Main Menu
Cyber Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Autovista Battles Ransomware Attack Across Europe and Australia
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Basic-Fit Data Breach Exposes Personal Information of One Million Members
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
News
Spain Arrests Hackers Behind Data Breach Targeting Politicians and Journalists
Mitchell Langley July 4, 2025
Spanish police arrest two hackers behind cyberattacks on government and media figures, seizing devices in a national security case tied to stolen state data.
Citrix Patch for Critical NetScaler Vulnerabilities Causes Login Issues for Some Customers
News
Citrix Patch for Critical NetScaler Vulnerabilities Causes Login Issues for Some Customers
Andrew Doyle July 4, 2025
Citrix warns that patches for critical NetScaler flaws may cause broken logins due to CSP conflicts. Admins must disable headers and clear cache to restore ...
Forminator Plugin Flaw Leaves 600,000+ WordPress Sites at Risk of Full Takeover
News
Forminator Plugin Flaw Leaves 600,000+ WordPress Sites at Risk of Full Takeover
Mitchell Langley July 4, 2025
A critical vulnerability in Forminator exposes over 600,000 WordPress sites to takeover attacks. Enterprises are urged to patch immediately and review recovery strategies.
Grafana Issues Critical Security Fixes for Image Renderer Plugin and Synthetic Monitoring Agent
News
Grafana Issues Critical Security Fixes for Image Renderer Plugin and Synthetic Monitoring Agent
Andrew Doyle July 4, 2025
Grafana Labs patched critical Chromium-based vulnerabilities in its Image Renderer and Monitoring Agent. Enterprises using self-hosted deployments must update immediately to prevent remote code execution ...
Hunters International Ransomware Group Shuts Down, Offers Free Decryptors Amid Exit
News
Hunters International Ransomware Group Shuts Down, Offers Free Decryptors Amid Exit
Andrew Doyle July 4, 2025
Hunters International ransomware gang shuts down and releases free decryptors for victims. The group may be rebranding as an extortion-only operation under World Leaks.
Spanish Authorities Dismantle €10 Million Investment Scam Network With Fake Advisors and Crypto Portals
News
Spanish Authorities Dismantle €10 Million Investment Scam Network With Fake Advisors and Crypto Portals
Mitchell Langley July 4, 2025
Spanish police arrested 21 individuals linked to a €10 million investment scam that used fake crypto platforms, call centers, and social media to defraud victims. ...
Cisco Removes Hardcoded Root Account from Unified CM to Prevent Remote Takeover
News
Cisco Removes Hardcoded Root Account from Unified CM to Prevent Remote Takeover
Mitchell Langley July 4, 2025
Cisco warns of critical backdoor vulnerability in Unified Communications Manager allowing root access. No workaround exists—organizations must patch immediately to prevent remote system takeover.
Fake Crypto Wallet Add-ons Flood Firefox Store in Ongoing Credential Theft Campaign
News
Fake Crypto Wallet Add-ons Flood Firefox Store in Ongoing Credential Theft Campaign
Andrew Doyle July 4, 2025
Over 40 fake Firefox extensions posing as crypto wallets are stealing seed phrases. Victims unknowingly lose funds in attacks that mimic trusted browser plugins.
Qantas Confirms Data Breach Following Cyberattack on Third-Party Platform
News
Qantas Confirms Data Breach Following Cyberattack on Third-Party Platform
Mitchell Langley July 4, 2025
Qantas confirmed a cyberattack impacting six million customers. Linked to aviation-targeting threat actors, the breach highlights growing risks to identity systems and third-party platforms.
Stormous Ransomware: Unmasking the Pro-Russian Cyber Threat
Blog
Stormous Ransomware: The Pro-Russian Cyber Gang Targeting Global Networks
Gabby Lee July 3, 2025
Stormous ransomware is a pro-Russian ransomware gang using double extortion and RaaS tools to target global enterprises, especially in the U.S., Ukraine, and Europe.
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
Blog
The Rising Tide of Cybersecurity Threats in Hospitality: How Hotels Can Stay Secure this Summer
Andrew Doyle July 2, 2025
Explore how hospitality businesses can defend against hotel cyber attacks, summer cyber threats, and guest data breaches with smart cybersecurity strategies tailored for the industry. ...
International Criminal Court Investigates Another Sophisticated Cyberattack
News
International Criminal Court Investigates Another Sophisticated Cyberattack
Andrew Doyle July 2, 2025
The International Criminal Court confirms a second cyberattack in two years, citing a sophisticated breach and ongoing threats targeting its global judicial infrastructure.
Aeza Group Sanctioned by U.S. Treasury for Enabling Cybercriminal Infrastructure
News
Aeza Group Sanctioned by U.S. Treasury for Enabling Cybercriminal Infrastructure
Mitchell Langley July 2, 2025
The U.S. Treasury sanctioned Aeza Group for hosting ransomware and malware infrastructure used by threat groups like BianLian, RedLine, and darknet marketplace BlackSprut.
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
News
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
Mitchell Langley July 1, 2025
Europol dismantles a $540 million crypto investment fraud ring targeting thousands across borders. The syndicate used AI tools, shell companies, and crypto wallets for laundering. ...
FBI Issues Alert as Cybercriminals Impersonate Health Fraud Investigators to Steal Patient Data
News
FBI Issues Alert as Cybercriminals Impersonate Health Fraud Investigators to Steal Patient Data
Andrew Doyle July 1, 2025
FBI warns of cybercriminals impersonating health fraud investigators to steal sensitive medical data. Fraudulent emails and texts are targeting patients and providers nationwide.
Johnson Controls Begins Notifying Individuals Impacted by 2023 Ransomware Attack
News
Johnson Controls Begins Notifying Individuals Impacted by 2023 Ransomware Attack
Mitchell Langley July 1, 2025
Johnson Controls is notifying individuals impacted by a 2023 ransomware attack that exposed data and disrupted global operations. Dark Angels ransomware group is believed responsible. ...
Ransomware Attack on Swiss Government Vendor Leads to Massive Data Leak
News
Ransomware Attack on Swiss Government Vendor Leads to Massive Data Leak
Andrew Doyle July 1, 2025
Switzerland confirms government data was stolen in a ransomware attack on Radix. Leaked records include documents, contracts, and communications now circulating on the dark web. ...
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
News
Europol Busts $540 Million Crypto Fraud Ring Operating Across Multiple Countries
Mitchell Langley July 1, 2025
Europol dismantles a $540 million crypto investment fraud ring targeting thousands across borders. The syndicate used AI tools, shell companies, and crypto wallets for laundering. ...
Canada Orders Hikvision to Shut Down National Operations Over Security Concerns
News
Canada Orders Hikvision to Shut Down National Operations Over Security Concerns
Mitchell Langley July 1, 2025
Canada orders Hikvision to shut down operations after a national security review. Government bans all public sector use of Hikvision surveillance equipment nationwide.
This Week In Cybersecurity: 23rd June to 27th June
Cybersecurity Newsletter
This Week In Cybersecurity: 23rd June to 27th June
Andrew Doyle June 30, 2025
News Stories New ‘FileFix’ Attack Exploits Windows File Explorer to Deliver Stealthy Commands Threat actors use the search-ms URI protocol ...
Cybersecurity
Threat Actors Are Ramping Up Microsoft Teams Exploitation for Network Access
Gabby Lee April 21, 2026
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
Cybersecurity
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
Gabby Lee April 21, 2026
News
Seiko USA Faces Ransom Threat After Website Defacement
Mitchell Langley April 21, 2026
Autovista Battles Ransomware Attack Across Europe and Australia
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
Gabby Lee April 16, 2026

TOP CYBERSECURITY HEADLINES

CVE Vulnerability Alerts
Severe Command Injection Flaw Discovered in SGLang
Cybersecurity
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
News
Seiko USA Faces Ransom Threat After Website Defacement
Cybersecurity
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist

This Week’s Security Spotlight

Application Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Mitchell Langley April 21, 2026
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Andrew Doyle April 16, 2026
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Cybersecurity
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Gabby Lee April 16, 2026
France's Rising Kidnapping Cases Amid Crypto Extortion Schemes
Cybersecurity
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Mitchell Langley April 16, 2026
More In News
Trending
APT28 Deploys PRISMEX Malware Against Ukraine and Its Allies
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Bogus Traffic Violation Text Scam Targeting Americans

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
OneClik Cyberattack Campaign Targets Energy Sector Using Microsoft ClickOnce and AWS
June 26, 2025
Podcasts
Zero-Day Level Cisco ISE Flaws: Urgent Patch Required for Enterprise Security
June 26, 2025
Podcasts
Bonfy.AI Launches $9.5M Adaptive Content Security Platform to Govern AI and Human Data
June 26, 2025

Cyber Security News

Email Security's True Challenge Evaluating Post-access Threats
Blog
Email Security’s True Challenge: Evaluating Post-access Threats
January 11, 2026
APT28 Intensifies Credential Harvesting on Nuclear and Energy Sectors
Cybersecurity
APT28 Intensifies Credential Harvesting on Nuclear and Energy Sectors
January 11, 2026
NSA Announces Tim Kosiba as New Deputy Director
Cybersecurity
NSA Announces Tim Kosiba as New Deputy Director
January 11, 2026
Threat Actors Target Vulnerable Proxy Servers in the Hunt for LLM Services
Endpoint Security
Threat Actors Target Vulnerable Proxy Servers in the Hunt for LLM Services
January 11, 2026
Illinois Department's Database Error Leads to Massive Data Exposure
Data Security
Illinois Department’s Database Error Leads to Massive Data Exposure
January 11, 2026
Trend Micro Addresses Vulnerabilities in Apex Central, Mitigates Security Risks
Cybersecurity
Trend Micro Addresses Vulnerabilities in Apex Central, Mitigates Security Risks
January 11, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
MuddyWater’s DarkBit Ransomware Cracked, Allowing Free Data Recovery
August 12, 2025
Profero cracked DarkBit ransomware’s encryption, exploiting weak key generation to recover a victim’s ESXi server data for free, disrupting a politically driven MuddyWater-linked cyberattack.
Germany’s Top Court Limits Police Spyware to Serious Crimes Only
August 11, 2025
Germany’s Federal Constitutional Court has issued a landmark ruling sharply restricting the use of state spyware by law enforcement. The decision directly addresses 2017 regulations ...
Security Firms Warn GPT-5 Is Wide Open to Jailbreaks and Prompt Attacks
August 11, 2025
Two independent security assessments have revealed serious vulnerabilities in GPT-5, the latest large language model release. NeuralTrust’s red team demonstrated a “storytelling” jailbreak, a multi-turn ...
Global Cybersecurity Spending Projected to Reach $213 Billion in 2025
August 11, 2025
Global cybersecurity spending is projected to hit $213 billion in 2025, driven by rising ransomware threats, cloud adoption, and generative AI risks. Gartner forecasts sustained ...
Senate Committee Advances Nominee to Lead Cybersecurity Agency
August 11, 2025
Amid heightened scrutiny over election security and foreign cyber threats, the U.S. Senate Homeland Security Committee has advanced the nomination of Sean Plankey to lead ...
BadCam: Lenovo Webcam Flaw Turns Everyday Cameras into Remote BadUSB Attack Tools
August 11, 2025
A new hardware security warning has emerged with the discovery of BadCam, a set of vulnerabilities in certain Lenovo webcams that could allow attackers to ...
Google Calendar Invites Let Researchers Hijack Gemini in Stealthy Prompt-Injection Attack
August 11, 2025
Researchers used poisoned Google Calendar invites to exploit a Gemini vulnerability, enabling email exfiltration, smart-home control and other actions; Google says the bug is fixed. ...
Google Confirms Salesforce CRM Breach Exposed Google Ads Customers
August 11, 2025
Google confirms a Salesforce CRM breach exposed business contact information for prospective Google Ads customers; ShinyHunters claim roughly 2.55 million records were stolen in total. ...
WinRAR Zero-Day (CVE-2025-8088) Exploited in Phishing Attacks to Drop RomCom Backdoors
August 11, 2025
WinRAR zero-day CVE-2025-8088 let attackers craft RARs that extract executables into autorun folders, enabling RomCom backdoors via spearphishing; the bug is fixed in WinRAR 7.13. ...
Ivy League University Hack Exposed Personal, Financial and Health Records of 868,969 People
August 11, 2025
Columbia University says a May 16, 2025 network intrusion exposed personal, financial and health data for 868,969 people; the university offers two years of credit ...
U.S. Judiciary Confirms Cyberattack on Court Electronic Records Service, Tightens Access to Sealed Filings
August 11, 2025
The U.S. Judiciary confirmed a cyberattack on its electronic case systems, tightening access to sealed filings after reports suggested confidential informant identities were exposed publicly. ...
Cisco ISE Vulnerability Exposes Critical Remote Code Execution Risk Across Enterprise Networks
August 11, 2025
A critical Cisco ISE vulnerability (CVE-2025-20337) exposes systems to remote code execution and root access. Enterprises must upgrade to Patch 7 or Patch 2 immediately. ...
Free Wi-Fi Loophole Lets Hackers Breach Smart Bus Control Systems
August 11, 2025
A new cybersecurity investigation has revealed that the same free passenger Wi-Fi offered on many smart buses is directly connected to critical onboard systems — ...
RiteCheck Notifies Nearly 70,000 After Year-Old Cyberattack Exposed Sensitive Customer Data
August 11, 2025
Nearly 70,000 customers and employees of RiteCheck had personal and payment data exposed in a 2024 breach. Notification letters were only sent out this week. ...
BlackSuit Ransomware and Royal Operations Breached 450+ U.S. Companies
August 8, 2025
DHS reports BlackSuit and Royal ransomware gangs hit over 450 U.S. victims, collected $370 million, and saw infrastructure seized in international Operation Checkmate last month. ...
Pandora Confirms Third-Party Data Breach, Advises Customers to Stay Alert
August 8, 2025
Pandora confirms a third-party data breach exposing customer names and emails, warns users of potential phishing risks as attackers exploit basic contact details without breaching ...
CISA Orders Federal Agencies to Patch Critical Exchange Hybrid Vulnerability by Monday Morning
August 8, 2025
CISA orders federal agencies to fix a critical Exchange hybrid vulnerability (CVE-2025-53786) by Monday; migration to a dedicated hybrid app is required to prevent tenant ...
Bouygues Telecom Data Breach Exposes 6.4 Million Customers’ Information
August 8, 2025
Bouygues Telecom confirms cyberattack exposed personal data for 6.4 million customers, including contact details and IBANs; investigation ongoing and authorities notified; customers informed via SMS. ...
Technical Glitch Briefly Erases Sections of U.S. Constitution from Congress.gov, Restored Quickly
August 8, 2025
Critical sections of the Constitution briefly vanished from Congress.gov due to a software glitch; the Library of Congress restored them within hours and is implementing ...
ReVault: Critical Dell Firmware Flaws Allow Windows Login Bypass and Persistent Implants
August 7, 2025
In a powerful reminder that hardware security is just as critical as software defense, Cisco Talos researchers have uncovered “ReVault,” a collection of five high-severity ...
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Seiko USA Faces Ransom Threat After Website Defacement
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Threat Actors Repurpose Tycoon 2FA Tools in New Phishing Schemes
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
Phishing Scams Are Now Exploiting Apple’s Trusted Email Servers
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest