Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Cybersecurity
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Andrew Doyle April 23, 2025
Varonis researchers reveal Cookie-Bite, a proof-of-concept Chrome extension attack that steals Azure Entra ID session cookies to bypass MFA and access Microsoft 365 services.
SK Telecom Malware Incident Targets USIM Customer Data
News
SK Telecom Malware Incident Targets USIM Customer Data
Andrew Doyle April 23, 2025
SK Telecom has disclosed a malware attack that exposed sensitive USIM data, prompting swift containment, investigation, and enhanced security measures for its 34 million subscribers. ...
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
News
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
Mitchell Langley April 23, 2025
Baltimore City Public Schools confirms 25,000 people were impacted by a February ransomware attack that exposed sensitive employee and student information, including identification documents.
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
News
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
Andrew Doyle April 23, 2025
A zero-day flaw in Active! Mail is under active exploitation in Japan, affecting major providers and exposing data across enterprise, education, and government sectors.
Ad Fraud Operation 'Scallywag' Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Cybersecurity
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Mitchell Langley April 22, 2025
The Scallywag ad fraud network used WordPress plugins to generate 1.4 billion daily ad requests, monetizing piracy and redirect sites before being dismantled.
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Cybersecurity
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Gabby Lee April 22, 2025
The FBI warns of a scam where criminals impersonate IC3 officials, targeting prior fraud victims with false promises of fund recovery to steal financial information. ...
Abilene, Texas Shuts Down City Systems Following Cyberattack
News
Abilene, Texas Shuts Down City Systems Following Cyberattack
Mitchell Langley April 22, 2025
Abilene, Texas has taken key systems offline after a cyberattack. City services are disrupted but emergency response remains intact. Investigation and recovery efforts continue.
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
News
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
Mitchell Langley April 22, 2025
Google confirms a phishing campaign targeting Gmail users that abused DKIM and Google Sites to send spoofed legal requests and steal user credentials undetected.
Imaflex Inc. Data Breach Exposes Personal and Employment Data
News
Imaflex Inc. Data Breach Exposes Personal and Employment Data
Andrew Doyle April 22, 2025
Imaflex Inc. Data Breach Exposes Personal and Employment Data: Legal Investigation Underway Imaflex Inc. has disclosed a data breach that exposed sensitive personal and employment-related ...
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
Resources
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
Andrew Doyle April 22, 2025
Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance, for financial gain and potential ...
Cybersecurity Newsletter
This Week In Cybersecurity: April 1st to 5th, 2025
Andrew Doyle April 21, 2025
This week in cybersecurity covers a range of incidents, including the shutdown of openSNP over privacy concerns, a data breach affecting 173,000 patients, and a ...
This Week In Cybersecurity: 03rd March to 07th March
Cybersecurity Newsletter
This Week In Cybersecurity: March 3rd to 7th, 2025
Gabby Lee April 21, 2025
This Week in Cybersecurity: Data Breaches, Ransomware, Threat Actors, Ransomware Protection and more!
Ransomware Victims on Dark Web – 10th March, 2025
News
Ransomware Victims on Dark Web – 10th March, 2025
Mitchell Langley April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware Victims
Ransomware Victims on Dark Web – 05th March, 2025
Gabby Lee April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. ...
Ransomware Victims on Dark Web – 06th March, 2025
Ransomware Victims
Ransomware Victims on Dark Web – 06th March, 2025
Mitchell Langley April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. ...
Remote Desktop Protocol (RDP) A Double-Edged Sword for IT Teams
Blog
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Andrew Doyle April 21, 2025
Secure your Remote Desktop Protocol (RDP) with these essential tips. Learn how to mitigate risks and protect your systems from cyberattacks targeting RDP vulnerabilities.
MGM Resorts to Pay $45 Million in Data Breach Settlement Covering 2019 and 2023 Incidents
News
MGM Resorts to Pay $45 Million in Data Breach Settlement Covering 2019 and 2023 Incidents
Mitchell Langley April 21, 2025
MGM Resorts will pay $45 million to settle a lawsuit over data breaches in 2019 and 2023, offering up to $75 per affected individual.
Attackers Abuse Google OAuth in Sophisticated DKIM Replay Phishing Scheme
News
Attackers Abuse Google OAuth in Sophisticated DKIM Replay Phishing Scheme
Andrew Doyle April 21, 2025
Attackers exploited Google’s OAuth and DKIM signing process to send phishing emails that appeared authentic, bypassing traditional security checks and targeting unsuspecting recipients.
New Android Malware 'SuperCard X' Enables NFC Relay Attacks for Payment Card Theft
News
New Android Malware ‘SuperCard X’ Enables NFC Relay Attacks for Payment Card Theft
Mitchell Langley April 21, 2025
A new Android malware called SuperCard X enables NFC relay attacks by stealing card data via fake banking support calls and emulating it on attacker ...
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Critical Flaws in Microsens NMP Web+ Threaten Industrial Network Security
July 2, 2025
Podcasts
Sophisticated Cyberattack on the International Criminal Court: Justice in the Crosshairs
July 2, 2025
Podcasts
Qantas Data Breach: Third-Party Hack Exposes Millions of Frequent Flyers
July 2, 2025

Cyber Security News

Palo Alto Networks to Acquire Chronosphere in $3.35 Billion Cloud Observability Deal
Cybersecurity
Palo Alto Networks to Acquire Chronosphere in $3.35 Billion Cloud Observability Deal
November 21, 2025
Rising DevOps Threats Drive Urgent Need for Automated Repository Backups
Application Security
Rising DevOps Threats Drive Urgent Need for Automated Repository Backups
November 21, 2025
Mate Raises $15.5 Million to Launch Enterprise-Focused Cloud Security Platform
Cybersecurity
Mate Raises $15.5 Million to Launch Enterprise-Focused Cloud Security Platform
November 21, 2025
Secure.com Launches AI-Powered Digital Security Teammate After $4.5M Seed Funding
Cybersecurity
Secure.com Launches AI-Powered Digital Security Teammate After $4.5M Seed Funding
November 21, 2025
U.S., U.K., and Australia Sanction Russian Bulletproof Hosting Providers Supporting Ransomware
Cybersecurity
U.S., U.K., and Australia Sanction Russian Bulletproof Hosting Providers Supporting Ransomware
November 21, 2025
Operation WrtHug Compromises ASUS Routers in Global Botnet Expansion
Endpoint Security
Operation WrtHug Compromises ASUS Routers in Global Botnet Expansion
November 21, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
OneClik Cyberattack Campaign Targets Energy Sector Using Microsoft ClickOnce and AWS
June 26, 2025
A sophisticated cyber-espionage campaign named OneClik is actively targeting energy, oil, and gas organizations using a combination of legitimate cloud infrastructure and novel attack techniques. ...
Zero-Day Level Cisco ISE Flaws: Urgent Patch Required for Enterprise Security
June 26, 2025
Cisco has disclosed two critical security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products, both earning a maximum CVSS ...
Bonfy.AI Launches $9.5M Adaptive Content Security Platform to Govern AI and Human Data
June 26, 2025
In a major development at the intersection of cybersecurity and AI governance, Israeli startup Bonfy.AI has officially launched its adaptive content security platform, backed by ...
Central Kentucky Radiology’s 2024 Data Breach Affects 167,000
June 26, 2025
In October 2024, Central Kentucky Radiology (CKR), a Lexington-based imaging provider, became the latest victim of a growing trend in healthcare cyberattacks. An unauthorized actor ...
Why External Attack Surface Management Belongs at the Core of Your Cybersecurity Strategy
June 26, 2025
Discover why External Attack Surface Management (EASM) is vital for modern digital risk protection and how it enhances visibility, threat detection, and cyber resilience strategies. ...
Pro-Russian Hackers Disrupt Dutch Government Websites Amid Heightened NATO Security
June 26, 2025
Pro-Russian hacker group NoName057(16) claims responsibility for a DDoS attack that disrupted Dutch municipal websites during the NATO Summit’s peak security deployment.
OneClik Campaign Exploits Microsoft ClickOnce and AWS to Breach Energy and Industrial Networks
June 26, 2025
A stealthy malware campaign abuses Microsoft ClickOnce and AWS services to deploy Golang-based RunnerBeacon backdoors targeting energy and industrial organizations with advanced evasion techniques.
French Authorities Arrest BreachForums v2 Operators Behind Global Data Theft Campaigns
June 26, 2025
French police arrest BreachForums v2 operators, including ShinyHunters and IntelBroker, tied to major global and national data breaches affecting millions of users and enterprises.
Hacker ‘IntelBroker’ Indicted in $25M Global Data Theft Campaign
June 26, 2025
British hacker ‘IntelBroker’ charged by U.S. authorities for stealing and selling sensitive data worldwide, causing $25 million in damage to governments and global enterprises.
CISA Confirms Active Exploitation of Critical AMI MegaRAC BMC Vulnerability Enabling Remote Server Hijack
June 26, 2025
CISA confirms that a critical vulnerability in AMI MegaRAC BMC firmware is being exploited to hijack servers remotely, prompting urgent patching across government and enterprise ...
Columbia University Struggles to Restore Services Following Suspected Cyberattack
June 26, 2025
Columbia University is working to restore critical systems following a suspected cyberattack that has caused widespread outages, impacting thousands of students and faculty.
U.S. Government Pushes Back on Meta: WhatsApp Labeled a High-Risk App
June 25, 2025
The U.S. House of Representatives has officially banned the use of WhatsApp on all House-managed devices, citing significant data security risks. This move places WhatsApp ...
How Cyberattacks on Mainline Health and Select Medical Exposed Over 200,000 Patients
June 25, 2025
The healthcare industry is facing a relentless wave of cyber threats, as demonstrated by two recent breaches impacting Mainline Health Systems and Select Medical Holdings. ...
Scattered Spider: The Threat You Think You Know
June 25, 2025
Scattered Spider isn’t a single group but a sprawling web of identity-based attackers exploiting help desks, MFA gaps, and cloud admin tools to breach enterprises. ...
New FileFix Attack Exploits Windows File Explorer to Deliver Stealthy Commands
June 25, 2025
A researcher has revealed a new FileFix attack that abuses Windows File Explorer’s address bar to stealthily execute commands, expanding on previous ClickFix phishing techniques. ...
Trojanized SonicWall NetExtender Client Targets VPN Credentials via Spoofed Sites
June 25, 2025
SonicWall and Microsoft have discovered a trojanized version of the NetExtender VPN client being distributed via spoofed websites, stealing remote access credentials from unsuspecting users. ...
Two Healthcare Data Breaches Expose Over 220,000 Records at Mainline Health and Select Medical
June 25, 2025
Mainline Health and Select Medical Holdings have disclosed separate data breaches impacting more than 220,000 individuals, with ransomware and third-party compromise behind the incidents.
New Spear Phishing Campaign Targets Financial Executives Using Legitimate Remote Access Tools
June 25, 2025
A sophisticated spear phishing campaign is targeting CFOs and finance leaders worldwide, using legitimate tools like NetBird and OpenSSH to quietly breach enterprise networks.
The Siemens-Microsoft Antivirus Dilemma Threatening OT Security
June 25, 2025
This episode examines a serious conflict between Siemens’ Simatic PCS industrial control systems and Microsoft Defender Antivirus. The absence of an “alert only” mode in ...
Prometei Botnet’s Global Surge: A Threat to Linux and Windows Systems Alike
June 25, 2025
Prometei is one of the most persistent and sophisticated botnet threats in circulation today. First identified in 2020—and active since at least 2016—this modular malware ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited