Main Menu
Cyber Security
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Autovista Battles Ransomware Attack Across Europe and Australia
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Basic-Fit Data Breach Exposes Personal Information of One Million Members
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
Adobe’s ColdFusion Vulnerabilities Pose a Major Threat Amid Broader Security Concerns
Microsoft Rolls Out Fast-Track Account Recovery for Windows Hardware Program Suspensions
Google Enhances Pixel Security with Rust-Based DNS Parser
US, UK, and Canadian Forces Execute Successful Anti-Cryptocurrency Theft Operation
Stolen Credentials and Zero Trust: Preventing Privilege Escalation in Security Breaches
Cybercriminals Use Ad Fraud With AI and SEO Tactics to Push Scareware
JanelaRAT: Continuing Threat to Latin American Financial Institutions
Information Theft Revolutionized: No Local Decryption in This Security Threat
Booking.com Confirms Unauthorized Access Compromising User Data
LinkedIn’s Browser Extension Draws Corporate Espionage Allegations
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Juniper Networks Addresses Critical Junos OS Vulnerabilities
GlassWorm Campaign Deploys New Zig Dropper to Target Developer IDEs
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
$100 Million AI Initiative Targets Hidden Vulnerabilities in Open Source Software
AI Browser Extensions Pose a Hidden Risk to Network Security
WestJet Data Breach Exposes Passenger Details, Including Names, DOB and Travel Details
Cybersecurity
WestJet Data Breach Exposes Passenger Details, Including Names, DOB and Travel Details
Andrew Doyle August 18, 2025
WestJet confirms a June cyberattack exposed passenger details but not payment data. The airline offers two years of TransUnion monitoring and identity restoration while the ...
Crypto24 Ransomware: The Phantom Encryptor
Resources
Crypto24 Ransomware: The Phantom Encryptor
Mitchell Langley August 18, 2025
Crypto24 is a rising ransomware group targeting mid-sized global firms, using stealth tools, cloud exfiltration, and double-extortion tactics to steal, encrypt, and leak sensitive data.
Charon Ransomware: Stealthy Cyber Extortion Syndicate
Resources
Charon Ransomware: Stealthy Cyber Extortion Syndicate
Andrew Doyle August 18, 2025
Charon ransomware, emerging in 2025, targets Middle East sectors with APT-level tactics, DLL sideloading, hybrid encryption, and advanced evasion, posing a severe threat to critical ...
U.S. Seizes 1M in Cryptocurrency from BlackSuit Ransomware Gang
News
U.S. Seizes $1M in Cryptocurrency from BlackSuit Ransomware Gang
Gabby Lee August 18, 2025
U.S. agencies seized over $1 million in cryptocurrency and critical infrastructure from the BlackSuit ransomware gang. While the takedown marks progress, core members have already ...
Citrix NetScaler Zero-Day Breach Hits Critical Dutch Infrastructure
Cybersecurity
Citrix NetScaler Zero-Day Breach Hits Critical Dutch Infrastructure
Andrew Doyle August 18, 2025
A Citrix NetScaler zero-day, CVE-2025-6543, has been exploited in the wild, leading to breaches of Dutch critical infrastructure. Thousands of devices remain unpatched worldwide, prompting ...
Why Supply Chain Security is a 2025 Cyber Priority
Blog
Why Supply Chain Security is a 2025 Cyber Priority
Andrew Doyle August 18, 2025
Supply chain security has become a top cybersecurity priority in 2025. Weak vendor defenses, low visibility, and nation-state attacks are fueling breaches, underscoring the urgent ...
Fortinet Warns of FortiSIEM Zero-Day CVE-2025-25256
Cybersecurity
Fortinet Warns of FortiSIEM Zero-Day CVE-2025-25256 Critical RCE Flaw
Gabby Lee August 18, 2025
Fortinet has patched CVE-2025-25256, a FortiSIEM vulnerability rated CVSS 9.8 that allows unauthenticated remote code execution. Exploit code is active in the wild, and security ...
Quantum Key Distribution Faces Real-World Cybersecurity Risks
Blog
Quantum Key Distribution Faces Real-World Cybersecurity Risks
Andrew Doyle August 18, 2025
Quantum Key Distribution (QKD) is often described as unbreakable, but recent research exposes flaws in real-world systems. From photorefraction and side-channel attacks to theoretical weaknesses, ...
Cybercrime Groups ShinyHunters and Scattered Spider Collaborate in Extortion Attacks
Cybersecurity
Cybercrime Groups ShinyHunters and Scattered Spider Collaborate in Extortion Attacks
Gabby Lee August 18, 2025
A possible alliance between ShinyHunters, Scattered Spider, and Lapsu$ points to a new wave of coordinated cybercrime. By merging social engineering and data theft, these ...
Thorium CISA’s New Open-Source Malware Analysis and Forensic Platform
Cybersecurity
Thorium: CISA’s New Open-Source Malware Analysis and Forensic Platform
Mitchell Langley August 18, 2025
CISA has released Thorium, an open-source platform for malware analysis and digital forensics. Built with automation and scalability, it enables security teams to analyze millions ...
FBI Flags 9.9M in Losses from Crypto Recovery Scams
Cybersecurity
FBI Flags $9.9M in Losses from Crypto Recovery Scams
Gabby Lee August 18, 2025
The FBI warns of a growing wave of “crypto recovery scams,” where fraudsters pose as attorneys or law firms to exploit victims of earlier crypto ...
Cisco's Critical FMC RADIUS Vulnerability CVSS 10.0 Remote Code Execution Risk
Application Security
Cisco’s Critical FMC RADIUS Vulnerability: CVSS 10.0 Remote Code Execution Risk
Andrew Doyle August 18, 2025
Cisco’s CVE-2025-20188 vulnerability, rated CVSS 10.0, exposes IOS XE devices and Firepower Management Center to unauthenticated remote code execution. The flaw, caused by a hard-coded ...
Crypto24 Ransomware Hits Big Targets With Custom EDR Evasion And Google Drive Exfiltration
News
Crypto24 Ransomware Hits Big Targets With Custom EDR Evasion And Google Drive Exfiltration
Mitchell Langley August 15, 2025
Crypto24 ransomware is hitting large enterprises with custom EDR evasion, keyloggers, and Google Drive exfiltration, abusing Windows services and uninstallers, researchers say, while encrypting systems.
CFE Data Leak Exposes 600GB Of Internal Logs of Mexico’s Power Operations
News
CFE Data Leak Exposes 600GB Of Internal Logs of Mexico’s Power Operations
Andrew Doyle August 15, 2025
Over 600GB of CFE network and security logs were publicly exposed for years, potentially enabling attackers to map weaknesses and target Mexico’s industrial control systems.
House Of Commons Data Breach Under Investigation After Targeted Cyberattack
News
House Of Commons Data Breach Under Investigation After Targeted Cyberattack
Mitchell Langley August 15, 2025
Canada’s House of Commons is probing a cyberattack-linked breach that exposed employee details, with investigators citing recently patched Microsoft flaws and warning of impersonation risks.
Why Zero Trust Architecture is Now Essential for 2025 Cyber Defense
Blog
Why Zero Trust Architecture is Now Essential for 2025 Cyber Defense
Gabby Lee August 15, 2025
Zero Trust Architecture is now a core cybersecurity strategy in 2025, driven by hybrid work, cloud adoption, and AI threats. Enterprises and governments worldwide are ...
Microsoft August 2025 Patch 107 Fixes, Including Kerberos Zero-Day
Cybersecurity
Microsoft August 2025 Patch: 107 Fixes, Including Kerberos Zero-Day
Andrew Doyle August 15, 2025
Microsoft’s August 2025 Patch Tuesday fixes 107 flaws, including the “BadSuccessor” Kerberos zero-day in Windows Server 2025. The vulnerability could enable domain-wide compromise, prompting urgent ...
HTTP/1.1 Desync Flaw Leaves 24 Million Websites Open to Complete Takeover
News
HTTP/1.1 Desync Flaw Leaves 24 Million Websites Open to Complete Takeover
Andrew Doyle August 15, 2025
Researchers find 24 million sites reliant on HTTP/1.1 in the proxy chain. Request smuggling enables desync attacks that can steal accounts, poison caches, and fully ...
Accenture Acquires CyberCX in 650 Million Deal to Bolster Cybersecurity Services
Cybersecurity
Accenture Acquires CyberCX in $650 Million Deal to Bolster Cybersecurity Services
Gabby Lee August 15, 2025
Accenture has acquired Australian cybersecurity firm CyberCX for $650 million, expanding its AI-driven defense capabilities across Asia-Pacific and addressing the region’s talent gap amid rising ...
Generative AI Cybersecurity Threats 2025 From Promptware to Deepfake Attacks
Application Security
Generative AI Cybersecurity Threats 2025: From Promptware to Deepfake Attacks
Mitchell Langley August 15, 2025
Generative AI is reshaping the cyber threat landscape in 2025, fueling attacks from deepfake websites to promptware exploits. Experts say only proactive, AI-augmented, and Zero ...
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
CVE Vulnerability Alerts
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Mitchell Langley April 16, 2026
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Application Security
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Gabby Lee April 16, 2026
Autovista Battles Ransomware Attack Across Europe and Australia
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
Gabby Lee April 16, 2026
JanelaRAT - Continuing Threat to Latin American Financial Institutions
Cybersecurity
JanelaRAT: Continuing Threat to Latin American Financial Institutions
Mitchell Langley April 14, 2026

TOP CYBERSECURITY HEADLINES

Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Cybersecurity
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Autovista Battles Ransomware Attack Across Europe and Australia
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
Cybersecurity
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws

This Week’s Security Spotlight

Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Andrew Doyle April 16, 2026
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Cybersecurity
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Gabby Lee April 16, 2026
France's Rising Kidnapping Cases Amid Crypto Extortion Schemes
Cybersecurity
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Mitchell Langley April 16, 2026
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Application Security
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Andrew Doyle April 14, 2026
More In News
Trending
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Bogus Traffic Violation Text Scam Targeting Americans
EvilTokens Kit Uses Device Code Phishing to Target Microsoft Accounts

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
The Evolution of Atomic macOS Stealer: Backdoors, Keyloggers, and Persistent Threats
July 8, 2025
Podcasts
CitrixBleed Returns: CVE-2025-5777 and the Exploitation of NetScaler Devices
July 8, 2025
Podcasts
SAP’s July 2025 Patch Day: Critical Flaws, CVE-2025-30012, and Ransomware Risk
July 8, 2025

Cyber Security News

Visual Studio Code's Copilot Studio Extension Now Widely Available
Application Security
Visual Studio Code’s Copilot Studio Extension Now Widely Available
January 18, 2026
AWS CodeBuild Critical Security Flaw Exposed GitHub Repositories
Application Security
AWS CodeBuild Critical Security Flaw Exposed GitHub Repositories
January 18, 2026
Critical Vulnerability in Modular DS WordPress Plugin Exploited
Application Security
Critical Vulnerability in Modular DS WordPress Plugin Exploited
January 18, 2026
Microsoft and Law Enforcement Collaborate to Dismantle RedVDS
Cybersecurity
Microsoft and Law Enforcement Collaborate to Dismantle RedVDS
January 15, 2026
Critical Remote Code Execution Threat in Fortinet's SIEM Solution Exposed
Cybersecurity
Critical Remote Code Execution Threat in Fortinet’s SIEM Solution Exposed
January 15, 2026
New Linux Malware, VoidLink, Exploits Cloud Infrastructures with Over 30 Plugins
Cybersecurity
New Linux Malware, VoidLink, Exploits Cloud Infrastructures with Over 30 Plugins
January 15, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Salesforce Supply Chain Breach Hits Palo Alto Networks Customers
September 4, 2025
Palo Alto Networks confirmed exposure of customer records in a Salesforce breach via Drift tokens, as Unit 42 warned attackers mass-exfiltrated sensitive data and credentials ...
Google Warns of Sitecore Zero-Day: ViewState Deserialization Under Fire
September 4, 2025
A critical zero-day vulnerability, CVE-2025-53690, is being actively exploited in the wild, targeting Sitecore Experience Manager (XM) and Experience Platform (XP) systems deployed with outdated ...
Evertec Confirms $130M Fraud Attempt in Sinqia Pix Cyberattack
September 4, 2025
Hackers breached Evertec’s Brazilian subsidiary Sinqia, attempting a $130 million theft via Pix. Using stolen vendor credentials, they initiated unauthorized transfers before operations were suspended ...
Cloudflare Confirms Salesforce Breach in Growing Supply Chain Attack
September 4, 2025
Cloudflare confirmed its Salesforce instance was breached through compromised SalesLoft and Drift integrations, exposing customer data in a campaign affecting 700+ companies. The company’s detailed ...
Exploring Ransomware EDR-Killer Tools: How New Tactics Undermine Endpoint Security
September 4, 2025
A new wave of EDR-killer tools is reshaping ransomware tactics, enabling groups like RansomHub, Medusa, and Blacksuit to disable endpoint defenses. By exploiting vulnerable drivers ...
Agentic AI Steals Spotlight at Black Hat 2025 with Real-Time Threat Response
September 4, 2025
Agentic AI took center stage at Black Hat USA 2025, marking a definitive pivot from conceptual discussions to real-world deployment. As the cybersecurity industry grapples ...
DHS Cuts $27M Cybersecurity Support: Impact on 19,000 Local Governments
September 4, 2025
The Department of Homeland Security (DHS) will halt $27 million in annual federal funding for the Multi-State Information Sharing and Analysis Center (MS-ISAC) by the ...
TamperedChef Infostealer Delivered Through Fraudulent PDF Editor Ads
September 3, 2025
Cybercriminals used fraudulent Google Ads to spread a fake PDF Editor app delivering TamperedChef infostealer, leveraging code-signing certificates, residential proxy enrollment
Amazon Disrupts Midnight Blizzard Campaign Targeting Microsoft 365
September 3, 2025
Amazon disrupted a Midnight Blizzard campaign where Russian hackers used compromised websites, fake Cloudflare pages, and Microsoft device code abuse to target enterprise Microsoft 365 ...
Zscaler Data Breach Exposes Customer Information After Salesloft Drift Compromise
September 3, 2025
Zscaler confirmed a Salesforce data breach linked to the Salesloft Drift compromise, exposing customer information but not its core services. The incident highlights escalating OAuth ...
Hackers Threaten Google with Data Leak Unless it Fires Threat Intelligence Employees
September 3, 2025
Hackers calling themselves Scattered LapSus Hunters threatened to leak Google databases unless two employees are dismissed, linking their demand to recent Salesforce-driven phishing attacks.
SK Telecom Hit with Record US$96.9 Million Fine After Data Breach Exposes 23 Million Users
September 3, 2025
SK Telecom has been fined $96.9 million after a breach exposed 23 million users’ data, marking the largest privacy penalty ever imposed on a South ...
Hackers Leak Sensitive Healthcare Data of 433,000 U.S. Doctors
September 3, 2025
Hackers leaked data on 433,000 U.S. doctors, exposing names, addresses, and emails. Experts warn of phishing, identity theft, and ransomware risks targeting healthcare professionals and ...
Brokewell Malware Targets Android Users via Fake TradingView Ads on Meta
September 2, 2025
A new and highly sophisticated Android malware campaign, dubbed Brokewell, has emerged as one of the most dangerous mobile threats of 2024–2025. First spotted in ...
Von der Leyen and Shapps Flights Hit by Suspected Russian Electronic Warfare
September 2, 2025
Aviation safety and geopolitics collided when multiple flights carrying high-ranking European and UK officials were hit by suspected Russian GPS jamming. European Commission President Ursula ...
Salesforce and Google Workspace Compromised in Largest SaaS Breach
September 2, 2025
In August 2025, the largest SaaS breach of the year shook the enterprise world when a newly identified threat actor, UNC6395, orchestrated a supply-chain attack ...
Tea App Data Breach Exposes Sensitive Images
September 2, 2025
Tea Dating Advice confirmed a July 2025 breach affecting 4,244 users, exposing sensitive PII, identity documents, and private images, raising concerns over larger-scale data exposure.
NCSC Warns of Malware Campaign Using Fake PDF Editors
September 2, 2025
The NCSC uncovered a malware campaign using fake PDF editors and manual finder tools to turn devices into residential proxies, enabling criminals to mask their ...
TransUnion Data Breach Exposes Personal Information of 4.4 Million
September 2, 2025
TransUnion confirmed a cyberattack exposing data of over 4.4 million U.S. consumers, tied to Salesforce breaches attributed to ShinyHunters and UNC6395 extortion groups.
Brokewell Android Malware Spread Through Fake TradingView Ads
September 2, 2025
Cybercriminals are exploiting Meta’s ad network to push fake TradingView Premium apps that secretly install Brokewell malware on Android devices, stealing data and hijacking user ...
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Autovista Battles Ransomware Attack Across Europe and Australia
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Basic-Fit Data Breach Exposes Personal Information of One Million Members
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
Adobe’s ColdFusion Vulnerabilities Pose a Major Threat Amid Broader Security Concerns
Microsoft Rolls Out Fast-Track Account Recovery for Windows Hardware Program Suspensions
Cyberwarfare Within the Underground: Ransomware Gangs Clash
Google Enhances Pixel Security with Rust-Based DNS Parser
US, UK, and Canadian Forces Execute Successful Anti-Cryptocurrency Theft Operation
Stolen Credentials and Zero Trust: Preventing Privilege Escalation in Security Breaches