Cyber Security
News
North Korean Hackers TA406 Target Ukraine to Gauge Russia’s Military Demands
North Korean hackers TA406 target Ukrainian government entities to assess Russia’s war demands, using phishing, PowerShell malware, and credential theft to inform DPRK military strategy. ...
News
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
Bank Street College of Education exposed 500,000+ personal files via a misconfigured AWS bucket, including resumes and contact details. Risk of phishing and ID fraud ...
News
Dior Confirms Data Breach Exposing Chinese Customer Information
Christian Dior confirms a customer data breach affecting Chinese users. Names, contacts, and shopping data were leaked; no financial details were compromised. Investigation ongoing.
News
Nucor Shuts Down Production Lines Following Cybersecurity Incident
Nucor Corporation has shut down select production operations following a cybersecurity incident that compromised internal systems. The company is investigating and restoring operations.
News
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
Hackers are selling 89 million Steam user records in an apparent supply chain breach involving vendor access. Valve denies a direct Steam breach but continues ...
News
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
HireClick leaked over 5.7 million resume files after leaving an AWS bucket unsecured. The data exposure poses significant risks of fraud, phishing, and identity theft. ...
News
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
Valve denies claims of a Steam data breach, stating leaked data consists of expired SMS codes with no account credentials, passwords, or personal information.
News
Memphis-Shelby County Schools Joins Growing Lawsuit Against PowerSchool After Data Breach
Tennessee’s largest school district has filed a federal lawsuit against PowerSchool, citing breach of contract and security failures linked to a December 2023 data breach. ...
News
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
Russian-aligned ransomware group DragonForce hit UK retailer Co-op, exposing customer data and disrupting operations, in a hybrid cyberattack blending financial and geopolitical motives.
News
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
The EU launches its own vulnerability database (EUVD) to strengthen cybersecurity, reduce reliance on CVE, and ensure greater digital sovereignty across European infrastructure.
News
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
Twilio denies breach after leaked Steam 2FA codes appear online. Experts suspect a third-party SMS provider may be the source of the data exposure.
News
M&S Confirms Customer Data Breach Following Cyberattack
M&S confirms a customer data breach exposing contact details and order history after a cyberattack, but reassures no payment data or passwords were compromised.
News
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Broadcom patches a critical VMware Tools vulnerability that allows attackers with limited VM access to tamper with files. Affects Windows, Linux, and open-vm-tools versions.
News
Thousands of Node Developers Compromised by Malware in Popular npm Packages
A sophisticated supply chain attack on npm injected malware into widely used packages, exposing thousands of developers to remote access trojans, data theft, and backdoors. ...
News
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
A Türkiye-linked cyberespionage group exploited a zero-day in Output Messenger, enabling access to sensitive data and communications in targeted attacks on Kurdish-aligned users.
News
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
A Moldovan suspect has been arrested for a 2021 DoppelPaymer ransomware attack that crippled Dutch research systems and caused €4.5 million in damages.
Cybersecurity
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
Chinese threat group Chaya_004 exploited a zero-day flaw in SAP NetWeaver servers, compromising hundreds of systems using remote code execution and web shell deployments.
Cybersecurity
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The iClicker website was hacked between April 12–16, 2025, using a fake CAPTCHA to deploy malware via a ClickFix attack targeting students and faculty.
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
LockBit's dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a leaked MySQL database.
News
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
Ascension confirms a third-party data breach affecting 437,329 patients, exposing sensitive personal and medical data, including Social Security numbers and health insurance details.
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
TOP CYBERSECURITY HEADLINES
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
This Week’s Security Spotlight
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Qantas Cyberattack Exposes Data of 5.7 Million Customers
The Qantas cyberattack compromised personal data of 5.7 million customers. No financial information was stolen, but names, emails, and contact details were exposed.
Android Malware ‘Anatsa’ Returns to Google Play to Target Banking Apps Across the U.S.
The Anatsa banking trojan resurfaced on Google Play, disguised as a PDF app, targeting U.S. users with credential theft overlays on popular mobile banking apps. ...
AI Deepfakes Used to Impersonate Secretary Rubio in Targeted Cyber Campaign
AI-generated deepfakes impersonating U.S. Secretary Rubio were used to contact foreign ministers and U.S. officials, with Russian actors suspected in the targeted social engineering campaign. ...
iOS Wingman App FlirtAI Exposes 160,000 Private Chat Screenshots in Major Privacy Breach
FlirtAI leaked 160,000 private chat screenshots from users seeking AI-generated responses, raising privacy concerns—especially for teenagers—due to an unprotected cloud storage bucket.
The Role of a Cyber Security Specialist in Building Cyber Resilience and Modern Defense Strategies
A cyber security specialist is central to cyber resilience and cyber risk management, ensuring modern defense mechanisms protect organizations from evolving digital threats.
Taiwan Sounds the Alarm: TikTok, WeChat, and the Chinese Data Threat
In this episode, we examine Taiwan’s growing alarm over Chinese mobile applications, especially TikTok and WeChat, in light of rising global concern over data privacy ...
The Evolution of Atomic macOS Stealer: Backdoors, Keyloggers, and Persistent Threats
This episode exposes the growing menace of Atomic macOS Stealer (AMOS) — a rapidly evolving malware-as-a-service (MaaS) platform targeting macOS users worldwide. Once seen as ...
CitrixBleed Returns: CVE-2025-5777 and the Exploitation of NetScaler Devices
In this episode, we dissect CitrixBleed 2—a newly disclosed and actively exploited vulnerability affecting Citrix NetScaler ADC and Gateway appliances. Tracked as CVE-2025-5777 (and possibly ...
SAP’s July 2025 Patch Day: Critical Flaws, CVE-2025-30012, and Ransomware Risk
In this episode, we break down SAP’s July 2025 Security Patch Day—a high-stakes moment for any enterprise relying on SAP’s core business applications. With 27 ...
Bitcoin Depot Notifies Over 26,000 Customers of Year-Old Data Breach Involving Driver’s License Information
Bitcoin Depot is alerting over 26,000 users of a 2024 data breach involving driver’s license details, after federal investigators delayed public notification for nearly a ...
‘Batavia’ Spyware Campaign Hits Russian Industrial Firms via Phishing Contracts
Batavia spyware is hitting Russian industrial firms with phishing emails posing as contracts, deploying multi-part malware to steal sensitive data and monitor infected systems.
Qantas Faces Extortion Following Cyberattack That Exposed Millions of Customer Records
Qantas confirms it’s facing extortion following a cyberattack that exposed customer data from a third-party vendor, possibly linked to Scattered Spider’s aviation sector targeting.
SatanLock Ransomware Group Abruptly Shuts Down, Leaks All Stolen Files
Ransomware gang SatanLock has ceased operations, announcing plans to leak all stolen victim data, marking an abrupt end to its brief but chaotic campaign.
Hackers Exploit Leaked Shellter Red Team Tool to Deploy Infostealers
Hackers weaponized Shellter Elite, a legitimate red team tool, to deliver infostealers after a leaked copy enabled months-long stealth attacks across the threat landscape.
Ingram Micro Hit by Global Outage, Internal Systems Remain Inaccessible Amid Cyberattack Concerns
Ingram Micro is facing a global outage affecting both external and internal systems, with growing concerns that a possible ransomware attack may be behind the ...
106GB Exposed? Telefónica, HellCat, and the Silent Data Breach
In this episode, we explore a shadowy and unconfirmed—but highly consequential—data breach at Spanish telecommunications giant Telefónica. Allegedly orchestrated by the HellCat ransomware group, the ...
Ingram Micro’s SafePay Ransomware Breach: Human-Operated Threats and Supply Chain Fallout
The recent ransomware attack on Ingram Micro, a global technology distribution giant, reveals not only a sophisticated human-operated cyber assault—but also the fragile state of ...
The Illusion of Shutdowns: What Hunters International’s Closure Really Means
In a sudden and cryptic announcement, the notorious ransomware group Hunters International has declared its shutdown, citing “recent developments” and pledging to release decryption keys ...
The AI Cyber Threat: How to Secure your Systems in the Age of Artificial Intelligence
AI cyber threats are changing the face of digital warfare. From adaptive malware to deepfake scams, learn how Cybersecurity AI fights back against AI cyber ...
BMW Financial Services Caught in Third-Party Data Breach Involving Texas Fintech Firm
BMW Financial Services confirms indirect exposure from a third-party breach at AIS. The incident affected over 1,950 individuals but did not compromise BMW’s own systems. ...