
Quantum hacking is no longer science fiction. This in-depth guide explores post-quantum security, quantum-resistant cryptography, and how to protect your business from future cyber threats.
Russian APT28 Hackers Target Ukraine Aid Operations Through Global Espionage Campaign
News
Russian APT28 Hackers Target Ukraine Aid Operations Through Global Espionage Campaign
Andrew Doyle May 22, 2025
Russian APT28 hackers have targeted international aid operations to Ukraine since 2022, using cyber espionage to monitor, disrupt, and exfiltrate data from key sectors.
Marks & Spencer Projects $402 Million Profit Loss After Cyberattack Disrupts Operations
News
Marks & Spencer Projects $402 Million Profit Loss After Cyberattack Disrupts Operations
Mitchell Langley May 22, 2025
Marks & Spencer faces a $402 million profit hit following a cyberattack linked to Scattered Spider, disrupting sales and operations and exposing customer data.
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
Cybersecurity
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
Mitchell Langley May 22, 2025
Kettering Health canceled elective procedures after a ransomware-linked outage. Interlock ransomware group is suspected. Emergency services remain operational, but threat actors may leak stolen data. ...
3AM Ransomware Operators Use Spoofed IT Calls, Email Bombing for Network Breaches
News
3AM Ransomware Operators Use Spoofed IT Calls, Email Bombing for Network Breaches
Mitchell Langley May 22, 2025
The 3AM ransomware gang exploits spoofed IT support calls and email bombing to socially engineer remote access, targeting corporate networks in stealthy credential-based breaches.
Global Crackdown Dismantles Lumma Infostealer Malware Network, Seizes 2,300 Domains
News
Global Crackdown Dismantles Lumma Infostealer Malware Network, Seizes 2,300 Domains
Andrew Doyle May 22, 2025
Authorities and private sector partners have dismantled the infrastructure of the Lumma Infostealer malware, a dominant player in the malware-as-a-service (MaaS) ecosystem.
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
News
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
Mitchell Langley May 22, 2025
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
EU Sanctions Stark Industries and Leadership for Supporting Russian Cyber Operations
News
EU Sanctions Stark Industries and Leadership for Supporting Russian Cyber Operations
Andrew Doyle May 22, 2025
The EU has sanctioned Stark Industries and its leadership for enabling Russian cyber operations, disinformation, and infrastructure support used in attacks against European interests.
Serviceaide Data Leak Exposes Health Records of Over 480,000 Catholic Health Patients
News
Serviceaide Data Leak Exposes Health Records of Over 480,000 Catholic Health Patients
Mitchell Langley May 21, 2025
Serviceaide exposed over 480,000 Catholic Health patients' records due to a misconfigured Elasticsearch database, putting sensitive personal and medical data at risk.
Coinbase Data Breach Exposes Personal Information of 69,461 Customers in Contractor-Driven Incident
News
Coinbase Data Breach Exposes Personal Information of 69,461 Customers in Contractor-Driven Incident
Andrew Doyle May 21, 2025
Coinbase confirms a data breach involving overseas contractors that exposed personal and financial information of 69,461 users, prompting fears of social engineering and financial fraud. ...
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Cybersecurity
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Andrew Doyle May 21, 2025
A supply chain attack on RVTools delivered Bumblebee malware through a trojanized installer, compromising virtualization admins and enabling follow-on ransomware or data exfiltration attacks.
Over 100 Malicious Chrome Extensions Found Masquerading as AI Tools, VPNs, and Crypto Utilities
News
Over 100 Malicious Chrome Extensions Found Masquerading as AI Tools, VPNs, and Crypto Utilities
Mitchell Langley May 21, 2025
A massive and ongoing campaign involving over 100 malicious Chrome extensions has been uncovered, with threat actors deploying browser add-ons ...
PowerSchool Hacker Pleads Guilty to Student Data Extortion Scheme
News
PowerSchool Hacker Pleads Guilty to Student Data Extortion Scheme
Andrew Doyle May 21, 2025
A 19-year-old hacker has pleaded guilty to breaching PowerSchool and extorting millions by threatening to leak sensitive data on over 71 million students and teachers. ...
SK Telecom Malware Breach Lasted 3 Years, Exposed 27 Million Phone Numbers
News
SK Telecom Malware Breach Lasted 3 Years, Exposed 27 Million Phone Numbers
Mitchell Langley May 21, 2025
SK Telecom’s malware breach exposed 27 million phone numbers over three years via a supply chain attack targeting its security affiliate SK Shieldus.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Cracking eSIM: Exposing the Hidden Threats in Next-Gen Mobile Security
July 11, 2025
Podcasts
Qantas Breach and Beyond: Cybersecurity Risks in Australia’s Digital Supply Chains
July 10, 2025
Podcasts
Taiwan Sounds the Alarm: TikTok, WeChat, and the Chinese Data Threat
July 8, 2025

Cyber Security News

GSMA Warns of Rising Cybersecurity Costs Amid Fragmented Regulations
Cybersecurity
GSMA Warns of Rising Cybersecurity Costs Amid Fragmented Regulations
November 27, 2025
Gainsight Data Breach Company Downplays Impact
Cybersecurity
Gainsight Data Breach: Company Downplays Impact
November 27, 2025
HashJack Attack Unveils a New Cybersecurity Vulnerability
Cybersecurity
HashJack Attack Unveils a New Cybersecurity Vulnerability
November 26, 2025
AI Agent Security Firm Vijil Secures $17 Million to Enhance Platform
Cybersecurity
AI Agent Security Firm Vijil Secures $17 Million to Enhance Platform
November 26, 2025
Tor Introduces Counter Galois Onion Encryption for Improved Security
Cybersecurity
Tor Introduces Counter Galois Onion Encryption for Improved Security
November 26, 2025
Microsoft Exchange Online Outage Customer Access Disrupted
Cybersecurity
Microsoft Exchange Online Outage: Customer Access Disrupted
November 26, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Episource Data Breach Hits Over 5 Million Patients, Sensitive Medical and Insurance Data Potentially Exposed
July 16, 2025
A cyberattack on Episource, a UnitedHealth subsidiary, compromised the personal and medical data of over five million patients, including Social Security and health insurance details. ...
Exein Raises €70M: Defending the IoT-AI Frontier with Embedded Security
July 16, 2025
Exein, the Italian cybersecurity company specializing in embedded IoT defense, has raised €70 million in Series C funding, marking a significant milestone in the race ...
Salt Typhoon Strikes Again: National Guard, Telecoms, and a Crisis in U.S. Cyber Defense
July 16, 2025
Salt Typhoon, a sophisticated Chinese state-sponsored cyber threat actor, is conducting one of the most aggressive and sustained espionage campaigns ever uncovered against U.S. critical ...
Abacus Market Disappears in Suspected Exit Scam After Handling $300 Million in Darknet Transactions
July 16, 2025
Abacus Market, a major darknet platform for drug trade, has abruptly gone offline, sparking suspicions of a large-scale exit scam involving millions in crypto.
DragonForce Claims Cyberattack on US Retail Giant Belk, Leaks 156GB of Sensitive Customer and Employee Data
July 16, 2025
Hackers from the DragonForce ransomware group claim to have breached US retailer Belk, leaking 156GB of customer orders, employee profiles, and mobile app data.
Diskstation Ransomware Gang Dismantled After Years of Targeting NAS Devices Across Europe
July 16, 2025
Authorities dismantled the Diskstation ransomware group targeting NAS devices since 2021, arresting the primary suspect in Romania after seizing evidence during international raids.
Consentik Breach Exposes Hundreds of Shopify Stores to Admin Takeovers and Data Theft
July 16, 2025
A misconfigured Shopify plugin leaked sensitive access tokens and analytics, leaving hundreds of e-commerce businesses vulnerable to admin-level compromise and malicious exploitation.
DragonForce Ransomware Hits Belk: 150GB Data Leak and Operational Chaos
July 15, 2025
In this episode, we dive into the May 2025 ransomware attack on Belk, the iconic U.S. department store chain, orchestrated by the DragonForce ransomware group—a ...
NVIDIA Issues Urgent Rowhammer Warning: Enable ECC or Risk AI Integrity
July 15, 2025
In this episode, we dissect a major hardware-level cybersecurity warning issued by NVIDIA, one that directly affects data center operators, AI researchers, and enterprise IT ...
Zip Security Secures $13.5M to Simplify and Scale Cyber Defense
July 15, 2025
In this episode, we spotlight Zip Security, a rising New York-based cybersecurity startup that just closed a $13.5 million Series A funding round, led by ...
Why is Activity Logging Crucial for Detecting Cyberattacks
July 15, 2025
Activity logging uncovers cyber threats, insider abuse, and compliance gaps. Discover why it’s the foundation of effective detection, response, and long-term security strategy.
Century Support Services Breach: 160,000 Identities Compromised in Silent Cyberattack
July 15, 2025
In this episode, we examine the major data breach at Century Support Services—also operating under the name Next Level Finance Partners—that exposed the personal information ...
SafePay Ransomware: LockBit’s Lonewolf Ghost
July 15, 2025
SafePay is a centralized ransomware group leveraging LockBit-derived code, stealthy infiltration, and rapid encryption—targeting SMEs and MSPs globally without using affiliates or public channels.
Saudi Industrial Giant Rezayat Group Listed on Dark Web After Alleged Everest Ransomware Breach
July 15, 2025
Saudi-based Rezayat Group has allegedly been breached by the Everest ransomware gang, with hackers claiming to have stolen 10GB of sensitive corporate and client data. ...
Gigabyte Firmware Vulnerabilities Expose Over 240 Motherboards to Stealth UEFI Malware Attacks
July 15, 2025
Gigabyte motherboards face critical firmware flaws that enable stealthy UEFI malware to bypass Secure Boot, posing long-term risks to systems in enterprise and industrial environments. ...
Interlock Ransomware Now Deploying FileFix to Deliver RAT Payloads via Social Engineering
July 15, 2025
Interlock Ransomware Switches to FileFix for Stealthy RAT Delivery The Interlock ransomware operation has adopted a new delivery mechanism known as FileFix, using it to ...
Louis Vuitton UK Confirms Customer Data Breach Amid Growing Wave of Retail Cyberattacks
July 15, 2025
Louis Vuitton UK confirms a data breach exposing customer PII, marking the latest in a string of high-profile retail cyberattacks across the country this year. ...
Elmo’s X Account Hacked: Hacker Incite Violence Against Jews and Trump and Mentions Epstein Files
July 15, 2025
Elmo’s official X account was hijacked by a hacker who posted antisemitic slurs and inflammatory content about Trump and Jeffrey Epstein, sparking widespread outrage online. ...
Google Gemini Email Summary Flaw Enables Hidden Phishing Attacks
July 14, 2025
A hidden prompt injection flaw in Google Gemini allows attackers to plant invisible phishing instructions in emails, triggering deceptive summaries without links or attachments.
Alabama City of Gardendale Allegedly Hit by INC Ransom Gang in Data Breach
July 14, 2025
The City of Gardendale, Alabama, has allegedly suffered a ransomware breach, with threat actors claiming to have stolen 50GB of sensitive municipal and citizen data. ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited