Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
The Truth About Identity Attacks How to Protect Your Business and Data
Blog
The Truth About Identity Attacks: How to Protect Your Business and Data
Gabby Lee May 8, 2025
In today's digital landscape, identity attacks are rampant, costing businesses millions and causing irreparable damage to reputations. This comprehensive guide explores seven common identity-based attacks, ...
PowerSchool Hacker Now Extorting Individual School Districts Using Stolen Data
News
PowerSchool Hacker Now Extorting Individual School Districts Using Stolen Data
Mitchell Langley May 8, 2025
The PowerSchool hacker is now targeting individual school districts, threatening to leak sensitive student and staff data stolen in the December 2024 breach.
NSO Group Fined $167 Million for Pegasus Spyware Attack on WhatsApp Users
News
NSO Group Fined $167 Million for Pegasus Spyware Attack on WhatsApp Users
Mitchell Langley May 8, 2025
A U.S. jury has ordered NSO Group to pay over $167 million in damages for a 2019 Pegasus spyware attack that targeted 1,400 WhatsApp users. ...
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Cybersecurity
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Andrew Doyle May 8, 2025
U.S. Oil and Gas Sectors Face Persistent Cyber Threats, CISA Warns The Cybersecurity and Infrastructure Security Agency (CISA) has issued ...
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley May 8, 2025
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail sectors.
UK Retail Cyberattacks Prompt Urgent Warning from National Cyber Security Centre
News
UK Retail Cyberattacks Prompt Urgent Warning from National Cyber Security Centre
Mitchell Langley May 7, 2025
The UK’s NCSC has issued a warning after recent cyberattacks disrupted major retailers including Marks & Spencer, Harrods, and Co-op, urging stronger cybersecurity readiness.
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
News
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
Mitchell Langley May 7, 2025
Masimo disclosed a cyberattack impacting manufacturing and logistics, coinciding with the $350M sale of its Sound United audio brands to Samsung subsidiary Harman.
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
News
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
Andrew Doyle May 7, 2025
Ransom House claims to have breached German brewing giant Oettinger, threatening to leak sensitive data if the company fails to meet its ransom demands.
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
News
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
Mitchell Langley May 7, 2025
CISA confirms active exploitation of critical Langflow RCE flaw CVE-2025-3248, urging urgent updates to prevent full server takeover through exposed API endpoints.
“Bring Your Own Installer” EDR Bypass Used in Ransomware Attack Targeting SentinelOne
News
“Bring Your Own Installer” EDR Bypass Used in Ransomware Attack Targeting SentinelOne
Andrew Doyle May 7, 2025
A new “Bring Your Own Installer” bypass lets ransomware actors disable SentinelOne EDR protection by exploiting the agent upgrade process, leaving endpoints exposed to attack. ...
The Rising Tide of Supply Chain Cybersecurity Risks in 2025-min
Blog
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Mitchell Langley May 6, 2025
Explore six critical Supply Chain Cybersecurity Risks in 2025—from AI-driven cyberattacks and IoT vulnerabilities to quantum computing and geopolitical threats shaping logistics.
Rhysida Ransomware Gang Claims Cyberattack on Peruvian Government Systems
News
Rhysida Ransomware Gang Claims Cyberattack on Peruvian Government Systems
Andrew Doyle May 6, 2025
Rhysida ransomware group has claimed responsibility for a cyberattack on Peru’s government systems, demanding payment for stolen data while officials deny any breach occurred.
Anonymous Hacks GlobalX Airline Over Deportation Flights Linked to ICE and Trump-Era Policy
News
Anonymous Hacks GlobalX Airline Over Deportation Flights Linked to ICE and Trump-Era Policy
Mitchell Langley May 6, 2025
Anonymous defaced a GlobalX subdomain and leaked flight manifests related to ICE deportation flights of Venezuelan migrants, protesting Trump-era policies ruled unlawful by a federal ...
Trump’s Security Adviser Targeted in Messaging App Breach Linked to Signal Clone
News
Trump’s Security Adviser Targeted in Messaging App Breach Linked to Signal Clone
Mitchell Langley May 6, 2025
A hacked Signal clone used by Trump’s former security adviser Mike Waltz has raised serious concerns over the safety of sensitive government communications.
New York Post X Account Hacked and Hijacked in Targeted Crypto Scam
News
New York Post X Account Hacked and Hijacked in Targeted Crypto Scam
Andrew Doyle May 6, 2025
Hackers hijacked the New York Post’s verified X account to target crypto users via direct messages, redirecting victims to a Telegram-based scam under false pretenses. ...
EU Fines TikTok €530 Million For Data Protection Failures
News
EU Fines TikTok €530 Million For Data Protection Failures
Mitchell Langley May 6, 2025
TikTok has been fined €530 million by EU regulators over data protection failures and may face a data transfer suspension to China unless it complies ...
StealC Malware Upgraded With Advanced Data Theft and Stealth Capabilities
News
StealC Malware Upgraded With Advanced Data Theft and Stealth Capabilities
Mitchell Langley May 5, 2025
StealC malware receives major upgrade with advanced stealth, encryption, and data theft tools, including real-time Telegram alerts and full desktop screenshot capabilities.
UK Retailer Co-op Discloses Data Theft After DragonForce Ransomware Compromise
News
UK Retailer Co-op Discloses Data Theft After DragonForce Ransomware Compromise
Andrew Doyle May 5, 2025
UK retailer Co-op has confirmed a data breach impacting millions, following a ransomware attack by DragonForce. Personal details were stolen, but no financial data.
U.S. Indicts Black Kingdom Ransomware Developer Behind 1,500 Microsoft Exchange Attacks
News
U.S. Indicts Black Kingdom Ransomware Developer Behind 1,500 Microsoft Exchange Attacks
Andrew Doyle May 5, 2025
The U.S. has indicted a Yemeni national for operating Black Kingdom ransomware, targeting Microsoft Exchange servers in 1,500 global attacks demanding $10,000 in Bitcoin.
Sodinokibi/REvil Ransomware: The Evasive Threat
Threat Actors
Sodinokibi/REvil Ransomware: The Evasive Threat
Andrew Doyle May 5, 2025
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April ...
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
CISA Flags CVE-2025-6554: Patching Chrome’s Critical Flaw Before It’s Too Late
July 7, 2025
Podcasts
ANSSI vs. Houken: France Battles Advanced Chinese Hacking Threat
July 4, 2025
Podcasts
Psychological Manipulation and AI Fraud: How Spain Exposed a $12M Scam
July 4, 2025

Cyber Security News

Avast Launches AI-Powered Scam Guardian to Tackle Growing Online Threats
Cybersecurity
Avast Launches AI-Powered Scam Guardian to Tackle Growing Online Threats
November 24, 2025
SolarWinds Fixes Critical Serv-U Vulnerabilities Enabling Remote Code Execution
Application Security
SolarWinds Fixes Critical Serv-U Vulnerabilities Enabling Remote Code Execution
November 24, 2025
British Teenagers in Court for TfL Cybersecurity Breach Allegations
Cybersecurity
British Teenagers in Court for TfL Cybersecurity Breach Allegations
November 24, 2025
Nvidia Confirms Performance Issues in Windows 11 Updates Impact Gaming Experience
Application Security
Nvidia Confirms Performance Issues in Windows 11 Updates Impact Gaming Experience
November 24, 2025
Grafana Vulnerability Addressing Critical Security Flaw in SCIM Component
CVE Vulnerability Alerts
Grafana Vulnerability: Addressing Critical Security Flaw in SCIM Component
November 24, 2025
CISA Urges Agencies to Patch Oracle Identity Manager Flaw Amid Exploits
Cybersecurity
CISA Urges Agencies to Patch Oracle Identity Manager Flaw Amid Exploits
November 24, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
CISA Flags CVE-2025-6554: Patching Chrome’s Critical Flaw Before It’s Too Late
July 7, 2025
A newly discovered and actively exploited zero-day vulnerability in Google Chrome has sent ripples through the cybersecurity community. Known as CVE-2025-6554, this critical type confusion ...
Telefónica Faces New Data Leak Allegations After Hacker Publishes Sample Files
July 7, 2025
A hacker linked to Hellcat ransomware claims to have stolen 106GB of Telefónica data and has started leaking files after the company denied the breach. ...
Ingram Micro Confirms SafePay Ransomware Attack Behind Major Outage
July 7, 2025
Ingram Micro confirms ransomware attack by SafePay as the cause of ongoing system outages, disrupting ordering platforms and forcing VPN shutdowns across multiple global locations. ...
Cybercriminals Turn to PDFs to Impersonate Microsoft, PayPal, and DocuSign
July 7, 2025
Cybercriminals are increasingly using PDFs to impersonate trusted brands like Microsoft, PayPal, and DocuSign in phishing campaigns designed to steal credentials or deploy malware.
ANSSI vs. Houken: France Battles Advanced Chinese Hacking Threat
July 4, 2025
In this episode, we uncover a high-stakes cyber campaign targeting the heart of French digital infrastructure. ANSSI, France’s national cybersecurity agency, has exposed a Chinese-linked ...
Psychological Manipulation and AI Fraud: How Spain Exposed a $12M Scam
July 4, 2025
In this episode, we examine a growing threat reshaping financial crime in Europe: sophisticated, technology-driven investment fraud. Spanish law enforcement has recently dismantled a fraud ...
CVE-2025-20309: Critical Cisco Root Access Flaw Threatens VoIP Security
July 4, 2025
A devastating vulnerability—CVE-2025-20309—has been discovered in Cisco’s Unified Communications Manager (Unified CM) and its Session Management Edition (SME), threatening the security of over a thousand ...
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
July 4, 2025
IdeaLab confirms ransomware attackers stole sensitive employee and contractor data in a 2024 breach. Hunters International claimed responsibility and leaked 137,000 files on the dark ...
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
July 4, 2025
Kelly Benefits confirms 2024 breach exposed personal data of 553,660 individuals, affecting 46 organizations. Stolen info includes SSNs, medical records, and financial data.
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
July 4, 2025
Esse Health confirms cyberattack exposed data of 263,601 patients, including medical record and insurance info, after system disruptions in April. Investigation suggests possible ransomware involvement. ...
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
July 4, 2025
Spanish police arrest two hackers behind cyberattacks on government and media figures, seizing devices in a national security case tied to stolen state data.
Citrix Patch for Critical NetScaler Vulnerabilities Causes Login Issues for Some Customers
July 4, 2025
Citrix warns that patches for critical NetScaler flaws may cause broken logins due to CSP conflicts. Admins must disable headers and clear cache to restore ...
Forminator Plugin Flaw Leaves 600,000+ WordPress Sites at Risk of Full Takeover
July 4, 2025
A critical vulnerability in Forminator exposes over 600,000 WordPress sites to takeover attacks. Enterprises are urged to patch immediately and review recovery strategies.
Grafana Issues Critical Security Fixes for Image Renderer Plugin and Synthetic Monitoring Agent
July 4, 2025
Grafana Labs patched critical Chromium-based vulnerabilities in its Image Renderer and Monitoring Agent. Enterprises using self-hosted deployments must update immediately to prevent remote code execution ...
Hunters International Ransomware Group Shuts Down, Offers Free Decryptors Amid Exit
July 4, 2025
Hunters International ransomware gang shuts down and releases free decryptors for victims. The group may be rebranding as an extortion-only operation under World Leaks.
Spanish Authorities Dismantle €10 Million Investment Scam Network With Fake Advisors and Crypto Portals
July 4, 2025
Spanish police arrested 21 individuals linked to a €10 million investment scam that used fake crypto platforms, call centers, and social media to defraud victims. ...
Cisco Removes Hardcoded Root Account from Unified CM to Prevent Remote Takeover
July 4, 2025
Cisco warns of critical backdoor vulnerability in Unified Communications Manager allowing root access. No workaround exists—organizations must patch immediately to prevent remote system takeover.
Fake Crypto Wallet Add-ons Flood Firefox Store in Ongoing Credential Theft Campaign
July 4, 2025
Over 40 fake Firefox extensions posing as crypto wallets are stealing seed phrases. Victims unknowingly lose funds in attacks that mimic trusted browser plugins.
Qantas Confirms Data Breach Following Cyberattack on Third-Party Platform
July 4, 2025
Qantas confirmed a cyberattack impacting six million customers. Linked to aviation-targeting threat actors, the breach highlights growing risks to identity systems and third-party platforms.
macOS Under Siege: NimDoor Malware Targets Telegram, Wallets, and Keychains
July 3, 2025
A new, highly advanced malware strain—NimDoor—has emerged as the latest cyber weapon in the arsenal of North Korean state-sponsored hackers, specifically targeting macOS systems used ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited