Main Menu
Cyber Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Autovista Battles Ransomware Attack Across Europe and Australia
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Basic-Fit Data Breach Exposes Personal Information of One Million Members
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
Scattered Spider Ramps Up VMware ESXi Attacks Targeting U.S. Enterprise Virtual Infrastructure
News
Scattered Spider Ramps Up VMware ESXi Attacks Targeting U.S. Enterprise Virtual Infrastructure
Mitchell Langley July 28, 2025
Scattered Spider hackers are compromising VMware ESXi infrastructure through social engineering, enabling full control and ransomware deployment without exploiting any software vulnerabilities.
Allianz Life Data Breach Exposes Information of Over 1 Million Customers
News
Allianz Life Data Breach Exposes Information of Over 1 Million Customers
Andrew Doyle July 28, 2025
A recent data breach at Allianz Life compromised personal data of most of its 1.4 million customers via a third-party CRM system, possibly tied to ...
Amazon Q Developer Extension Compromised to Include Data-Wiping Commands
News
Amazon Q Developer Extension Compromised to Include Data-Wiping Commands
Mitchell Langley July 28, 2025
A hacker breached Amazon's AI coding assistant for Visual Studio Code, injecting data-wiping instructions before detection. A patched version was released following security reports.
Philadelphia Insurance Companies Reports Personal Data Breach After June Cyber Incident
News
Philadelphia Insurance Companies Reports Personal Data Breach After June Cyber Incident
Mitchell Langley July 28, 2025
Philadelphia Insurance Companies has confirmed a personal data breach involving driver’s license numbers and birth dates following a June cyberattack that disrupted multiple insurers.
Fog Ransomware: Data in the Mist
Resources
Fog Ransomware: Data in the Mist
Mitchell Langley July 24, 2025
Fog ransomware, a prolific and secretive threat actor, targets organizations globally, deploying sophisticated multi-stage attacks resulting in data encryption and exfiltration. Victims span various sectors. ...
Chinese Espionage Groups Target SharePoint Servers in Large-Scale Exploitation Campaigns
News
Chinese Espionage Groups Target SharePoint Servers in Large-Scale Exploitation Campaigns
Andrew Doyle July 23, 2025
Microsoft links SharePoint attacks to three Chinese espionage groups, urging immediate patching as critical vulnerabilities enable full server compromise without authentication.
Interlock Ransomware Escalates Attacks on North America and Europe, Warns CISA
News
Interlock Ransomware Escalates Attacks on North America and Europe, Warns CISA
Mitchell Langley July 23, 2025
CISA and FBI warn that Interlock ransomware is accelerating attacks across North America and Europe, targeting healthcare and critical infrastructure with advanced RATs and extortion ...
Scammers Exploit Net Financing and Corporate Identities to Steal High-Value Tech Equipment
News
Scammers Exploit Net Financing and Corporate Identities to Steal High-Value Tech Equipment
Andrew Doyle July 23, 2025
Scammers posing as real businesses use stolen corporate identities and net financing to order expensive equipment—vanishing with goods before invoices come due.
AMEOS Healthcare Network Confirms Cyberattack, Patient and Employee Data Potentially Exposed
News
AMEOS Healthcare Network Confirms Cyberattack, Patient and Employee Data Potentially Exposed
Mitchell Langley July 23, 2025
AMEOS Group, a leading healthcare provider in Central Europe, has confirmed a data breach affecting patients, employees, and partners. Investigation and containment measures are ongoing. ...
Naval Group Suffers Cyberattack: Hackers Claim Access to French Warship Combat Systems
News
Naval Group Suffers Cyberattack: Hackers Claim Access to French Warship Combat Systems
Mitchell Langley July 23, 2025
Naval Group, France’s top warship builder, is allegedly breached by hackers claiming access to combat systems source code, raising serious national security concerns.
Ransomware Attack Destroys 158-Year-Old Firm After Weak Password Breach
News
Ransomware Attack Destroys 158-Year-Old Firm After Weak Password Breach
Andrew Doyle July 22, 2025
A weak employee password allowed ransomware hackers to cripple 158-year-old logistics firm KNP, causing 700 job losses and highlighting the growing threat of ransomware attacks. ...
Veeam Recovery Orchestrator Locks Out Users After MFA Rollout in Faulty Update
News
Veeam Recovery Orchestrator Locks Out Users After MFA Rollout in Faulty Update
Andrew Doyle July 22, 2025
Veeam Recovery Orchestrator's latest update causes user lockouts after enabling MFA. A fix is available, but affected users must contact support for remediation.
Termite Ransomware: The Silent Invader
Resources
Termite Ransomware: The Silent Invader
Gabby Lee July 22, 2025
Termite ransomware, active since at least late 2024, targets high-profile organizations. Recent victims include Blue Yonder and Zschimmer & Schwarz, highlighting its broad reach and ...
Ransomware-as-a-Service (RaaS) The Industrialization of Cybercrime and What Enterprises Must Do
Blog
Ransomware-as-a-Service (RaaS): The Industrialization of Cybercrime and What Enterprises Must Do
Andrew Doyle July 22, 2025
Ransomware-as-a-Service (RaaS) enables cybercriminals to launch attacks at scale. Learn how it works, why it’s dangerous, and how enterprises can defend and recover effectively.
California Engineer Admits to Stealing U.S. Missile Detection Secrets for China
News
California Engineer Admits to Stealing U.S. Missile Detection Secrets for China
Mitchell Langley July 22, 2025
A California engineer admitted to stealing top-secret U.S. missile tracking technology and funneling it to China, exposing a deep insider espionage operation.
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
News
Ring Users Alarmed by Suspicious Device Logins: Amazon Blames Backend Bug, Not Breach
Mitchell Langley July 22, 2025
A backend glitch at Ring caused customers to see unknown devices logged into their accounts, but Amazon insists there’s been no security breach or unauthorized ...
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
News
ExpressVPN Flaw Exposed Real IPs During Remote Desktop Sessions on Windows
Mitchell Langley July 22, 2025
A bug in ExpressVPN's Windows client leaked real IP addresses during RDP sessions. The issue, now fixed, affected traffic over port 3389 outside the VPN ...
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
News
Dior Confirms U.S. Customer Data Compromised in Global Cybersecurity Breach
Andrew Doyle July 22, 2025
Dior is alerting U.S. customers about a data breach that exposed personal data. The cyberattack, linked to ShinyHunters, targeted LVMH brands via a third-party vendor. ...
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
News
Arch Linux Removes Malicious AUR Packages That Deployed Chaos RAT Malware
Andrew Doyle July 21, 2025
Arch Linux pulled three AUR packages after discovering they delivered Chaos RAT malware through a malicious GitHub script, compromising Linux systems via community-sourced PKGBUILD files. ...
New CrushFTP Zero-Day Exploit Enables Admin Access on Unpatched Servers
News
New CrushFTP Zero-Day Exploit Enables Admin Access on Unpatched Servers
Mitchell Langley July 21, 2025
CrushFTP warns of an actively exploited zero-day vulnerability (CVE-2025-54309) allowing full admin access via web interface on unpatched servers running outdated builds.
Cybersecurity
Threat Actors Are Ramping Up Microsoft Teams Exploitation for Network Access
Gabby Lee April 21, 2026
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
Cybersecurity
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
Gabby Lee April 21, 2026
News
Seiko USA Faces Ransom Threat After Website Defacement
Mitchell Langley April 21, 2026
Autovista Battles Ransomware Attack Across Europe and Australia
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
Gabby Lee April 16, 2026

TOP CYBERSECURITY HEADLINES

CVE Vulnerability Alerts
Severe Command Injection Flaw Discovered in SGLang
Cybersecurity
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
News
Seiko USA Faces Ransom Threat After Website Defacement
Cybersecurity
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist

This Week’s Security Spotlight

Application Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Mitchell Langley April 21, 2026
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Andrew Doyle April 16, 2026
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Cybersecurity
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Gabby Lee April 16, 2026
France's Rising Kidnapping Cases Amid Crypto Extortion Schemes
Cybersecurity
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Mitchell Langley April 16, 2026
More In News
Trending
APT28 Deploys PRISMEX Malware Against Ukraine and Its Allies
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Bogus Traffic Violation Text Scam Targeting Americans

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Berlin Regulator Targets DeepSeek AI Over Data Transfers to China
July 1, 2025
Podcasts
CISA Flags Citrix NetScaler Flaws: What CVE-2025-6543 Means for Federal and Private Networks
July 1, 2025
Podcasts
Cato Networks Secures $359M to Fuel AI-Powered SASE Expansion
July 1, 2025

Cyber Security News

Belgian Hospital Cyberattack Forces Operational Halt and Patient Transfers
Cybersecurity
Belgian Hospital Cyberattack Forces Operational Halt and Patient Transfers
January 14, 2026
Adobe's Latest Security Patches Address Critical Vulnerabilities in ColdFusion
Application Security
Adobe’s Latest Security Patches Address Critical Vulnerabilities in ColdFusion
January 14, 2026
Central Maine Healthcare Data Breach Sensitive Information of Over 145,000 at Risk
Data Security
Central Maine Healthcare Data Breach: Sensitive Information of Over 145,000 at Risk
January 14, 2026
Microsoft Enhances Secure Boot Certificates for Windows 11
Application Security
Microsoft Enhances Secure Boot Certificates for Windows 11
January 14, 2026
CISO Strategies for 2026 Navigating Future Cybersecurity Challenges
Cybersecurity
CISO Strategies for 2026: Navigating Future Cybersecurity Challenges
January 13, 2026
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
Cybersecurity
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
January 13, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
LG Hai Phong Earns CSMS Level 3 Certification at Its Largest Vehicle Component Base
August 20, 2025
LG’s Hai Phong plant earned CSMS Level 3 Certification from TÜV Rheinland, the first facility to hold both Level 2 and Level 3 simultaneously, validating ...
XenoRAT Malware Campaign Targets Embassies in South Korea
August 20, 2025
A multi-stage espionage campaign using XenoRAT malware has targeted foreign embassies in South Korea, with evidence linking the activity to both North Korean and Chinese ...
SentinelOne Expands Partnership With Mimecast to Advance People-Focused Cybersecurity
August 20, 2025
SentinelOne and Mimecast deepen integration, pairing Singularity endpoint telemetry with Human Risk Management to prioritize people-focused cybersecurity and reduce human-caused breaches.
Inotiv Ransomware Attack Disrupts Operations After Qilin Claims 176GB Data Theft
August 19, 2025
Inotiv confirms a ransomware attack encrypted systems and data, disrupting operations. SEC filing cites Qilin claims of 176GB theft as investigators restore and assess impact.
Researcher Harvests 270k Employee Records Exploiting Intel Flaw
August 19, 2025
Researcher Eaton Zveare found four flaws that exposed 270,000 Intel employee records via unauthenticated APIs and hardcoded credentials, then received only an automated “Thank You ...
How Social Engineering and Vendor Weaknesses Led to Allianz Life’s Massive Breach
August 19, 2025
In July 2025, Allianz Life Insurance Company of North America confirmed a data breach impacting over 1.1 million customers, financial professionals, and employees—a stark reminder ...
Cloud Computing Heist: $3.5 Million Fraud Leads to Prison for Fake Crypto Influencer
August 19, 2025
The U.S. Department of Justice has closed the chapter on one of the most audacious cloud fraud and cryptojacking schemes in recent years. Charles O. ...
Lexington-Richland 5 Data Breach Exposes Students’ Names, Addresses and SSNs
August 19, 2025
Lexington-Richland 5 says former students’ names, addresses and Social Security numbers were posted on a threat-actor forum after a June breach; notifications and monitoring offered.
Panera Agrees to $2.5M Settlement After 2024 Data Breach
August 19, 2025
Panera agrees to a $2.5 million settlement after a February 2024 cyber incident; about 147,321 eligible claimants can seek documented or tiered payments.
IBM Finds “AI Oversight Gap” in Organizations That Suffered AI-Related Breaches
August 19, 2025
IBM reports 97% of organisations in AI-related breaches lacked AI access controls; shadow AI added $670,000 to average breach costs while defensive AI sped containment.
Embassy Espionage: Kimsuky and Suspected Chinese Partners Deploy XenoRAT in Seoul
August 19, 2025
A new wave of state-sponsored cyber espionage is sweeping across South Korea, targeting foreign embassies through highly tailored, multi-stage spearphishing campaigns. Security researchers at Trellix ...
GSMA Confirms Flaws: Researchers Unveil Dangerous 5G Sniffing and Injection Attack
August 19, 2025
A groundbreaking security study from the Singapore University of Technology and Design has revealed a major vulnerability in 5G networks that allows attackers to bypass ...
PayPal Denies Breach Amid 16M Login Leak on Dark Web
August 19, 2025
A forum post claims 15.8 million PayPal credentials were leaked; PayPal says the data ties to a 2022 incident. Researchers could not verify the full ...
SAP NetWeaver Under Siege: New Exploit Chains Threaten Global Enterprises
August 19, 2025
SAP NetWeaver, one of the world’s most critical enterprise platforms, is under active attack from both ransomware groups and state-backed hackers. A newly released exploit ...
NIST Proposes AI Cybersecurity Overlays to Secure Generative and Predictive Systems
August 19, 2025
The National Institute of Standards and Technology (NIST) has released a concept paper proposing control overlays to secure artificial intelligence (AI) systems, including generative and ...
Microsoft Opens Inquiry After Reports Israel Used Azure for Mass Surveillance
August 19, 2025
Microsoft probes allegations Unit 8200 used Azure to store millions of Palestinian call recordings. The company says mass surveillance of civilians would violate Azure terms.
Ransomware Gangs Deploy Kernel-Level EDR Killers to Evade Detection
August 18, 2025
Ransomware gangs are no longer just encrypting files and demanding payment—they are actively targeting the very defenses meant to stop them. Recent reports reveal a ...
Chinese APTs Target Taiwan: UAT-7237’s SoundBill Loader and Gelsemium’s FireWood Backdoor
August 18, 2025
Taiwan continues to face an unprecedented wave of cyberattacks, with new intelligence exposing two distinct but sophisticated campaigns linked to Chinese threat actors. Together, they ...
Colt Cyberattack: Multi-Day Outages After WarLock Ransomware Exploited SharePoint Zero-Day
August 18, 2025
Colt Technology Services, a major UK-based telecommunications provider with operations in over 40 countries, has confirmed that the WarLock ransomware group is behind the cyberattack ...
Workday Breach Tied to Third-Party CRM Hack in ShinyHunters Campaign
August 18, 2025
Workday, one of the world’s leading providers of human resources and financial management software, has confirmed a data breach that exposed business contact information through ...
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Seiko USA Faces Ransom Threat After Website Defacement
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Threat Actors Repurpose Tycoon 2FA Tools in New Phishing Schemes
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
Phishing Scams Are Now Exploiting Apple’s Trusted Email Servers
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest