Cyber Security
News
Ransomware Attack on Kettering Health Forces Mass Procedure Cancellations and Exposes Patient Safety Risks
Gabby Lee
May 26, 2025
A ransomware attack on Kettering Health forced mass cancellations across 120+ medical sites, exposing patient safety risks and prompting scam attempts targeting sensitive patient data. ...
News
BlackLock Ransomware Group Claims Breach of Toho, But Evidence Falls Short
Andrew Doyle
May 23, 2025
Cybercriminal group BlackLock claims to have breached Japanese film giant Toho, but researchers found no credible data, casting doubt on the authenticity of the attack. ...
News
Coca-Cola Investigates Alleged Data Breach Tied to Everest Ransomware Group
Andrew Doyle
May 23, 2025
Hackers from the Everest group claim to have leaked Coca-Cola employee and HR data, including PII and internal documents, potentially tied to a Middle East ...
News
Chinese Hackers Exploit Ivanti EPMM Zero-Day to Breach Government Agencies
Mitchell Langley
May 23, 2025
Chinese hackers exploited a zero-day flaw in Ivanti EPMM to breach global government systems. Immediate patching and security monitoring are strongly advised.
News
iOS Sleep App Exposes Personal and Health Data of Over 25,000 Users
Mitchell Langley
May 23, 2025
Sleep Journey iOS app exposed over 25,000 users' personal and health data due to a misconfigured Firebase database, posing significant privacy and security risks.
News
Chinese Hackers Exploit Cityworks Zero-Day to Breach U.S. Local Government Systems
Mitchell Langley
May 23, 2025
Hackers from the Everest group claim to have leaked Coca-Cola employee and HR data, including PII and internal documents, potentially tied to a Middle East ...
News
Russian APT28 Hackers Target Ukraine Aid Operations Through Global Espionage Campaign
Andrew Doyle
May 22, 2025
Russian APT28 hackers have targeted international aid operations to Ukraine since 2022, using cyber espionage to monitor, disrupt, and exfiltrate data from key sectors.
News
Marks & Spencer Projects $402 Million Profit Loss After Cyberattack Disrupts Operations
Mitchell Langley
May 22, 2025
Marks & Spencer faces a $402 million profit hit following a cyberattack linked to Scattered Spider, disrupting sales and operations and exposing customer data.
Cybersecurity
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
Mitchell Langley
May 22, 2025
Kettering Health canceled elective procedures after a ransomware-linked outage. Interlock ransomware group is suspected. Emergency services remain operational, but threat actors may leak stolen data. ...
News
3AM Ransomware Operators Use Spoofed IT Calls, Email Bombing for Network Breaches
Mitchell Langley
May 22, 2025
The 3AM ransomware gang exploits spoofed IT support calls and email bombing to socially engineer remote access, targeting corporate networks in stealthy credential-based breaches.
News
Global Crackdown Dismantles Lumma Infostealer Malware Network, Seizes 2,300 Domains
Andrew Doyle
May 22, 2025
Authorities and private sector partners have dismantled the infrastructure of the Lumma Infostealer malware, a dominant player in the malware-as-a-service (MaaS) ecosystem.
News
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
Mitchell Langley
May 22, 2025
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
News
EU Sanctions Stark Industries and Leadership for Supporting Russian Cyber Operations
Andrew Doyle
May 22, 2025
The EU has sanctioned Stark Industries and its leadership for enabling Russian cyber operations, disinformation, and infrastructure support used in attacks against European interests.
News
Serviceaide Data Leak Exposes Health Records of Over 480,000 Catholic Health Patients
Mitchell Langley
May 21, 2025
Serviceaide exposed over 480,000 Catholic Health patients' records due to a misconfigured Elasticsearch database, putting sensitive personal and medical data at risk.
News
Coinbase Data Breach Exposes Personal Information of 69,461 Customers in Contractor-Driven Incident
Andrew Doyle
May 21, 2025
Coinbase confirms a data breach involving overseas contractors that exposed personal and financial information of 69,461 users, prompting fears of social engineering and financial fraud. ...
Cybersecurity
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Andrew Doyle
May 21, 2025
A supply chain attack on RVTools delivered Bumblebee malware through a trojanized installer, compromising virtualization admins and enabling follow-on ransomware or data exfiltration attacks.
News
Over 100 Malicious Chrome Extensions Found Masquerading as AI Tools, VPNs, and Crypto Utilities
Mitchell Langley
May 21, 2025
A massive and ongoing campaign involving over 100 malicious Chrome extensions has been uncovered, with threat actors deploying browser add-ons ...
News
SK Telecom Malware Breach Lasted 3 Years, Exposed 27 Million Phone Numbers
Mitchell Langley
May 21, 2025
SK Telecom’s malware breach exposed 27 million phone numbers over three years via a supply chain attack targeting its security affiliate SK Shieldus.
News
Tesco, Aldi Supplier Peter Green Chilled Hit by Ransomware, Disrupting UK Retail Supply Chains
Andrew Doyle
May 21, 2025
UK logistics firm Peter Green Chilled suffered a ransomware attack, disrupting deliveries for Tesco, Aldi, and Sainsbury’s amid a rising wave of supply chain cyberattacks. ...
News
PowerSchool Hacker Pleads Guilty to Student Data Extortion Scheme
Andrew Doyle
May 21, 2025
A 19-year-old hacker has pleaded guilty to breaching PowerSchool and extorting millions by threatening to leak sensitive data on over 71 million students and teachers. ...
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee
July 3, 2025
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle
May 12, 2025
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Mitchell Langley
May 8, 2025
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
News
IdeaLab Confirms Data Stolen in Ransomware Attack Linked to Hunters International
Mitchell Langley
July 4, 2025
News
Kelly Benefits Data Breach Exposes Personal Information of Over 550,000 Individuals
Andrew Doyle
July 4, 2025
News
Esse Health Data Breach Impacts Over 263,000 Patients in Prolonged Cyber Incident
Mitchell Langley
July 4, 2025
News
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
Mitchell Langley
July 4, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
Zero-Day in the Call Center: Mitel MiCollab Exploited in Active Attacks
June 13, 2025
In this episode, we dissect the critical vulnerabilities plaguing Mitel MiCollab, a widely used unified communications platform, and explore how attackers are exploiting these flaws ...
Graphite Spyware Used in Zero-Click iOS Attacks on European Journalists
June 13, 2025
Citizen Lab confirms Paragon’s Graphite spyware exploited an iOS zero-day to launch zero-click attacks on European journalists through iMessage without any user interaction.
Password-Spraying Campaign Hits Over 80,000 Microsoft Entra ID Accounts with TeamFiltration Tool
June 13, 2025
Threat actor UNK_SneakyStrike used TeamFiltration to launch password-spraying attacks on over 80,000 Microsoft Entra ID accounts across hundreds of global organizations.
The Info-Stealer Sting: A Deep Dive into INTERPOL’s Operation Secure
June 13, 2025
Join us for a gripping discussion on “Operation Secure,” a landmark international crackdown that reverberated through the dark corners of the cybercriminal world between January ...
Hackers Claim 64 Million T-Mobile Records Leaked Online
June 13, 2025
Hackers claim to have leaked 64 million T-Mobile records online, including sensitive personal and device data. The breach may contain new data unseen in past ...
Qilin Ransomware Claims Asefa Attack: 210GB of Data Leaked Including FC Barcelona Insurance Files
June 13, 2025
Qilin ransomware group claims to have stolen 210GB of sensitive data from Spanish insurer Asefa, including internal documents and a Camp Nou insurance plan.
Spyware Scandal Expands as Second Italian Journalist Targeted with Paragon Surveillance Tool
June 13, 2025
Citizen Lab confirms Paragon spyware targeted a second journalist at Fanpage, deepening Italy’s political surveillance controversy and raising new concerns over investigative oversight.
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
June 12, 2025
Scattered Spider service desk attacks exploit social engineering to bypass security, targeting help desks for credential access. Learn defense strategies using open-source tools and training. ...
Food Delivery App GonnaOrder Leaked Customer Names, Addresses, and Order Info for Nearly Two Years
June 12, 2025
A misconfigured Kafka Broker on GonnaOrder’s platform exposed customer names, phone numbers, and delivery details across Europe from August 2022 to May 2025.
Headero App Data Leak Exposes Over Four Million Sensitive User Records, Including GPS and Sexual Preferences
June 12, 2025
A misconfigured database tied to the Headero dating app exposed over four million sensitive user records, including GPS coordinates, explicit chat logs, and STD statuses. ...
Ransomware Attack on Mastery Schools Exposes Thousands of Sensitive Records, Including Credit Card and Biometric Data
June 12, 2025
A ransomware breach at Mastery Schools in Philadelphia exposed sensitive personal and financial records, affecting over 37,000 individuals including students, staff, and families.
Mental Health Provider Mount Rogers Targeted by INC Ransom, Internal Documents and Personal Details Leaked
June 12, 2025
Ransomware group INC Ransom breached Mount Rogers Community Services, leaking internal files, personal emails, and invoices from the mental health provider's systems.
Erie Insurance Cyberattack Causes System-Wide Disruptions and Portal Outages
June 12, 2025
Erie Insurance confirms a cyberattack as the source of major service disruptions since June 7, affecting customer access, claims processing, and business operations.
Tomcat Manager Attacks: 400 IPs in Coordinated Brute-Force Attack
June 11, 2025
On June 5, 2025, GreyNoise flagged a massive spike in coordinated brute-force login attempts targeting Apache Tomcat Manager interfaces. Nearly 400 unique IP addresses, many ...
TxDOT Data Leak: 423,391 Texans Exposed
June 11, 2025
On May 12, 2025, the Texas Department of Transportation (TxDOT) disclosed a significant data breach that compromised crash reports containing personal data of over 423,000 ...
Ghost Students and AI Scams: How Identity Theft is Gutting Financial Aid
June 11, 2025
What happens when hundreds of thousands of college applications are submitted—not by hopeful students, but by bots using stolen identities? In this episode, we dive ...
BlackSuit (Royal) Ransomware: Conti Ransomware Reborn
June 11, 2025
BlackSuit, formerly Royal, is a sophisticated ransomware group using multi-vector attacks, partial encryption, and double extortion to target global organizations, including critical infrastructure. Their operations ...
Ivanti Workspace Control Exposes SQL Credentials Through Hardcoded Key Flaws
June 11, 2025
Ivanti patched three high-severity vulnerabilities in Workspace Control caused by hardcoded cryptographic keys, which exposed SQL and environment credentials to local authenticated attackers.
Texas Dept. of Transportation Breach Exposes 300,000 Crash Records in May 2025
June 11, 2025
TxDOT suffered a breach on May 12, 2025, leaking 300,000 crash reports. Stolen data includes driver’s license numbers, insurance info, and crash details.
Mirai Botnet Exploits Wazuh Servers via Remote Code Execution Vulnerability
June 11, 2025
A critical RCE flaw in Wazuh servers is being exploited by Mirai botnet variants, allowing attackers to execute Python code through malicious API requests.