Main Menu
Cyber Security
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
CISA Warns of Craft CMS Code Injection Flaw
Top Cyber Threats Facing Enterprise Businesses in 2025: A Comprehensive Guide
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
Top 15 Networking Certifications to Supercharge Your Career in 2025
Top 10 Ransomware Groups of 2024: The Year’s Most Active Cyber Threats
Top 15 Cyberattacks of 2024: The Worst Incidents for Enterprise
Nuclei Vulnerability Allows Signature Bypass and Code Execution
This Week In Cybersecurity: 30th December to 03rd January
US Treasury Hack: Escalating Cyber Warfare Between US and China
Massive Healthcare Breaches Prompt Overhaul of US Cybersecurity Rules
WhatsApp Wins Against NSO Group: Judge Finds NSO Liable for Pegasus
This Week In Cybersecurity: 16th December to 20th December
4 Crucial Automation Use Cases for Enterprise Security Automation
PowerSchool Hacked Way Back in August, Before December's Data Breach
News
PowerSchool Hacked Way Back in August, Before December’s Data Breach
Mitchell Langley March 12, 2025
PowerSchool's December 2024 data breach was preceded by hacks in August and September, exposing sensitive data for millions of students and teachers. A CrowdStrike investigation ...
Hillcrest Convalescent Center, Bay Cove Human Services and SMC Corporation of America Report Data Breaches
News
Hillcrest Convalescent Center, Bay Cove Human Services and SMC Corporation of America Report Data Breaches
Mitchell Langley March 12, 2025
Hillcrest Convalescent Center, Bay Cove Human Services and SMC Corporation of America have all reported Data Breaches
Elon Musk Claims 'Massive Cyberattack' on X Originated from Ukraine
News
Elon Musk Claims ‘Massive Cyberattack’ on X Originated from Ukraine
Andrew Doyle March 11, 2025
Elon Musk confirmed a massive cyberattack on X, originating from the Ukraine area, causing widespread service disruptions and highlighting the vulnerability of major tech platforms.
New York Sues Allstate and National General Over Data Breaches
News
New York Sues Allstate and National General Over Data Breaches
Mitchell Langley March 11, 2025
New York sues Allstate and National General for failing to protect consumer data, resulting in two major data breaches exposing thousands of driver's license numbers.
Cl0p Ransomware Published Rackspace Files on Leak Site
News
Cl0p Ransomware Published Rackspace Files on Leak Site
Andrew Doyle March 11, 2025
Cl0p ransomware publishes Rackspace files after ignored demands, exposing hundreds of Cleo victims. This data breach highlights the ongoing threat to enterprise and cloud security.
WordPress Vulnerability Expolited to Hack Moroccan Data Protection Authority Website
News
WordPress Vulnerability Expolited to Hack Moroccan Data Protection Authority Website
Andrew Doyle March 11, 2025
Morocco's data protection authority website suffered a WordPress plugin vulnerability exploit, resulting in reputational damage despite no sensitive data loss.
NBA and NASCAR Accounts on X Hacked to Promote Cryptocurrency Scams
News
NBA and NASCAR Accounts on X Hacked to Promote Cryptocurrency Scams
Andrew Doyle March 10, 2025
The official NBA and NASCAR accounts on X were hacked to promote fake cryptocurrencies, raising serious concerns about cybersecurity and user safety on social media.
$5 Million Stolen from 1inch Due to Smart Contract Flaw
News
$5 Million Stolen from 1inch Due to Smart Contract Flaw
Mitchell Langley March 10, 2025
On March 5, 2025, 1inch confirmed a $5 million theft due to a smart contract flaw, affecting only resolver funds, not end-user assets.
US Cities Warn of Parking Phishing Texts Used to Steal Personal Data
News
US Cities Warn of Parking Phishing Texts Used to Steal Personal Data
Andrew Doyle March 10, 2025
US cities warn residents about a new wave of phishing texts claiming unpaid parking fees, threatening fines and attempting to steal personal information.
Chicago Public Schools Data Breach Exposes Hundreds of Thousands of Student Records
News
Chicago Public Schools Data Breach Exposes Hundreds of Thousands of Student Records
Mitchell Langley March 10, 2025
Hundreds of thousands of Chicago Public School students' data was exposed in a recent data breach, affecting names, birthdates, and student IDs. The FBI and ...
Bank of America Issues Warning on Data Breach: Millions of Accounts at Risk
News
Bank of America Issues Warning on Data Breach: Millions of Accounts at Risk
Andrew Doyle March 10, 2025
Bank of America has announced a massive data breach affecting millions, with customers' sensitive information potentially compromised due to a vendor's mishandling of documents.
Data Breach Settlement: Rite Aid Agrees to Pay $6.8 Million to Affected Customers
News
Data Breach Settlement: Rite Aid Agrees to Pay $6.8 Million to Affected Customers
Mitchell Langley March 10, 2025
Rite Aid has agreed to a $6.8 million settlement following a data breach affecting over 2 million customers, emphasizing the need for robust cybersecurity measures.
New Chirp Tool Using Audio Tones for Data Transit Between Devices
News
New Chirp Tool Using Audio Tones for Data Transit Between Devices
Andrew Doyle March 10, 2025
The new Chirp tool allows data transfer between devices using audio tones, offering a unique and engaging way to communicate.
Akira Ransomware Uses Webcam to Bypass EDR
News
Akira Ransomware Uses Webcam to Bypass EDR
Mitchell Langley March 7, 2025
The Akira ransomware gang has found a way to bypass EDR by exploiting unsecured webcams, demonstrating a new level of sophistication in cyberattacks.
Taylor Swift Ticket Scam: Cybercrime Crew Steals $635,000
News
Taylor Swift Ticket Scam: Cybercrime Crew Steals $635,000
Mitchell Langley March 7, 2025
A cybercrime crew stole $635,000 worth of concert tickets, primarily for Taylor Swift's Eras Tour, exploiting a StubHub vendor loophole. Two employees were arrested and ...
Scott County Breach: Email Account Compromises Patient Data
News
Scott County Breach: Email Account Compromises Patient Data
Andrew Doyle March 7, 2025
The Scott County breach involved unauthorized access to email accounts, compromising protected health information for thousands of individuals across Iowa.
12,000 API Keys and Passwords Found in AI Training Datasets
News
12,000 API Keys and Passwords Found in AI Training Datasets
Mitchell Langley March 6, 2025
Nearly 12,000 API keys and passwords were discovered in the Common Crawl dataset used for training AI models, highlighting significant security risks for enterprises. Many ...
Open-Source Tool Rayhunter Helps Users Detect Stingray Attacks
News
Open-Source Tool Rayhunter Helps Users Detect Stingray Attacks
Andrew Doyle March 6, 2025
The EFF has introduced Rayhunter, an open-source tool for detecting Stingray attacks, helping users safeguard their sensitive data from unauthorized access.
Fake BianLian Ransom Notes Mailed to US CEOs in Postal Mail Scam
News
Fake BianLian Ransom Notes Mailed to US CEOs in Postal Mail Scam
Mitchell Langley March 6, 2025
Scammers are impersonating the BianLian group, mailing fake ransom notes to US CEOs, threatening data leaks unless Bitcoin payments are made.
BadBox Malware Disrupted on 500K Infected Android Devices
News
BadBox Malware Disrupted on 500K Infected Android Devices
Andrew Doyle March 6, 2025
The BadBox malware disruption has impacted over 500,000 devices, revealing the urgency of addressing cybersecurity threats in low-cost Android devices.
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle April 21, 2025
Port of Seattle Ransomware Attack Impacts 90,000 Individuals
News
Port of Seattle Ransomware Attack Impacts 90,000 Individuals
Andrew Doyle April 7, 2025
Ransomware Victims on Dark Web - 3rd March, 2025
Ransomware
Ransomware Victims on Dark Web – 3rd March, 2025
Andrew Doyle March 20, 2025

TOP CYBERSECURITY HEADLINES

Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
News
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
Ad Fraud Operation 'Scallywag' Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Cybersecurity
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Cybersecurity
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Abilene, Texas Shuts Down City Systems Following Cyberattack
News
Abilene, Texas Shuts Down City Systems Following Cyberattack

SECURITYWEEK INDUSTRY EXPERTS

Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Cybersecurity
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Syed Arslan April 23, 2025
SK Telecom Malware Incident Targets USIM Customer Data
News
SK Telecom Malware Incident Targets USIM Customer Data
Andrew Doyle April 23, 2025
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
News
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
Mitchell Langley April 23, 2025
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
News
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
Andrew Doyle April 23, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Japanese telco NTT Communications hacked hackers accessed details of almost 18,000 organizations
March 10, 2025
Podcasts
1 Million Devices Hit: Inside the Massive Malvertising Campaign
March 7, 2025
Podcasts
Inside the $635K Taylor Swift Ticket Heist: Cybercrime, Loopholes, and Insider Threats
March 7, 2025

Cyber Security News

This Week In Cybersecurity: 18th to 22nd November
Cybersecurity
This Week In Cybersecurity: 18th to 22nd November
November 22, 2024
HeptaX Cyberattack: A Deep Dive into the Multi-Stage RDP Exploitation Targeting Enterprises
Application Security
HeptaX Cyberattack: A Deep Dive into the Multi-Stage RDP Exploitation Targeting Enterprises
November 21, 2024
Manufacturers Under Cyberattack An Unprecedented Enterprise Cyberthreat
Blog
Manufacturers Under Cyberattack: An Unprecedented Enterprise Cyberthreat
November 19, 2024
This Week In Cybersecurity: 11th November to 15th November
Cybersecurity
This Week In Cybersecurity: 11th November to 15th November
November 16, 2024
₹2,000 Crore WazirX Cyberattack Culprit Arrested
Cybersecurity
₹2,000 Crore WazirX Cyberattack Culprit Arrested
November 14, 2024
Singtel Data Breach: Volt Typhoon's Test Run Before Targeting US Telecoms
Cybersecurity
Singtel Data Breach: Volt Typhoon’s Test Run Before Targeting US Telecoms
November 6, 2024
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Microsoft Windows March Update Wipes Out Copilot
March 19, 2025
Microsoft’s latest Windows 10 and 11 updates (KB5053598 and KB5053606) have accidentally uninstalled Copilot, the AI assistant, from some users’ systems—leaving many relieved rather than ...
$6.1 Million Crypto Stolen in WEMIX Hack
March 19, 2025
WEMIX, a blockchain gaming platform, suffered a $6.1 million crypto theft. Hackers stole authentication keys, planning the attack for two months before executing 13 successful ...
The Mirai Botnet: The Infamous DDoS Weapon
March 19, 2025
The Mirai botnet, a notorious piece of malware, launched devastating DDoS attacks in 2016. This blog post delves into its origins, spread, impact, and the ...
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
March 18, 2025
Microsoft discovered StilachiRAT, a new RAT malware using sophisticated techniques to steal cryptocurrency and perform reconnaissance. Its advanced evasion capabilities make proactive defense crucial.
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
March 18, 2025
A supply chain attack on the popular tj-actions/changed-files GitHub Action exposed CI/CD secrets. Attackers compromised a PAT, impacting 23,000 repositories. GitHub has since removed the ...
Critical Apache Tomcat Flaw Actively Exploited in Attacks
March 18, 2025
Critical Apache Tomcat RCE vulnerability (CVE-2025-24813) is actively exploited, allowing attackers to take control of servers via simple PUT requests. Immediate patching is crucial.
Fake “Security Alert” on GitHub Used to Hijack OAuth App Accounts
March 18, 2025
A massive GitHub phishing campaign uses fake "Security Alert" issues and a malicious OAuth app to hijack accounts, granting attackers full control. Immediate action is ...
Lingnan University Suffers Cybersecurity Breach: Sensitive Data Exposed
March 18, 2025
Lingnan University in Hong Kong suffered a data breach exposing thousands of records, including sensitive personal data. The university is taking steps to enhance security.
Hackers Flip the Script: How a Fake Coinbase Email Could Empty Your Wallet
March 18, 2025
A new and incredibly deceptive phishing campaign is targeting Coinbase users—but this isn’t your typical scam. Instead of stealing your recovery phrase, attackers are handing ...
Florida Hospital Data Breach Impacts Over 120,000 Patients
March 17, 2025
A Florida hospital, CDH, suffered a data breach impacting over 120,000 patients. Sensitive data, including Social Security numbers and health information, was compromised. The BianLian ...
Brute-Force on Autopilot: Black Basta’s ‘BRUTED’ VPN Tool for Ransomware Expansion
March 17, 2025
Black Basta, one of the most notorious ransomware gangs, has taken brute-force attacks to the next level with BRUTED—an automated framework designed to breach VPNs, ...
GitHub Action Hijacked: The Supply Chain Attack That Exposed 23,000 Repositories
March 17, 2025
In this episode, we unpack a major supply chain attack that compromised the widely used GitHub Action ‘tj-actions/changed-files’, affecting over 23,000 repositories. Attackers injected malicious ...
Brave Browser Review 🎯 How Safe is This Web Browser? (2025)
March 17, 2025
BlackBasta Ransomware Uses Automated Tool ‘BRUTED’ to Brute-Force VPNs
March 17, 2025
The BlackBasta ransomware group uses an automated tool, BRUTED, to brute-force VPNs and firewalls, highlighting the need for robust multi-factor authentication.
JD.com Data Breach: Babuk Ransomware Cartel Claims Massive Data Theft
March 17, 2025
JD.com, a major Chinese retailer, faces a massive data breach after the Babuk ransomware cartel claims to have stolen customer passwords and other sensitive information. ...
UDMI Radiology Firm Suffers Major Data Breach: Fog Ransomware Claims Responsibility
March 17, 2025
Fog ransomware group claims responsibility for a major data breach at UDMI, a radiology firm, impacting over 138,000 individuals. The incident underscores the critical need ...
FBI Issues Warning Against Medusa Ransomware for Gmail, Outlook, and VPN Users
March 17, 2025
The FBI warns of escalating Medusa ransomware attacks targeting Gmail, Outlook, and VPN users, urging immediate security enhancements to mitigate the threat.
LockBit Ransomware Developer Extradited to the United States
March 17, 2025
A key LockBit ransomware developer, Rostislav Panev, has been extradited to the US to face charges for his role in the group's global attacks.
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
March 17, 2025
This blog delves into the critical gap between meeting compliance standards and achieving true cybersecurity resilience. Learn why simply checking boxes isn't enough and how ...
Bridging the Gap: Developers vs. Security in the Cloud
March 14, 2025
In this episode of The Deep Dive, we explore the ongoing tension between development and security teams in cloud environments. While developers prioritize speed and ...
SK Telecom Malware Incident Targets USIM Customer Data
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
The Second Scam: FBI Warns of IC3 Impersonators Targeting Fraud Victims
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Abilene, Texas Shuts Down City Systems Following Cyberattack
Imaflex Inc. Data Breach Exposes Personal and Employment Data
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
This Week In Cybersecurity: March 3rd to 7th, 2025
Ransomware Victims on Dark Web – 10th March, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware Victims on Dark Web – 05th March, 2025
Ransomware Victims on Dark Web – 06th March, 2025
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Attackers Abuse Google OAuth in Sophisticated DKIM Replay Phishing Scheme
MGM Resorts to Pay $45 Million in Data Breach Settlement Covering 2019 and 2023 Incidents
State-Backed Threat Actors Adopt ClickFix Social Engineering in Espionage Campaigns
New Android Malware ‘SuperCard X’ Enables NFC Relay Attacks for Payment Card Theft