Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Kellogg Data Breached, Clop Ransomware Exploits Cleo Zero-Day Vulnerabilities
News
Kellogg Data Breached, Clop Ransomware Exploits Cleo Zero-Day Vulnerabilities
Andrew Doyle April 8, 2025
WK Kellogg confirms a data breach exposing employee names and social security numbers, linked to the Clop ransomware gang's exploitation of Cleo software vulnerabilities.
Superannuation Hack Exposes $4.2 Trillion Sector's Cybersecurity Vulnerabilities
News
Superannuation Hack Exposes $4.2 Trillion Sector’s Cybersecurity Vulnerabilities
Mitchell Langley April 8, 2025
A major superannuation hack exposed critical cybersecurity flaws, impacting major Australian funds and highlighting the urgent need for stronger security measures within the $4.2 trillion ...
Singapore Banks Suffer Ransomware Attack: DBS and Bank of China Affected
News
Singapore Banks Suffer Ransomware Attack: DBS and Bank of China Affected
Mitchell Langley April 8, 2025
Singapore's DBS and Bank of China suffered a data breach due to a ransomware attack on their printing services provider, impacting thousands of customers. Funds ...
Vice Society Ransomware: The Anti K-12 RaaS Syndicate
Resources
Vice Society Ransomware: The Anti K-12 RaaS Syndicate
Andrew Doyle April 8, 2025
Vice Society, a prolific RaaS group, preys on schools and other institutions, deploying readily available ransomware and threatening data leaks unless ransoms are paid. Their ...
Texas State Bar Data Breach Exposes Sensitive Attorney Information
News
Texas State Bar Data Breach Exposes Sensitive Attorney Information
Andrew Doyle April 8, 2025
Texas State Bar's data breach exposed sensitive attorney information, including SSNs, financial details, and legal case documents. Ransomware group INC claimed responsibility.
Everest Ransomware's Dark Web Leak Site Defaced and Taken Offline
News
Everest Ransomware’s Dark Web Leak Site Defaced and Taken Offline
Andrew Doyle April 8, 2025
Everest ransomware's dark web leak site was defaced, disrupting their double-extortion scheme. This highlights the vulnerability of even sophisticated cybercriminal operations and the importance of ...
EncryptHub Has a Double Life of a Cybercriminal and Bug Bounty Hunter
News
EncryptHub Has a Double Life of a Cybercriminal and Bug Bounty Hunter
Mitchell Langley April 8, 2025
Threat actor EncryptHub, responsible for compromising 618 organizations, secretly reported two Windows zero-day vulnerabilities to Microsoft, revealing a complex figure operating in both cybercrime and ...
Europcar Data Breach Affects 200,000 Customers
News
Europcar Data Breach Affects 200,000 Customers
Mitchell Langley April 7, 2025
Europcar's data breach potentially affects up to 200,000 customers after threat actors accessed GitLab repositories. The company confirms the breach but disputes the full extent ...
WinRAR Vulnerability Bypasses Windows Mark of the Web Security
News
WinRAR Vulnerability Bypasses Windows Mark of the Web Security
Mitchell Langley April 7, 2025
WinRAR vulnerability (CVE-2025-31334) bypasses Windows Mark of the Web security, enabling silent malicious code execution. Update to version 7.11 immediately.
E-ZPass Phishing Scam Targets E-ZPass
News
E-ZPass Phishing Scam Targets E-ZPass
Mitchell Langley April 7, 2025
A massive wave of phishing texts impersonating E-ZPass is stealing personal and financial data. Scammers use urgency and encrypted messaging to bypass security measures.
Port of Seattle Ransomware Attack Impacts 90,000 Individuals
News
Port of Seattle Ransomware Attack Impacts 90,000 Individuals
Andrew Doyle April 7, 2025
A ransomware attack on the Port of Seattle exposed the personal data of 90,000 individuals. The Rhysida ransomware group was responsible, and the Port refused ...
CISA Warns of Fast Flux DNS Evasion Used by Cybercrime Gangs
News
CISA Warns of Fast Flux DNS Evasion Used by Cybercrime Gangs
Andrew Doyle April 4, 2025
CISA warns of Fast Flux DNS evasion, a technique used by cybercrime gangs to mask malicious activity by rapidly changing DNS records, making detection and ...
COBIT 2019 vs. COBIT 5 What’s New and Why It Matters
Blog
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
Andrew Doyle April 4, 2025
The IT world is constantly changing, and so are the frameworks that govern it. This blog post delves into the significant differences between COBIT 5 ...
Texas State Bar Data Breach: INC Ransomware Gang Claims Responsibility
News
Texas State Bar Data Breach: INC Ransomware Gang Claims Responsibility
Mitchell Langley April 4, 2025
The Texas State Bar suffered a data breach between January 28 and February 9, 2025, with the INC ransomware gang claiming responsibility and leaking stolen ...
GitHub Supply Chain Attack Traced to Leaked SpotBugs Token
News
GitHub Supply Chain Attack Traced to Leaked SpotBugs Token
Mitchell Langley April 4, 2025
A devastating GitHub supply chain attack, targeting Coinbase, stemmed from a leaked SpotBugs token, exposing secrets in 218 repositories and highlighting critical vulnerabilities in open-source ...
Oracle Cloud Breach Confirmed, Data Theft Impacts Legacy Systems
News
Oracle Cloud Breach Confirmed, Data Theft Impacts Legacy Systems
Andrew Doyle April 4, 2025
Oracle confirms a data breach impacting its legacy Oracle Cloud Classic system, resulting in the theft of client credentials. Investigations are underway, but the company's ...
$500,000 Lost in Australian Superannuation Fund Data Breach
News
$500,000 Lost in Australian Superannuation Fund Data Breach
Mitchell Langley April 4, 2025
Major Australian superannuation funds experienced a data breach, resulting in $500,000 in losses and impacting thousands of members via a credential stuffing attack.
Hunters International Shifts to Data Extortion and Rebrands as World Leaks
News
Hunters International Shifts to Data Extortion and Rebrands as World Leaks
Andrew Doyle April 4, 2025
Hunters International, a notorious ransomware operation, has rebranded as World Leaks, shifting its focus to data extortion.
KillSec: Hacktivists Turned RaaS Syndicate
Resources
KillSec: Hacktivists Turned RaaS Syndicate
Andrew Doyle April 4, 2025
KillSec, a Russia-linked RaaS group, targets healthcare and finance, leveraging OSINT and affiliates for extortion, showing a preference for Asian victims over Western ones.
CVE Vulnerability Alerts - 18th March, 2025
CVE Vulnerability Alerts
CVE Vulnerability Alerts – 18th March, 2025
Andrew Doyle April 4, 2025
This post summarizes various vulnerabilities from recent CVE alerts that could potentially be exploited by malicious actors. Each entry includes brief information on the vulnerability, ...
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Why Canada Banned Hikvision: National Security vs. Geopolitics
June 30, 2025
Podcasts
Scattered Spider Takes Flight: Inside the Cybercrime Group’s Move into Aviation
June 30, 2025
Podcasts
Fortnite and the FTC: How Epic Games Misled Players into Unwanted Purchases
June 27, 2025

Cyber Security News

EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
Cybersecurity
EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
November 18, 2025
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
Information Security
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
November 18, 2025
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
Data Security
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
November 18, 2025
Coinbase Under Fire for Alleged Delay in Disclosing Customer Data Breach
Information Security
Coinbase Under Fire for Alleged Delay in Disclosing Customer Data Breach
November 17, 2025
Princeton University Data Breach Exposes Sensitive Information in Cyberattack
Data Security
Princeton University Data Breach Exposes Sensitive Information in Cyberattack
November 17, 2025
Malicious NPM Packages Use Adspect Cloaking to Evade Researchers and Target Victims
Cybersecurity
Malicious NPM Packages Use Adspect Cloaking to Evade Researchers and Target Victims
November 17, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
June 18, 2025
CISA warns of active exploitation targeting outdated TP-Link routers with command injection flaws. Users and federal agencies must act fast to avoid security breaches.
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
June 18, 2025
Scattered Spider may have pivoted from retail to insurance, with Erie Indemnity likely its first U.S. victim. Experts urge insurers to prepare for advanced phishing ...
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
June 18, 2025
EDRi is calling for a full ban on spyware in the EU, warning that unchecked surveillance software threatens human rights, democratic institutions, and cybersecurity.
Archetyp Market Seized: €250M Drug Empire Toppled by Operation Deep Sentinel
June 17, 2025
In this episode, we unpack the dramatic takedown of Archetyp Market, a darknet marketplace that dominated the online drug trade since its launch in May ...
KillSec Exploits Zero-Day to Breach Ocuco: 241K Patients Exposed
June 17, 2025
In this episode, we break down one of 2025’s most significant healthcare cybersecurity incidents: the ransomware attack on Ocuco, a global eyecare software provider. On ...
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
June 17, 2025
Several Washington Post journalists’ Microsoft email accounts were compromised in a cyberattack believed to be the work of a foreign government targeting national security reporting. ...
DragonForce Ransomware: The Evolving Threat to Healthcare Data
June 17, 2025
In this episode, we dive deep into the current state of cybersecurity in healthcare, where the growing sophistication of cyber threats has led to increasingly ...
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
June 17, 2025
Cybercriminals are now targeting the U.S. insurance sector with Scattered Spider-style tactics—experts warn of imminent threats involving phishing, SIM swapping, and MFA abuse.
Zoomcar Confirms Data Breach Impacting 8.4 Million Users Following Threat Actor Alert
June 17, 2025
Zoomcar has confirmed a cybersecurity breach affecting 8.4 million users, exposing names, contact details, and vehicle data—but not financial information or passwords.
Hackers Claim Breach of Scania’s Corporate Insurance Arm, 34,000 Files Allegedly Stolen
June 17, 2025
Hackers claim to have breached Scania’s corporate insurance arm, stealing 34,000 internal files. The targeted platform remains offline, citing maintenance.
Fasana Ransomware Attack Triggers Insolvency at 100-Year-Old German Manufacturer
June 17, 2025
A ransomware attack forced Germany’s century-old napkin manufacturer Fasana into insolvency, halting production, delaying salaries, and causing losses over €2 million in two weeks.
Google’s $32B Bid for Wiz Faces DOJ Fire: A Cloud Security Power Play or Market Grab?
June 17, 2025
In this episode, we break down the seismic implications of Google’s proposed $32 billion acquisition of Wiz, the world’s largest cybersecurity unicorn—and why this isn’t ...
SimpleHelp Exploit Fallout: Ransomware Hits Utility Billing Platforms
June 16, 2025
In this critical episode, we dive into the alarming exploitation of CVE-2024-57727, a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software actively leveraged by ...
TeamFiltration and Token Theft: The Cyber Campaign Microsoft Never Saw Coming
June 16, 2025
In this episode, we dissect UNK_SneakyStrike—a major account takeover campaign targeting Microsoft Entra ID users with precision and scale. Tracked by Proofpoint, this campaign began ...
64 Million T-Mobile Customer Records Allegedly Exposed in New Data Leak
June 16, 2025
Hackers have claimed to leak a database containing 64 million records linked to T-Mobile, one of the largest mobile carriers in the U.S. The data ...
Debt Collection Breach at CCC Exposes Data of Over 9 Million Americans
June 16, 2025
A cyberattack on Credit Control Corporation exposed data of 9.1 million Americans, including personal and financial records. Attackers may exploit the information for targeted scams. ...
Yes24 Ransomware Attack Disrupts South Korea’s Entertainment Industry, Exposes Millions to Risk
June 16, 2025
A ransomware attack on Yes24, South Korea’s leading ticket platform, brought services to a halt, disrupted major K-pop events, and triggered fears over customer data ...
Cyberattack Disrupts WestJet Internal Systems, Airline Investigating with Authorities
June 16, 2025
A cyberattack on Canada’s second-largest airline, WestJet, disrupted internal systems and app access, prompting an ongoing investigation involving law enforcement and transport authorities.
Three CVEs, One Risk: Arbitrary Code Execution in Nessus Agent for Windows
June 16, 2025
In this episode, we dive deep into one of the most critical attack techniques in modern cyber warfare: privilege escalation—and how it recently hit center ...
WestJet Cyberattack: Cracks in Aviation’s Digital Armor
June 16, 2025
A major cyberattack has rocked Canada’s second-largest airline, WestJet—crippling internal systems and prompting warnings for customers to monitor their accounts and change passwords. But this ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited