Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Tesco, Aldi Supplier Peter Green Chilled Hit by Ransomware, Disrupting UK Retail Supply Chains
News
Tesco, Aldi Supplier Peter Green Chilled Hit by Ransomware, Disrupting UK Retail Supply Chains
Andrew Doyle May 21, 2025
UK logistics firm Peter Green Chilled suffered a ransomware attack, disrupting deliveries for Tesco, Aldi, and Sainsbury’s amid a rising wave of supply chain cyberattacks. ...
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
News
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
Mitchell Langley May 21, 2025
Cellcom confirms a cyberattack caused week-long service outages across Wisconsin and Michigan, impacting calls and SMS; personal data reportedly not compromised.
VanHelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
News
VanHelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
Mitchell Langley May 21, 2025
VanHelsing ransomware's builder and affiliate panel source code leaked after a former developer tried to sell it, prompting the gang to release it themselves.
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
News
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
Andrew Doyle May 20, 2025
Scattered Spider used third-party TCS employee credentials to breach M&S systems, exposing customer data and costing over £1 billion in market value and lost profits. ...
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
News
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
Mitchell Langley May 20, 2025
Fake KeePass installers promoted via Bing ads delivered Cobalt Strike and stole credentials, ultimately leading to ESXi ransomware attacks linked to Black Basta affiliates.
TeleMessage Breach Exposes U.S. Government Messaging Data, 410GB Archive Published by DDoSecrets
News
TeleMessage Breach Exposes U.S. Government Messaging Data, 410GB Archive Published by DDoSecrets
Mitchell Langley May 20, 2025
Hackers exploited a flaw in TeleMessage’s TM SGNL app, exposing U.S. official communications. DDoSecrets published 410GB of chat logs and metadata from the breach.
Arla Foods Cyberattack Disrupts German Production Site, Causes Delivery Delays
News
Arla Foods Cyberattack Disrupts German Production Site, Causes Delivery Delays
Andrew Doyle May 20, 2025
Arla Foods confirmed a cyberattack at its Upahl production site in Germany, disrupting operations and causing delivery delays. No data theft has been confirmed.
O2 Flaw Leaked Customer Geolocation Data to Any Caller
News
O2 Flaw Leaked Customer Geolocation Data to Any Caller
Andrew Doyle May 20, 2025
O2 exposed customers’ real-time locations via VoLTE call metadata. A researcher found SIP headers leaking geolocation and device data. The issue is now resolved.
Coinbase Insider Breach Exposes Customer Data and Government IDs; $20M Ransom Rejected
News
Coinbase Insider Breach Exposes Customer Data and Government IDs; $20M Ransom Rejected
Andrew Doyle May 19, 2025
Coinbase Insider Breach revealed that rogue support agents aided a cyberattack stealing customer data and government IDs. The attackers demanded $20 million, but Coinbase refused ...
Hackers Target VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own Berlin 2025
News
Hackers Target VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own Berlin 2025
Mitchell Langley May 19, 2025
Researchers at Pwn2Own Berlin 2025 earned $695,000 for exploiting zero-day flaws in VMware ESXi, Microsoft SharePoint, Firefox, and AI platforms.
Adidas and Dior Confirm Customer Data Breaches Following Targeted Cyberattacks
News
Adidas and Dior Confirm Customer Data Breaches Following Targeted Cyberattacks
Mitchell Langley May 19, 2025
Adidas and Dior confirmed data breaches affecting customer information in Korea and China. Both brands reported no financial data exposure and began notifying affected individuals. ...
Ransomware Gangs Adopt Skitnet Malware for Post-Exploitation Attacks in Enterprise Environments
News
Ransomware Gangs Adopt Skitnet Malware for Post-Exploitation Attacks in Enterprise Environments
Andrew Doyle May 19, 2025
Ransomware groups including BlackBasta and Cactus are using Skitnet malware for stealthy post-exploitation in enterprise networks, enabling persistence, data theft, and remote control.
How Can I Protect Myself from the M&S Cyberattack?
Blog
How Can I Protect Myself from the M&S Cyberattack?
Andrew Doyle May 19, 2025
Marks & Spencer suffered a data breach. Here’s how customers can protect themselves from phishing, fraud, and future attacks using simple, actionable online safety tips. ...
Broadcom Employee Data Leaked After Supply Chain Breach at ADP Partner
News
Broadcom Employee Data Leaked After Supply Chain Breach at ADP Partner
Andrew Doyle May 19, 2025
Broadcom employee data leaked after a ransomware attack on ADP partner Business Systems House. Sensitive files appeared on the dark web, impacting global semiconductor workers. ...
SK Telecom Data Breach Exposes Nearly 27 Million SIM Records
News
SK Telecom Data Breach Exposes Nearly 27 Million SIM Records
Mitchell Langley May 19, 2025
SK Telecom suffered a data breach impacting nearly 27 million SIM records, with malware infections across 23 servers and critical personal data left unencrypted.
This Week In Cybersecurity: May 12th to 16th, 2025
News
This Week In Cybersecurity: May 12th to 16th, 2025
Andrew Doyle May 19, 2025
"This week in cybersecurity highlights significant data breaches, vulnerabilities, and emerging threats impacting various sectors, emphasizing the need for robust security measures."
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
News
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
Andrew Doyle May 19, 2025
A cyberattack on the UK’s Legal Aid Agency exposed personal, financial, and criminal data of applicants dating back to 2010, prompting a full shutdown of ...
Ransomware Gangs Exploit SAP NetWeaver Vulnerability in Ongoing Global Attacks
News
Ransomware Gangs Exploit SAP NetWeaver Vulnerability in Ongoing Global Attacks
Mitchell Langley May 16, 2025
Ransomware groups RansomEXX and BianLian have joined global threat actors exploiting a critical SAP NetWeaver vulnerability, risking full remote system compromise for unpatched servers.
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
News
OpenAI Testing Model Context Protocol Integration for ChatGPT
Andrew Doyle May 16, 2025
OpenAI is testing Model Context Protocol support in ChatGPT, allowing secure access to third-party tools and enterprise platforms for more powerful, contextual task handling.
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
News
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
Mitchell Langley May 16, 2025
Russian-linked hackers exploited XSS flaws in Roundcube, Zimbra, and others to steal government emails globally through a no-click attack dubbed the RoundPress campaign.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
The Evolution of Atomic macOS Stealer: Backdoors, Keyloggers, and Persistent Threats
July 8, 2025
Podcasts
CitrixBleed Returns: CVE-2025-5777 and the Exploitation of NetScaler Devices
July 8, 2025
Podcasts
SAP’s July 2025 Patch Day: Critical Flaws, CVE-2025-30012, and Ransomware Risk
July 8, 2025

Cyber Security News

Delta Dental of Virginia Incident Exposes Personal and Health Information
Data Security
Delta Dental of Virginia Incident Exposes Personal and Health Information
November 25, 2025
Vulnerabilities in Fluent Bit Cloud Logging Tool Pose Significant Security Risks
Cybersecurity
Vulnerabilities in Fluent Bit Cloud Logging Tool Pose Significant Security Risks
November 25, 2025
SitusAMC Admits to Data Breach Impacting Client Information
Data Security
SitusAMC Admits to Data Breach Impacting Client Information
November 25, 2025
Amazon Web Services Confronts Service Failures What Went Wrong and Lessons Learned
Cybersecurity
Amazon Web Services Confronts Service Failures: What Went Wrong and Lessons Learned
November 25, 2025
Defensive Strategies Against New ClickFix Ransomware Tactics
Data Security
Defensive Strategies Against New ClickFix Ransomware Tactics
November 25, 2025
ClickFix Attacks Use Poisoned PNG Files to Deliver Malicious Code
Cybersecurity
ClickFix Attacks Use Poisoned PNG Files to Deliver Malicious Code
November 25, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Critical Vulnerabilities Discovered in Adobe Acrobat Reader and ASUS Armoury Crate
July 14, 2025
Four high-severity security flaws were found in ASUS Armoury Crate and Adobe Acrobat Reader, exposing millions of users to potential system hijacking and data theft ...
Nippon Steel Hit by Zero-Day Attack, Sensitive Data Believed Stolen
July 14, 2025
Nippon Steel confirms a zero-day cyberattack in March exposed sensitive information belonging to customers, employees, and partners, raising concerns over escalating threats to industrial firms. ...
Wing FTP Server Under Active Exploitation Following Critical RCE Vulnerability Disclosure
July 14, 2025
Hackers are actively exploiting a critical remote code execution vulnerability in Wing FTP Server, just one day after technical details became public, targeting enterprise systems ...
TikTok, China, and the EU: The Battle Over Data Sovereignty
July 11, 2025
In this episode, we explore the mounting scrutiny TikTok faces over its handling of European user data, with the EU’s Data Protection Commission (DPC) launching ...
WSUS Meltdown: Global Sync Failures and the Shift Toward Cloud Patch Management
July 11, 2025
Windows Server Update Services (WSUS) has long been a cornerstone of enterprise patch management—but recent global synchronization failures have raised serious questions about its future ...
Booz Allen Invests in Corsha: Defending Machine-to-Machine Communication at Scale
July 11, 2025
As the cybersecurity landscape shifts toward hyperautomation and AI-driven autonomy, a new frontier has emerged: the identity and access security of machines. In this episode, ...
Cracking eSIM: Exposing the Hidden Threats in Next-Gen Mobile Security
July 11, 2025
eSIM technology has transformed the way we connect—but has it also introduced new vulnerabilities into the heart of modern telecommunications? In this deep-dive episode, we ...
Hackers Trojanize Legitimate Mac Developer Tools with ZuRu Malware
July 11, 2025
Hackers are embedding ZuRu malware into legitimate Mac developer apps like Termius, compromising systems with persistent backdoors and targeting environments lacking strong endpoint protection.
Russian Basketball Player Arrested in France for Alleged Role in Ransomware Operations
July 11, 2025
Former Penn State basketball player Daniil Kasatkin is facing extradition to the U.S. after being arrested in France for allegedly acting as a ransomware gang ...
McDonald’s Massive AI-Linked Breach Sparks Industry Concerns Over Data Security and Governance
July 11, 2025
A data breach affecting 60 million McDonald’s job applicants has reignited debate over AI’s data handling risks, with experts urging stronger fundamentals in data security. ...
PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution Risks
July 11, 2025
Bluetooth flaws in OpenSynergy’s BlueSDK expose vehicles from Mercedes, Volkswagen, and Skoda to over-the-air attacks, enabling remote access and potential movement into critical systems.
Say Goodbye to Manual Identity Processes and Hello to Scalable IAM Automation
July 11, 2025
Manual identity processes expose your business to risk. Discover how scalable IAM automation transforms user access, improves compliance, and eliminates operational bottlenecks.
Qantas Breach and Beyond: Cybersecurity Risks in Australia’s Digital Supply Chains
July 10, 2025
As Australia contends with a growing wave of cybersecurity incidents, this episode explores the intersection of national privacy laws, global supply chain vulnerabilities, and public ...
Krispy Kreme Faces Class Action Lawsuit Over Breach That Exposed 160,000 Employee Records
July 10, 2025
A 2024 data breach at Krispy Kreme exposed over 160,000 employee records. A new class action lawsuit blames the company’s failure to encrypt sensitive data. ...
Iranian Hacktivists Breach Iran International and Threaten Journalists in London
July 10, 2025
Iran International suffers a massive breach by Iranian hacktivist group Handala, exposing sensitive journalist data and threatening targeted leaks against staff in London and beyond. ...
Job Seeker Data Breach Exposes 5.1 Million Resumes Through Misconfigured Cloud Storage
July 10, 2025
A misconfigured cloud storage container exposed 5.1 million resumes linked to LiveCareer, putting job seekers at high risk of identity theft and phishing attacks.
NightEagle APT Group Exploits Microsoft Exchange Zero-Day to Target China’s AI and Military Sectors
July 10, 2025
APT group NightEagle exploited a Microsoft Exchange zero-day to infiltrate Chinese AI and defense sectors, using stealthy payloads and persistent backdoors to steal sensitive data. ...
Browser Extensions Turned Trojan Overnight, Compromising 2.3 Million Users
July 10, 2025
Eighteen Chrome and Edge extensions’ updates transformed them into Trojans, compromising 2.3 million users by redirecting traffic, hijacking data, and enabling persistent access.
M&S Ransomware Attack Traced to Sophisticated Social Engineering Scheme
July 9, 2025
M&S confirmed a major ransomware attack stemmed from social engineering, leading to data theft and system shutdowns linked to DragonForce ransomware and possible third-party compromise. ...
Public EV Chargers Pose New Cybersecurity Risks to Tesla and Other Electric Vehicles
July 9, 2025
New research reveals how hackers can exploit EV public chargers—including Teslas—using man-in-the-middle attacks, unencrypted data links, and exposed SSH ports to disrupt charging networks.
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited