Main Menu
Cyber Security
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Tier 1 SOC Analysts Are Carrying More Weight Than They Should
Joint Operation Dismantles Criminal Syndicate Exploiting Ukrainian War Refugees
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
Russian Ransomware Operator Admits Guilt in U.S. Court
Meta’s Smart Glasses Face Privacy Investigation in Britain
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
HungerRush POS Platform Targeted in Data Extortion Scheme
Fake OpenClaw Installers on GitHub Are Stealing User Data
Coruna iOS Exploits Target Apple Devices in Espionage and Financial Attacks
FBI Seizes LeakBase and Disrupts a Major Cybercrime Forum
Zurich Forms Cyber Insurance Powerhouse with $11 Billion Beazley Acquisition
Retaliatory Hacktivism Escalates Amid Epic Fury and Roaring Lion Military Operations
University of Mississippi Medical Center Resumes Operations After Nine-Day Ransomware Attack
LexisNexis Data Breach Claimed by Fulcrumsec Group
Attackers Exploit Command Injection Vulnerability in Sangoma FreePBX
Alabama Man Pleads Guilty to Cyberstalking and Extortion After Hijacking Hundreds of Women’s Accounts
Chrome’s Gemini Live Feature Left Users Exposed to Malicious Extensions
Google Chrome Moves to Strengthen HTTPS Certificates Against Quantum Threats
Florida Woman Gets 22 Months in Prison for Trafficking Stolen Microsoft COA Labels
Deepfake and Injection Attacks Are Targeting Identity Verification Systems
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
Criminals Exploit Dubai Crisis With Elaborate Fake Police Scheme
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
News
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
Mitchell Langley June 24, 2025
McLaren Health Care has suffered a major data breach, exposing sensitive personal and medical data of 743,000 individuals, following a history of ransomware incidents.
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
News
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
Andrew Doyle June 24, 2025
Oxford City Council has confirmed a cybersecurity breach involving legacy systems, exposing election worker data from 2001 to 2022 after detecting unauthorized access to its ...
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
News
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
Andrew Doyle June 24, 2025
Insurance giant Aflac has confirmed a breach involving sensitive personal and health data, part of a broader wave of attacks linked to the Scattered Spider ...
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
News
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
Mitchell Langley June 24, 2025
Taiwan-based crypto exchange BitoPro has linked the $11 million theft from its platform to the North Korean Lazarus Group, citing attack similarities and forensic evidence. ...
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
News
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
Andrew Doyle June 19, 2025
A key figure behind Ryuk ransomware’s initial network intrusions has been extradited to the U.S., marking a major step in global efforts against ransomware operations. ...
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
News
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
Andrew Doyle June 19, 2025
A data breach at Episource has compromised the personal and medical information of over 5.4 million individuals in a targeted January 2025 cyberattack.
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
News
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
Andrew Doyle June 19, 2025
Veeam patched a critical RCE flaw (CVE-2025-23121) allowing domain users to hijack backup servers, risking ransomware exploitation in misconfigured enterprise environments.
Predatory Sparrow Drains and Burns $90M in Cyberattack on Iran’s Nobitex Exchange
News
Predatory Sparrow Drains and Burns $90M in Cyberattack on Iran’s Nobitex Exchange
Mitchell Langley June 19, 2025
Predatory Sparrow claims responsibility for a politically motivated cyberattack on Iran’s Nobitex exchange, draining and burning over $90 million in unusable cryptocurrency.
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
News
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
Mitchell Langley June 19, 2025
BeyondTrust patched a critical vulnerability (CVE-2025-5309) in its Remote Support software that allowed unauthenticated attackers to gain full remote code execution on servers.
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
News
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
Mitchell Langley June 18, 2025
China-backed Salt Typhoon breached Viasat in a broader espionage campaign against U.S. telecoms ahead of the 2024 election, targeting both government and private networks.
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
News
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
Mitchell Langley June 18, 2025
A World Leaks ransomware attack on Freedman Healthcare may expose over 42,000 sensitive files. The health tech firm supports data systems for 27 U.S. state ...
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
News
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
Andrew Doyle June 18, 2025
CISA warns of active exploitation targeting outdated TP-Link routers with command injection flaws. Users and federal agencies must act fast to avoid security breaches.
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
News
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
Andrew Doyle June 18, 2025
Scattered Spider may have pivoted from retail to insurance, with Erie Indemnity likely its first U.S. victim. Experts urge insurers to prepare for advanced phishing ...
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
News
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
Mitchell Langley June 18, 2025
EDRi is calling for a full ban on spyware in the EU, warning that unchecked surveillance software threatens human rights, democratic institutions, and cybersecurity.
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
News
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
Andrew Doyle June 17, 2025
Several Washington Post journalists’ Microsoft email accounts were compromised in a cyberattack believed to be the work of a foreign government targeting national security reporting. ...
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
News
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
Mitchell Langley June 17, 2025
Cybercriminals are now targeting the U.S. insurance sector with Scattered Spider-style tactics—experts warn of imminent threats involving phishing, SIM swapping, and MFA abuse.
Zoomcar Confirms Data Breach Impacting 8.4 Million Users Following Threat Actor Alert
News
Zoomcar Confirms Data Breach Impacting 8.4 Million Users Following Threat Actor Alert
Mitchell Langley June 17, 2025
Zoomcar has confirmed a cybersecurity breach affecting 8.4 million users, exposing names, contact details, and vehicle data—but not financial information or passwords.
Hackers Claim Breach of Scania’s Corporate Insurance Arm, 34,000 Files Allegedly Stolen
News
Hackers Claim Breach of Scania’s Corporate Insurance Arm, 34,000 Files Allegedly Stolen
Andrew Doyle June 17, 2025
Hackers claim to have breached Scania’s corporate insurance arm, stealing 34,000 internal files. The targeted platform remains offline, citing maintenance.
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
News
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
Mitchell Langley June 17, 2025
A ransomware attack forced Germany’s century-old napkin manufacturer Fasana into insolvency, halting production, delaying salaries, and causing losses over €2 million in two weeks.
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
Cybersecurity
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
Mitchell Langley June 16, 2025
Hackers have claimed to leak a database containing 64 million records linked to T-Mobile, one of the largest mobile carriers ...
ELECQ Data Breach May Have Exposed EV Charger Users' Private Information
Cybersecurity
ELECQ Data Breach May Have Exposed EV Charger Users’ Private Information
Mitchell Langley March 11, 2026
Meta's Smart Glasses Face Privacy Investigation in Britain
Cybersecurity
Meta’s Smart Glasses Face Privacy Investigation in Britain
Gabby Lee March 6, 2026
Lazarus Group Expands Its Ransomware Arsenal with Medusa
News
Lazarus Group Expands Its Ransomware Arsenal with Medusa
Andrew Doyle February 25, 2026
Polish Authorities Detain Suspected Phobos Ransomware Operative
News
Polish Authorities Detain Suspected Phobos Ransomware Operative
Andrew Doyle February 18, 2026

TOP CYBERSECURITY HEADLINES

ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant's Own Tool
Application Security
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
Salesforce's Experience Cloud Platform Faces Vulnerability Challenges
Application Security
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
News
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
Cybersecurity
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025

This Week’s Security Spotlight

OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
CISA Faces Challenges With Limited Resources Amid DHS Shutdown
Cybersecurity
CISA Faces Challenges With Limited Resources Amid DHS Shutdown
Andrew Doyle February 17, 2026
Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
More In News
Trending
Law Enforcement Dismantles Tycoon2FA Phishing-as-a-Service Platform
Phishing Attack Masquerades as Google Security Page to Steal Sensitive Information
Optimizely Suffers a Data Breach Through a Voice Phishing Attack
Cybercriminals Exploit OAuth 2.0 Device Authorization Flow in Vishing Campaigns

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
CISA Flags CVE-2025-6554: Patching Chrome’s Critical Flaw Before It’s Too Late
July 7, 2025
Podcasts
ANSSI vs. Houken: France Battles Advanced Chinese Hacking Threat
July 4, 2025
Podcasts
Psychological Manipulation and AI Fraud: How Spain Exposed a $12M Scam
July 4, 2025

Cyber Security News

SoundCloud's VPN Restrictions Lead to Access Denials for Users
Cybersecurity
SoundCloud’s VPN Restrictions Lead to Access Denials for Users
December 16, 2025
Unsecured 16TB Database Exposes 4.3 Billion Professional Records
Information Security
Unsecured 16TB Database Exposes 4.3 Billion Professional Records
December 15, 2025
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
Application Security
Notepad++ Fixes Updater Vulnerability Allowing Attackers to Hijack Update Traffic
December 15, 2025
Germany Accuses Russia of Cyberattacks on Air Traffic Control and Election Interference
Cybersecurity
Germany Accuses Russia of Cyberattacks on Air Traffic Control and Election Interference
December 15, 2025
Justice Department Alleges Misleading Compliance in Federal Audit Case
Cybersecurity
Justice Department Alleges Misleading Compliance in Federal Audit Case
December 15, 2025
GeoServer Vulnerability Exploitation Facilitates External Entity Attacks
Endpoint Security
GeoServer Vulnerability Exploitation Facilitates External Entity Attacks
December 15, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Nvidia Triton Inference Server Vulnerabilities Expose AI Infrastructure to Attack
August 4, 2025
A major warning has hit the AI community: Nvidia’s Triton Inference Server — one of the most widely used open-source platforms for deploying and scaling ...
CISA & FEMA Release $100M in Cybersecurity Grants to Strengthen State, Local, and Tribal Defenses
August 4, 2025
The U.S. Department of Homeland Security, through CISA and FEMA, has announced over $100 million in new cybersecurity grant funding for Fiscal Year 2025 — ...
350,000 Patient Records Exposed: Inside the Northwest Radiologists Data Breach
August 4, 2025
In this episode, we investigate the Northwest Radiologists data breach, a devastating cyberattack that compromised the personal and medical information of approximately 350,000 patients in ...
AI Jailbreaks on the Rise: How Hackers Are Extracting Training Data from LLMs
August 4, 2025
In this episode, we examine the rapidly growing threat of AI jailbreaks — a cybersecurity challenge reshaping the landscape of large language models (LLMs) and ...
DragonForce Ransomware – Hacktivist Turned Cybercriminal Enterprise
August 4, 2025
DragonForce is a ransomware and data extortion group that evolved from a pro-Palestinian hacktivist collective into a financially motivated cybercriminal enterprise.
Hackers Target Python Developers With Phishing Campaign Using Fake PyPI Site
August 3, 2025
A phishing attack is targeting Python developers with fake PyPI login prompts to steal credentials and potentially distribute malware via compromised Python packages.
Mastering the Metasploit Framework: The Ultimate Guide to Exploits, Payloads, and Ethical Hacking
August 1, 2025
Explore the full potential of the Metasploit Framework for ethical hacking, penetration testing, and CVE exploitation with this complete, real-world guide for cybersecurity professionals.
Shadow IT in the Enterprise: Risks You Didn’t Know You Had
July 31, 2025
Unmanaged SaaS and shadow IT applications silently open dangerous security gaps. Discover how enterprise teams can detect, control, and protect against these invisible but growing ...
Critical Honeywell Experion PKS Vulnerabilities Threaten Global Industrial Control Systems
July 31, 2025
In this episode, we analyze the multiple vulnerabilities recently disclosed in Honeywell’s Experion Process Knowledge System (PKS), a widely deployed industrial control and automation solution ...
Minnesota Deploys National Guard Cyber Unit Following Major Cyberattack on St. Paul City Systems
July 31, 2025
Minnesota activates the National Guard’s cyber unit after a cyberattack cripples St. Paul’s municipal systems, prompting emergency declarations and a multi-agency response.
Tea App Disables Messaging After Second Breach Exposes Over One Million Private Conversations
July 31, 2025
Tea app disables messaging after two breaches: 72,000 verification images leaked, then 1.1 million private messages exposed; FBI and security firms investigating.
ShinyHunters Behind Salesforce-Related Data Breaches at Qantas, Allianz Life, LVMH
July 31, 2025
ShinyHunters targets Salesforce users at Qantas, Allianz, and LVMH in voice phishing attacks to steal customer data and conduct private extortion campaigns.
RiteCheck Confirms Data Breach Affecting Nearly 70,000 Customers and Employees
July 31, 2025
RiteCheck has disclosed a 2023 data breach impacting nearly 70,000 people, exposing Social Security numbers, payment card data, and IDs after an 11-month delay.
Auto-Color Linux Malware Exploits SAP Zero-Day CVE-2025-31324
July 31, 2025
In this episode, we uncover the Auto-Color Linux malware, a stealthy and highly persistent Remote Access Trojan (RAT) that is rapidly emerging as one of ...
Inside the July 2025 PyPI Phishing Scam: How Hackers Stole Developer Credentials
July 31, 2025
In this episode, we investigate the growing cybersecurity storm targeting the Python Package Index (PyPI) — the backbone of Python’s software distribution ecosystem. A recent ...
IoT Security Crisis: Dahua Smart Camera Vulnerabilities Expose Surveillance Systems
July 31, 2025
In this episode, we examine the alarming discovery of critical security vulnerabilities in Dahua smart cameras, one of the world’s most widely deployed surveillance systems. ...
Dropzone AI Secures $37M to Tackle Alert Fatigue with Autonomous SOC Analysts
July 30, 2025
In this episode, we dive into Dropzone AI’s landmark $37 million Series B funding round, bringing the company’s total raised to over $57 million. Backed ...
Axonius Buys Cynerio for $100M+: Closing Healthcare’s Biggest Cybersecurity Blind Spot
July 30, 2025
In this episode, we explore Axonius’s landmark acquisition of Cynerio, a healthcare cybersecurity company specializing in protecting vulnerable medical devices like MRI machines, infusion pumps, ...
Hackers Exploit SAP NetWeaver Flaw to Deploy Advanced Auto-Color Malware on U.S. Chemical Firm
July 30, 2025
Hackers exploited a critical SAP NetWeaver vulnerability to deploy Auto-Color malware on a U.S. chemicals firm, using advanced stealth and sandbox evasion techniques.
Aeroflot Flights Canceled After Hacktivist Cyberattack Cripples Airline Systems
July 30, 2025
Aeroflot’s operations were disrupted after a cyberattack claimed by Ukrainian and Belarusian hacktivists who allege wiping critical systems and exfiltrating sensitive airline data.
ShinyHunters Breaches Salesforce and 100 Companies Using Mandiant’s Own Tool
Salesforce’s Experience Cloud Platform Faces Vulnerability Challenges
Russian Threat Actors Targeting Signal and WhatsApp Accounts of Officials
North Korean Group UNC4899 Suspected Behind Cryptocurrency Cloud Heist in 2025
Microsoft Still Working to Fix Bright White Flash Issue in Windows 11 File Explorer
Dutch Police Give Suspected Scammers a Two-Week Deadline to Surrender
Evasive ClickFix Tactic Leverages Windows Terminal to Avoid Detection
Perplexity’s Comet Browser Had a Flaw That Left Users Vulnerable to Local File Theft
Tier 1 SOC Analysts Are Carrying More Weight Than They Should
Joint Operation Dismantles Criminal Syndicate Exploiting Ukrainian War Refugees
JavaScript Worm Disrupts Wikimedia Platforms Across Multiple Wikis
WordPress Plugin Vulnerability Puts Over 60,000 Sites at Risk
US Government Contractor’s Son Charged with Cryptocurrency Theft from US Marshals Service
Cisco Catalyst SD-WAN Manager Faces Active Exploitation of New Vulnerabilities
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Russian Ransomware Operator Admits Guilt in U.S. Court
Meta’s Smart Glasses Face Privacy Investigation in Britain
Iranian MOIS-Linked MuddyWater Cyber Group Deploys New Custom Implant
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure
HungerRush POS Platform Targeted in Data Extortion Scheme