Main Menu
Cyber Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Autovista Battles Ransomware Attack Across Europe and Australia
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Basic-Fit Data Breach Exposes Personal Information of One Million Members
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
Widespread Cyberattack Exploits Microsoft SharePoint Zero-Day, Hits U.S. Agencies and Global Targets
News
Widespread Cyberattack Exploits Microsoft SharePoint Zero-Day, Hits U.S. Agencies and Global Targets
Mitchell Langley July 21, 2025
Hackers exploited a zero-day in Microsoft SharePoint, breaching U.S. agencies, global businesses, and universities before patches were issued. Some breaches include loss of critical data. ...
Weekly Cybersecurity Newsletter: 14th to 18th August
Cybersecurity Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Andrew Doyle July 19, 2025
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
News
BigONE Crypto Exchange Hacked: $27 Million Stolen in Hot Wallet Attack
Mitchell Langley July 18, 2025
BigONE cryptocurrency exchange suffered a $27 million breach involving its hot wallet. While user funds are safe, blockchain forensics reveal ongoing laundering of stolen assets. ...
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
News
LameHug Malware Uses AI-Powered Language Model to Launch Dynamic Windows Data Theft
Andrew Doyle July 18, 2025
LameHug malware uses an AI language model to craft system commands on the fly, targeting Windows machines in attacks linked to Russian-backed APT28.
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
News
Louis Vuitton Confirms Multi-Country Data Breaches Linked to Single Cyberattack
Mitchell Langley July 18, 2025
Luxury fashion house Louis Vuitton confirmed that recent customer data breaches in the UK, South Korea, and Turkey all trace back to a single cyberattack ...
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
News
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
Mitchell Langley July 18, 2025
A critical Cisco ISE vulnerability (CVE-2025-20337) exposes systems to remote code execution and root access. Enterprises must upgrade to Patch 7 or Patch 2 immediately. ...
Chinese APT Group Salt Typhoon Breaches U.S. National Guard Network, Steals Critical Configuration Files
News
Chinese APT Group Salt Typhoon Breaches U.S. National Guard Network, Steals Critical Configuration Files
Andrew Doyle July 18, 2025
Salt Typhoon, a Chinese state-backed hacking group, quietly breached a U.S. Army National Guard network for nine months, stealing sensitive configuration files and credentials.
Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
News
Phishing Scam Costs Nebraska School District $1.8 Million in Construction Funds
Mitchell Langley July 17, 2025
A phishing email targeting a real construction project led Broken Bow Public Schools in Nebraska to mistakenly transfer $1.8 million to cybercriminals.
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US
News
Chinese Cyber-Espionage Group Infiltrates Army National Guard Network Across the US
Andrew Doyle July 17, 2025
Salt Typhoon, a Chinese cyber-espionage group, infiltrated a US state's Army National Guard network, exfiltrating sensitive data and threatening nationwide cybersecurity coordination efforts.
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
News
Chinese State-Backed Hackers Breach U.S. Army National Guard Network in Espionage Campaign
Mitchell Langley July 17, 2025
Chinese hackers known as Salt Typhoon infiltrated a U.S. state’s Army National Guard network, accessing sensitive data tied to every other state and four territories. ...
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
News
Scattered Spider-Attack Hits Co-op, Exposes Data of 6.5 Million Members
Andrew Doyle July 17, 2025
UK retailer Co-op confirms a cyberattack in April stole personal data of 6.5 million members. Threat actors linked to Scattered Spider used social engineering tactics. ...
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
News
Active-Duty U.S. Soldier Pleads Guilty to Hacking and Extortion of Telecom Giants
Mitchell Langley July 17, 2025
A 21-year-old U.S. Army soldier pleaded guilty to hacking and extorting major telecom firms using stolen credentials, SSH brute tools, SIM-swapping, and cybercrime forums.
Episource Data Breach Hits Over 5 Million Patients, Sensitive Medical and Insurance Data Potentially Exposed
News
Episource Data Breach Hits Over 5 Million Patients, Sensitive Medical and Insurance Data Potentially Exposed
Andrew Doyle July 16, 2025
A cyberattack on Episource, a UnitedHealth subsidiary, compromised the personal and medical data of over five million patients, including Social Security and health insurance details. ...
Abacus Market Disappears in Suspected Exit Scam After Handling $300 Million in Darknet Transactions
News
Abacus Market Disappears in Suspected Exit Scam After Handling $300 Million in Darknet Transactions
Mitchell Langley July 16, 2025
Abacus Market, a major darknet platform for drug trade, has abruptly gone offline, sparking suspicions of a large-scale exit scam involving millions in crypto.
DragonForce Claims Cyberattack on US Retail Giant Belk, Leaks 156GB of Sensitive Customer and Employee Data
News
DragonForce Claims Cyberattack on US Retail Giant Belk, Leaks 156GB of Sensitive Customer and Employee Data
Mitchell Langley July 16, 2025
Hackers from the DragonForce ransomware group claim to have breached US retailer Belk, leaking 156GB of customer orders, employee profiles, and mobile app data.
Diskstation Ransomware Gang Dismantled After Years of Targeting NAS Devices Across Europe
News
Diskstation Ransomware Gang Dismantled After Years of Targeting NAS Devices Across Europe
Mitchell Langley July 16, 2025
Authorities dismantled the Diskstation ransomware group targeting NAS devices since 2021, arresting the primary suspect in Romania after seizing evidence during international raids.
Consentik Breach Exposes Hundreds of Shopify Stores to Admin Takeovers and Data Theft
News
Consentik Breach Exposes Hundreds of Shopify Stores to Admin Takeovers and Data Theft
Mitchell Langley July 16, 2025
A misconfigured Shopify plugin leaked sensitive access tokens and analytics, leaving hundreds of e-commerce businesses vulnerable to admin-level compromise and malicious exploitation.
Why is Activity Logging Crucial for Detecting Cyberattacks
Blog
Why is Activity Logging Crucial for Detecting Cyberattacks
Mitchell Langley July 15, 2025
Activity logging uncovers cyber threats, insider abuse, and compliance gaps. Discover why it’s the foundation of effective detection, response, and long-term security strategy.
SafePay Ransomware: LockBit’s Lonewolf Ghost
Resources
SafePay Ransomware: LockBit’s Lonewolf Ghost
Andrew Doyle July 15, 2025
SafePay is a centralized ransomware group leveraging LockBit-derived code, stealthy infiltration, and rapid encryption—targeting SMEs and MSPs globally without using affiliates or public channels.
Saudi Industrial Giant Rezayat Group Listed on Dark Web After Alleged Everest Ransomware Breach
News
Saudi Industrial Giant Rezayat Group Listed on Dark Web After Alleged Everest Ransomware Breach
Andrew Doyle July 15, 2025
Saudi-based Rezayat Group has allegedly been breached by the Everest ransomware gang, with hackers claiming to have stolen 10GB of sensitive corporate and client data. ...
Cybersecurity
Threat Actors Are Ramping Up Microsoft Teams Exploitation for Network Access
Gabby Lee April 21, 2026
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
Cybersecurity
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
Gabby Lee April 21, 2026
News
Seiko USA Faces Ransom Threat After Website Defacement
Mitchell Langley April 21, 2026
Autovista Battles Ransomware Attack Across Europe and Australia
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
Gabby Lee April 16, 2026

TOP CYBERSECURITY HEADLINES

CVE Vulnerability Alerts
Severe Command Injection Flaw Discovered in SGLang
Cybersecurity
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
News
Seiko USA Faces Ransom Threat After Website Defacement
Cybersecurity
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist

This Week’s Security Spotlight

Application Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Mitchell Langley April 21, 2026
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Andrew Doyle April 16, 2026
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Cybersecurity
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Gabby Lee April 16, 2026
France's Rising Kidnapping Cases Amid Crypto Extortion Schemes
Cybersecurity
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Mitchell Langley April 16, 2026
More In News
Trending
APT28 Deploys PRISMEX Malware Against Ukraine and Its Allies
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Bogus Traffic Violation Text Scam Targeting Americans

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Chrome’s Latest Zero-Day: CVE-2025-6554 and Remote Code Execution Risks
July 1, 2025
Podcasts
Russia’s 16KB Curtain: Cloudflare Throttling and the Future of the RuNet
June 30, 2025
Podcasts
Ahold Delhaize Data Breach: 2.2 Million Employee Records Exposed
June 30, 2025

Cyber Security News

Implementing Access Reviews to Enhance Security in Microsoft 365
Application Security
Implementing Access Reviews to Enhance Security in Microsoft 365
January 13, 2026
Telegram's Proxy Link Vulnerability Exposes IP Addresses
Application Security
Telegram’s Proxy Link Vulnerability Exposes IP Addresses
January 13, 2026
Endesa Cyberattack Results in Customer Data Exposure
Data Security
Endesa Cyberattack Results in Customer Data Exposure
January 13, 2026
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
Application Security
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
January 13, 2026
Meta Addresses Security Vulnerability in Instagram Password Resets
Application Security
Meta Addresses Security Vulnerability in Instagram Password Resets
January 13, 2026
AI and Security Block's CISO Discusses AI Agents' Potential
Cybersecurity
AI and Security: Block’s CISO Discusses AI Agents’ Potential
January 13, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
MoD Contractor Data Breach Exposes Thousands Of Afghan Nationals
August 18, 2025
MoD confirms a contractor-linked data breach affecting up to 3,700 ARAP arrivals, exposing names and passport details and reigniting concerns over subcontractor security and Afghan ...
AT&T Settlement Clears $177M for Victims Of 2019 and 2024 Data Breaches
August 18, 2025
Federal court approves $177 million AT&T settlement covering 2019 and 2024 data breaches; claimants can seek documented losses or tiered payments, with $7,500 maximum possible.
DOJ Brings Down Zeppelin Ransomware Operator, Seizes Millions in Crypto
August 18, 2025
The U.S. Department of Justice has successfully dismantled a major operator behind the notorious Zeppelin ransomware, charging Russian national Ianis Aleksandrovich Antropenko with conspiracy to ...
Workday Data Breach Linked To Third-Party CRM Amid Salesforce Social Engineering Wave
August 18, 2025
Workday discloses a data breach tied to a third-party CRM after social engineering attacks. No tenant data was accessed; business contact details were exposed amid ...
Healthplex Fined $2M After Phishing-Driven Data Breach Exposed Tens Of Thousands
August 18, 2025
A phishing click at Healthplex exposed tens of thousands’ health data; delayed reporting triggered a $2 million DFS fine and a mandatory independent MFA audit.
Bragg Discloses Cybersecurity Incident; Says Impact Appears Limited
August 18, 2025
Bragg Gaming Group detected a cybersecurity incident on August 16, 2025. Preliminary findings say the impact was internal only, with no indication personal data was ...
WestJet Data Breach Exposes Passenger Details, Including Names, DOB and Travel Details
August 18, 2025
WestJet confirms a June cyberattack exposed passenger details but not payment data. The airline offers two years of TransUnion monitoring and identity restoration while the ...
Crypto24 Ransomware: The Phantom Encryptor
August 18, 2025
Crypto24 is a rising ransomware group targeting mid-sized global firms, using stealth tools, cloud exfiltration, and double-extortion tactics to steal, encrypt, and leak sensitive data.
Charon Ransomware: Stealthy Cyber Extortion Syndicate
August 18, 2025
Charon ransomware, emerging in 2025, targets Middle East sectors with APT-level tactics, DLL sideloading, hybrid encryption, and advanced evasion, posing a severe threat to critical ...
U.S. Seizes $1M in Cryptocurrency from BlackSuit Ransomware Gang
August 18, 2025
U.S. agencies seized over $1 million in cryptocurrency and critical infrastructure from the BlackSuit ransomware gang. While the takedown marks progress, core members have already ...
Citrix NetScaler Zero-Day Breach Hits Critical Dutch Infrastructure
August 18, 2025
A Citrix NetScaler zero-day, CVE-2025-6543, has been exploited in the wild, leading to breaches of Dutch critical infrastructure. Thousands of devices remain unpatched worldwide, prompting ...
Why Supply Chain Security is a 2025 Cyber Priority
August 18, 2025
Supply chain security has become a top cybersecurity priority in 2025. Weak vendor defenses, low visibility, and nation-state attacks are fueling breaches, underscoring the urgent ...
Fortinet Warns of FortiSIEM Zero-Day CVE-2025-25256 Critical RCE Flaw
August 18, 2025
Fortinet has patched CVE-2025-25256, a FortiSIEM vulnerability rated CVSS 9.8 that allows unauthenticated remote code execution. Exploit code is active in the wild, and security ...
Quantum Key Distribution Faces Real-World Cybersecurity Risks
August 18, 2025
Quantum Key Distribution (QKD) is often described as unbreakable, but recent research exposes flaws in real-world systems. From photorefraction and side-channel attacks to theoretical weaknesses, ...
Cybercrime Groups ShinyHunters and Scattered Spider Collaborate in Extortion Attacks
August 18, 2025
A possible alliance between ShinyHunters, Scattered Spider, and Lapsu$ points to a new wave of coordinated cybercrime. By merging social engineering and data theft, these ...
Thorium: CISA’s New Open-Source Malware Analysis and Forensic Platform
August 18, 2025
CISA has released Thorium, an open-source platform for malware analysis and digital forensics. Built with automation and scalability, it enables security teams to analyze millions ...
FBI Flags $9.9M in Losses from Crypto Recovery Scams
August 18, 2025
The FBI warns of a growing wave of “crypto recovery scams,” where fraudsters pose as attorneys or law firms to exploit victims of earlier crypto ...
Cisco’s Critical FMC RADIUS Vulnerability: CVSS 10.0 Remote Code Execution Risk
August 18, 2025
Cisco’s CVE-2025-20188 vulnerability, rated CVSS 10.0, exposes IOS XE devices and Firepower Management Center to unauthenticated remote code execution. The flaw, caused by a hard-coded ...
U.S. Sanctions Grinex, the Russian Crypto Exchange Born from Garantex’s Ashes
August 15, 2025
The U.S. Department of the Treasury has announced sweeping sanctions against Grinex, a Russian-linked cryptocurrency exchange identified as the direct successor to the previously sanctioned ...
Canadian House of Commons Breach Tied to Microsoft SharePoint Zero-Day
August 15, 2025
On August 8th, 2025, hackers breached the Canadian House of Commons by exploiting a critical Microsoft SharePoint zero-day vulnerability—CVE-2025-53770—with a severity score of 9.8. The ...
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Seiko USA Faces Ransom Threat After Website Defacement
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Threat Actors Repurpose Tycoon 2FA Tools in New Phishing Schemes
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
Phishing Scams Are Now Exploiting Apple’s Trusted Email Servers
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest