Cyber Security
Cybersecurity
Doctors Outraged After NSW Health Department Leaks Personal and Professional Data
NSW Health exposed passports, medical credentials, and IDs of nearly 600 doctors, sparking outrage and raising serious risks of identity theft, fraud, and professional impersonation.
Cybersecurity
Salt Typhoon Breach Exposes U.S. Telecom Wiretap Systems
Chinese-linked APT group Salt Typhoon infiltrated major U.S. telecom providers in 2024, compromising surveillance systems and metadata from millions of users. The breach exposed lawful ...
Cybersecurity
China Is Blurring the Lines Between Civilian AI and Military Power
China is merging civilian AI with military applications. Everyday tools like drones and voice apps are being leveraged by the PLA, according to a CSET ...
Cybersecurity
Rose Acre Farms Targeted in Alleged Lynx Ransomware Attack
Rose Acre Farms, America’s second-largest egg producer, was allegedly hit by Lynx ransomware, with attackers claiming encrypted data in a breach that threatens food supply ...
Cybersecurity
Lovesac Confirms Data Breach Following Ransomware Attack
Lovesac confirmed a ransomware-linked data breach impacting personal information. Attackers accessed systems in February 2025, with stolen data linked to the RansomHub ransomware group’s extortion ...
Cybersecurity
GhostAction Supply Chain Attack on GitHub Exposes 3,325 Secrets
The GhostAction supply chain attack on GitHub compromised 3,325 secrets, including npm, PyPI, AWS, and GitHub tokens, after attackers injected malicious workflows into 817 repositories.
Cybersecurity
Qantas Airways Reduces CEO’s Bonus Following July Data Breach
Qantas Airways reduced CEO Vanessa Hudson’s pay by $250,000 following a July cyber attack that exposed 4.5 million customer records, reflecting leadership accountability and strengthened ...
Cybersecurity
North Korean Hackers Pose as Recruiters To Launch Global Cyberattacks
North Korean hackers posed as recruiters to target blockchain and finance professionals, exploiting Slack and cyber intelligence platforms to steal cryptocurrency in a global campaign ...
Cybersecurity
This Week In Cybersecurity: September 1–5, 2025
News Stories Jaguar Land Rover Cyberattack Severely Disrupts Production Systems Taken Offline Jaguar Land Rover halted operations after a cyberattack ...
Cybersecurity
Czech Cybersecurity Agency Warns Against Chinese Technology in Critical Infrastructure
The Czech Republic’s cybersecurity agency warns critical infrastructure operators against Chinese technology, elevates threat level to “High,” and cites confirmed malicious activity, data access risks, ...
Cybersecurity
Social Engineering Breach Opens Door to Google Salesforce Data Leak
A phishing attack on a Google employee led to a Salesforce breach, exposing business contact data. Gmail remained secure, but the incident underscores the power ...
Cybersecurity
Cybersecurity Leadership: An Expert Talks Executive Risk
Leah Santos, CISO and Cyber Resilience Advisor Talks Executive Risk
Cybersecurity
Hack on In-Flight Connectivity Provider Anuvu Exposes Starlink User Data
Hackers breached inflight connectivity provider Anuvu, exposing sensitive data including Starlink service records, user credentials, and corporate details linked to major airline and maritime customers ...
Cybersecurity
Wealthsimple Data Breach Leaked Client Information Online
Wealthsimple confirmed a September 2025 data breach affecting under one percent of clients. Personal details were exposed, but passwords and funds remained fully secure throughout ...
Cybersecurity
Chess.com Confirms Data Breach Through Third-Party File Transfer Application
Chess.com disclosed a June 2025 data breach after attackers exploited a third-party file transfer application, exposing personal data of about 4,500 users while leaving main ...
Cybersecurity
Bridgestone Confirms Cyberattack Disrupts Manufacturing Operations in North America
Bridgestone confirmed a cyberattack disrupting manufacturing at North American plants. The company quickly contained the incident, assured no customer data was compromised, and continues forensic ...
Cybersecurity
Hackers Turn to HexStrike-AI to Accelerate Exploitation of N-Day Flaws
Hackers are adopting HexStrike-AI, an AI-powered red teaming tool, to exploit Citrix flaws. The automation shrinks patching windows from days to minutes, raising enterprise security ...
Cybersecurity
Jaguar Land Rover Cyberattack Severely Disrupts Production, Systems Taken Offline
Jaguar Land Rover confirmed a cyberattack that forced factories offline and disrupted production. Systems remain down, though the automaker says no customer data has been ...
Cybersecurity
GPS Jamming Attack Forces Ursula Von Der Leyen’s Plane to Land Without Navigation
Ursula von der Leyen’s plane was hit by a suspected Russian GPS jamming attack over Bulgaria, forcing pilots to land manually with paper maps after ...
News
Embassy Breach Alert: Iranian Hackers Exploit 100+ Email Accounts via Phishing
Iranian state-backed hackers have launched a phishing campaign compromising 104 email accounts and targeting 50+ embassies, ministries, and organizations worldwide. Using hijacked government emails and ...
Application Security
Microsoft Patches Exploited Exchange XSS as Secure Boot Deadline Looms
CVE Vulnerability Alerts
Check Point VPN CVE-2026-50751 Exploited by Qilin Before Patch Release
TOP CYBERSECURITY HEADLINES
Application Security
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Cybersecurity
TVING Data Breach Triggers South Korean Government Probe
This Week’s Security Spotlight
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
CVE Vulnerability Alerts
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
CVE Vulnerability Alerts
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Warlock Group / GOLD SALEM (aka Storm-2603) — Threat Profile
This threat actor profile examines the Warlock ransomware group, tracked as Storm-2603 and GOLD SALEM. Active since March 2025, Warlock exploits Microsoft SharePoint vulnerabilities to ...
65% of IT Leaders Admit Cyber Defenses are Outdated
Artificial intelligence is fueling a new wave of cyber threats, from polymorphic malware to deepfake-driven phishing. Lenovo’s latest “Work Reborn” report shows 65% of IT ...
Boyd Gaming Discloses Data Breach Following Cyberattack
Boyd Gaming confirmed a cyberattack that stole employee and individual data. Operations remain unaffected as the company investigates, notifies regulators, and works with law enforcement ...
CISA Says Hackers Breached Federal Agency Using GeoServer Exploit
CISA confirmed hackers exploited a critical GeoServer vulnerability to breach a federal agency, steal data, and move laterally. Agencies are urged to patch and monitor ...
Scattered Spider Alleged Ransom Scheme Netted More Than $115 Million
DOJ complaint alleges Scattered Spider actor Thalha Jubair helped extort over $115 million via 120 intrusions, prompting cross-border arrests, asset seizures and broad enforcement.
ENISA Confirms Ransomware Behind Airport Check-In Chaos
ENISA confirms ransomware disrupted Collins Aerospace’s MUSE check-in systems across multiple European airports, forcing manual processing and raising regulatory, fraud and supply-chain risk.
Stellantis Joins Salesforce Data Breach; 18 Million Customer Records Claimed
Stellantis confirms a Salesforce-linked breach exposing contact records; although no financial data was taken, the leak elevates phishing and supply-chain risk for millions of customers.
Steam Game BlockBlasters Turns Malicious, Drains $150K in Crypto
What happens when a trusted gaming platform becomes a weapon for cybercriminals? That’s exactly what unfolded with BlockBlasters, a free-to-play platformer on Steam that turned ...
Beyond the Inbox: The Rising Threat of Non-Email Phishing Attacks
Phishing is no longer just an email problem. A new wave of non-email phishing attacks is targeting employees through social media, instant messaging apps, SMS, ...
Pennsylvania Attorney General’s Office Grapples With Ransomware Attack
Pennsylvania’s Attorney General’s Office is recovering from a ransomware attack that disrupted 1,200 staff and court cases, though the scope of potential data compromise remains ...
Police Shut Down Streameast, the Largest Illegal Sports Streaming Network
Authorities dismantled Streameast, the world’s largest illegal sports streaming network, seizing 80 domains, arresting two operators, and uncovering millions laundered through shell companies and cryptocurrency.
Stellantis Data Breach Exposes Contact Info in Third-Party Provider Attack
Automotive giant Stellantis, the world’s fifth-largest automaker, has confirmed a data breach affecting its North American customers after attackers compromised a third-party service provider’s platform. ...
AAPB Fixes Vulnerability Allowing Unauthorized Media Access
A flaw in AAPB’s website exposed private media for years, exploited by data hoarders until a recent fix secured the archive and halted unauthorized access.
HoundBytes Launches WorkHorse to Eliminate SOC Tier 1 Bottlenecks
Cybersecurity firm HoundBytes has officially launched WorkHorse, an automated security analyst designed to solve one of the biggest pain points in modern Security Operations Centers ...
Great Firewall Leak Exposes China’s Global Surveillance Exports
A 500GB leak from Geedge Networks exposes Great Firewall source code, internal logs and export contracts showing surveillance systems shipped to Myanmar, Pakistan, Ethiopia and ...
Attackers Abuse AI-Native Platforms to Host Fake CAPTCHA Pages
Phishers exploit AI-native platforms to publish fake CAPTCHA pages that fool users and evade scanners, redirecting victims to credential-harvesting sites and enabling large-scale phishing.
European Airports Struggle to Fix Check-In Glitch After Cyberattack
A cyberattack on Collins Aerospace’s MUSE check-in system disrupted Heathrow, Berlin, and Brussels, forcing manual operations, flight cancellations, and prompting regulators to investigate airport cybersecurity ...
Stellantis Confirms Data Breach Following Salesforce-Linked Attack
Stellantis confirms a data breach impacting North American customers after a Salesforce-linked attack, with ShinyHunters claiming 18 million records stolen and FBI warning of ongoing ...
FBI Warns Bad Actors are Spoofing the IC3 Cybercrime Reporting Website
FBI warns criminals are cloning the IC3 complaint site; victims risk exposing PII. Type .gov directly, avoid sponsored links, and never pay to recover funds.
Tiffany & Co. Data Breach Exposes Thousands of Gift Card Holders
Tiffany & Co. confirms May 2025 data breach exposing 2,500+ customers’ gift card numbers, personal data, and sales records, raising fraud and phishing risks for ...