Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
beWanted Exposes Personal Data of 1.1 Million Job Seekers Across Europe and Latin America
News
beWanted Exposes Personal Data of 1.1 Million Job Seekers Across Europe and Latin America
Mitchell Langley May 5, 2025
Employment platform beWanted leaked over 1.1 million CVs containing names, ID numbers, contact details, and employment history.
Nova Scotia Power Confirms Customer Data Compromised in Cyberattack
News
Nova Scotia Power Confirms Customer Data Compromised in Cyberattack
Andrew Doyle May 2, 2025
Nova Scotia Power confirms personal customer data was stolen in a cyberattack on April 25, though electricity services remain unaffected as the investigation continues.
Malicious PyPI Packages Exploit Gmail and WebSockets to Hijack Systems
News
Malicious PyPI Packages Exploit Gmail and WebSockets to Hijack Systems
Mitchell Langley May 2, 2025
Seven malicious PyPI packages exploited Gmail and WebSockets for remote command execution and data theft, with some packages downloaded over 18,000 times.
iHeartMedia Breach Exposes Personal Data Including SSNs and Passport Numbers
News
iHeartMedia Breach Exposes Personal Data Including SSNs and Passport Numbers
Mitchell Langley May 2, 2025
iHeartMedia confirmed a December data breach exposing names, Social Security, and passport numbers from local station systems. The company is offering identity theft protection.
Ascension Discloses Data Breach Affecting 5.6 Million Individuals
News
Ascension Discloses Data Breach Affecting 5.6 Million Individuals
Andrew Doyle May 2, 2025
Ascension, a major U.S. healthcare provider, confirmed a ransomware breach affecting 5.6 million individuals, compromising medical, financial, and personal data.
Harrods Confirms Cyberattack Amid Growing Wave Targeting UK Retail Sector
News
Harrods Confirms Cyberattack Amid Growing Wave Targeting UK Retail Sector
Andrew Doyle May 2, 2025
Harrods joins M&S and Co-op as the latest UK retailer targeted in a cyberattack, prompting immediate security measures amid a surge in retail-focused intrusions.
Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack
News
Hitachi Vantara Takes Servers Offline Following Akira Ransomware Attack
Mitchell Langley April 30, 2025
Hitachi Vantara shut down servers to contain an Akira ransomware attack that disrupted systems and led to stolen data across corporate and government-related operations.
Vulnerability Alert - 30th April, 2025
CVE Vulnerability Alerts
Vulnerability Alert – 30th April, 2025
Gabby Lee April 30, 2025
Staying ahead of emerging cyber threats requires continuous monitoring of newly disclosed vulnerabilities, exploitation trends, and post-compromise behaviors. This page ...
Fighting AI with AI Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
Blog
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
Gabby Lee April 30, 2025
The rise of AI-driven cyberattacks necessitates a proactive approach. This blog explores how AI can combat AI cybersecurity threats, highlighting its benefits and risks ...
MTN Ghana Data Breach Impacts 5,700 Customers, Investigation Underway
News
MTN Ghana Data Breach Impacts 5,700 Customers, Investigation Underway
Andrew Doyle April 30, 2025
MTN Ghana confirms a data breach affecting 5,700 customers, with investigations ongoing and direct outreach underway to mitigate potential risks and prevent further exposure.
M&S Cyberattack Halts Online Sales, Triggers Major Financial Impact
News
M&S Cyberattack Halts Online Sales, Triggers Major Financial Impact
Mitchell Langley April 30, 2025
Marks & Spencer suspended online orders after a cyberattack over Easter weekend caused major disruptions, wiping £500 million off its stock and impacting daily sales. ...
CISA Flags Broadcom, CommVault, and Active! Mail Vulnerabilities as Actively Exploited
News
CISA Flags Broadcom, CommVault, and Active! Mail Vulnerabilities as Actively Exploited
Mitchell Langley April 30, 2025
CISA adds Broadcom, CommVault, and Active! Mail vulnerabilities to KEV catalog following active exploitation reports, urging immediate patching by enterprise and critical infrastructure operators.
SK Telecom Offers Free SIM Replacements After Malware Breach Impacts USIM Data
News
SK Telecom Offers Free SIM Replacements After Malware Breach Impacts USIM Data
Andrew Doyle April 30, 2025
SK Telecom is replacing SIM cards for 25 million users after a malware breach exposed USIM data. Supply limits restrict replacements to 6 million by ...
27 Million Records Allegedly Leaked from French Retailer Boulanger
Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
Andrew Doyle April 29, 2025
Personal data linked to over 27 million customer records of French electronics giant Boulanger has been leaked on a public ...
Over 1,200 SAP NetWeaver Servers Exposed to Actively Exploited Critical Vulnerability
News
Over 1,200 SAP NetWeaver Servers Exposed to Actively Exploited Critical Vulnerability
Mitchell Langley April 29, 2025
A critical SAP NetWeaver flaw (CVE-2025-31324) is being actively exploited. Over 1,200 servers are exposed, with hundreds already compromised by remote webshell deployments.
Marks & Spencer Cyberattack Tied to Scattered Spider Ransomware Group
News
Marks & Spencer Cyberattack Tied to Scattered Spider Ransomware Group
Mitchell Langley April 29, 2025
Marks & Spencer is battling an ongoing outage caused by Scattered Spider ransomware attackers, who breached its systems, stole password data, and encrypted virtual machines. ...
VeriSource Confirms Data Breach Impacted 4 Million People After Year-Long Investigation
News
VeriSource Confirms Data Breach Impacted 4 Million People After Year-Long Investigation
Andrew Doyle April 29, 2025
VeriSource Confirms Data Breach Impacted 4 Million People After Year-Long Investigation
Darcula: AI-Enhanced Phishing Platform Targets Users Worldwide
News
Darcula: AI-Enhanced Phishing Platform Targets Users Worldwide
Mitchell Langley April 29, 2025
The Darcula phishing platform has been upgraded with AI, enabling cybercriminals to quickly generate multilingual phishing scams and harvest user credentials on a global scale. ...
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
News
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
Andrew Doyle April 28, 2025
Researchers uncovered a major AI vulnerability allowing attackers to bypass safeguards with a single prompt, gaining control over AI systems to generate dangerous content.
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Cybersecurity
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Andrew Doyle April 28, 2025
Cybersecurity myths are more dangerous than you think. Here are 13 common myths that are silently sabotaging your security—and what to do instead.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
CVE-2025-20309: Critical Cisco Root Access Flaw Threatens VoIP Security
July 4, 2025
Podcasts
macOS Under Siege: NimDoor Malware Targets Telegram, Wallets, and Keychains
July 3, 2025
Podcasts
Cisco Unified CM Vulnerability: Root Access Risk for Enterprise VoIP Networks
July 3, 2025

Cyber Security News

Inside Job CrowdStrike Hacked by Insider Leaking Screenshots
Cybersecurity
Inside Job: CrowdStrike Hacked by Insider Leaking Screenshots
November 23, 2025
CISA Recognizes Oracle Fusion Middleware Flaw in Exploited Vulnerabilities Catalog
CVE Vulnerability Alerts
CISA Recognizes Oracle Fusion Middleware Flaw in Exploited Vulnerabilities Catalog
November 23, 2025
Tsundere Botnet Expands Stealthily to Target Windows Users With JavaScript Malware
Application Security
Tsundere Botnet Expands Stealthily to Target Windows Users With JavaScript Malware
November 21, 2025
Fired IT Contractor Used PowerShell Script to Lock Thousands of Workers Out of Accounts
Cybersecurity
Fired IT Contractor Used PowerShell Script to Lock Thousands of Workers Out of Accounts
November 21, 2025
Salesforce Investigates Targeted Data Theft Attacks Linked to Gainsight Apps
Application Security
Salesforce Investigates Targeted Data Theft Attacks Linked to Gainsight Apps
November 21, 2025
Salesforce Discloses New Third-Party Breach Potentially Tied to ShinyHunters
Data Security
Salesforce Discloses New Third-Party Breach Potentially Tied to ShinyHunters
November 21, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Cisco Unified CM Vulnerability: Root Access Risk for Enterprise VoIP Networks
July 3, 2025
A newly disclosed vulnerability—CVE-2025-20309—in Cisco’s Unified Communications Manager (Unified CM) and Session Management Edition has sent shockwaves through enterprise VoIP and IT security teams. The ...
Forminator Flaw Exposes WordPress Sites to Takeover Attacks: Vulnerability Threatens 600,000+ Sites
July 3, 2025
A critical new WordPress vulnerability—CVE-2025-6463—has been discovered in the widely used Forminator plugin, affecting over 600,000 active installations and putting hundreds of thousands of websites ...
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
July 3, 2025
Stormous ransomware is a pro-Russian ransomware gang using double extortion and RaaS tools to target global enterprises, especially in the U.S., Ukraine, and Europe.
Kelly Benefits Breach: Over 550,000 Victims and the Rising Identity Theft Crisis
July 3, 2025
In one of the latest large-scale data breaches to hit the U.S. private sector, Kelly Benefits, a provider of payroll and benefits administration services, disclosed ...
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
July 2, 2025
Explore how hospitality businesses can defend against hotel cyber attacks, summer cyber threats, and guest data breaches with smart cybersecurity strategies tailored for the industry. ...
FileFix, HTA, and MotW Bypass—The Alarming Evolution of HTML-Based Attacks
July 2, 2025
A newly disclosed exploit dubbed FileFix is redefining how attackers bypass Microsoft Windows’ built-in security protections—specifically the Mark-of-the-Web (MotW) mechanism. Developed and detailed by security ...
Critical Flaws in Microsens NMP Web+ Threaten Industrial Network Security
July 2, 2025
In a major red flag for the industrial cybersecurity community, three newly disclosed vulnerabilities in Microsens NMP Web+, a popular network management solution used across ...
Sophisticated Cyberattack on the International Criminal Court: Justice in the Crosshairs
July 2, 2025
The International Criminal Court (ICC), the world’s foremost tribunal for prosecuting war crimes, genocide, and crimes against humanity, has confirmed yet another sophisticated cyberattack, highlighting ...
Qantas Data Breach: Third-Party Hack Exposes Millions of Frequent Flyers
July 2, 2025
In a stark reminder of the aviation industry’s growing exposure to cyber threats, Australian airline Qantas recently confirmed a serious data breach—this time not from ...
International Criminal Court Investigates Another Sophisticated Cyberattack
July 2, 2025
The International Criminal Court confirms a second cyberattack in two years, citing a sophisticated breach and ongoing threats targeting its global judicial infrastructure.
Aeza Group Sanctioned by U.S. Treasury for Enabling Cybercriminal Infrastructure
July 2, 2025
The U.S. Treasury sanctioned Aeza Group for hosting ransomware and malware infrastructure used by threat groups like BianLian, RedLine, and darknet marketplace BlackSprut.
Berlin Regulator Targets DeepSeek AI Over Data Transfers to China
July 1, 2025
Germany’s battle over digital sovereignty and data privacy has intensified, with the Berlin Commissioner for Data Protection formally requesting that Google and Apple remove the ...
CISA Flags Citrix NetScaler Flaws: What CVE-2025-6543 Means for Federal and Private Networks
July 1, 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added multiple Citrix NetScaler vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog—an urgent signal for federal ...
Cato Networks Secures $359M to Fuel AI-Powered SASE Expansion
July 1, 2025
Cato Networks just raised $359 million in Series G funding, pushing its valuation past $4.8 billion and its total funding beyond the $1 billion mark—a ...
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
July 1, 2025
Europol dismantles a $540 million crypto investment fraud ring targeting thousands across borders. The syndicate used AI tools, shell companies, and crypto wallets for laundering. ...
FBI Issues Alert as Cybercriminals Impersonate Health Fraud Investigators to Steal Patient Data
July 1, 2025
FBI warns of cybercriminals impersonating health fraud investigators to steal sensitive medical data. Fraudulent emails and texts are targeting patients and providers nationwide.
Johnson Controls Begins Notifying Individuals Impacted by 2023 Ransomware Attack
July 1, 2025
Johnson Controls is notifying individuals impacted by a 2023 ransomware attack that exposed data and disrupted global operations. Dark Angels ransomware group is believed responsible. ...
Ransomware Attack on Swiss Government Vendor Leads to Massive Data Leak
July 1, 2025
Switzerland confirms government data was stolen in a ransomware attack on Radix. Leaked records include documents, contracts, and communications now circulating on the dark web. ...
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
July 1, 2025
Europol dismantles a $540 million crypto investment fraud ring targeting thousands across borders. The syndicate used AI tools, shell companies, and crypto wallets for laundering. ...
Canada Orders Hikvision to Shut Down National Operations Over Security Concerns
July 1, 2025
Canada orders Hikvision to shut down operations after a national security review. Government bans all public sector use of Hikvision surveillance equipment nationwide.
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited