Main Menu
Cyber Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Sweden Points to Pro-Russian Group in Cyberattack on Energy Infrastructure
Autovista Battles Ransomware Attack Across Europe and Australia
CISA Expands Known Exploited Vulnerabilities Catalog with Microsoft and Apple Flaws
A ‘By Design’ Flaw in Anthropic’s MCP Could Enable Widespread AI Supply Chain Attacks
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Over 100 Malicious Chrome Extensions Are Stealing User Data and Creating Backdoors
Modern Trucking’s Cybersecurity Imperative: Industry Leaders Address Digital Threats
Microsoft Releases Windows 10 KB5082200 to Fix April 2026 Patch Tuesday Zero-Days
Fake Ledger Live App on macOS Drains $9.5 Million From Victims
Basic-Fit Data Breach Exposes Personal Information of One Million Members
McGraw-Hill Data Breach: Salesforce Misconfiguration Exploited by Hackers
Critical Security Flaws in Composer Put PHP Applications at Risk
New Spear Phishing Campaign Targets Financial Executives Using Legitimate Remote Access Tools
News
New Spear Phishing Campaign Targets Financial Executives Using Legitimate Remote Access Tools
Mitchell Langley June 25, 2025
A sophisticated spear phishing campaign is targeting CFOs and finance leaders worldwide, using legitimate tools like NetBird and OpenSSH to quietly breach enterprise networks.
Two Healthcare Data Breaches Expose Over 220,000 Records at Mainline Health and Select Medical
News
Two Healthcare Data Breaches Expose Over 220,000 Records at Mainline Health and Select Medical
Mitchell Langley June 25, 2025
Mainline Health and Select Medical Holdings have disclosed separate data breaches impacting more than 220,000 individuals, with ransomware and third-party compromise behind the incidents.
UK Government Warns of £1.6 Million in Ticket Scams Ahead of Glastonbury Festival
News
UK Government Warns of £1.6 Million in Ticket Scams Ahead of Glastonbury Festival
Andrew Doyle June 25, 2025
Concertgoers in the UK have lost over £1.6 million to ticket fraud in 2024, prompting urgent warnings from the government as festival season begins.
170K-Record Database Exposes Unencrypted PII from Real Estate Sector
News
170K-Record Database Exposes Unencrypted PII from Real Estate Sector
Andrew Doyle June 24, 2025
A misconfigured database tied to a U.S. real estate firm exposed 170,000 records of sensitive personal and internal data, including Social Security numbers and employment ...
Anubis Ransomware: A Destructive, Cross-Platform Threat
Resources
Anubis Ransomware: A Destructive, Cross-Platform Threat
Mitchell Langley June 24, 2025
Anubis ransomware combines encryption and file-wiping capabilities, targeting Windows, Linux, and NAS systems with stealthy command-line execution and affiliate-driven campaigns across multiple industries.
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
News
Steel Giant Nucor Confirms Data Theft in Recent Cybersecurity Breach
Mitchell Langley June 24, 2025
Nucor, North America’s largest steel producer, has confirmed data theft following a cybersecurity breach that temporarily disrupted operations and forced system shutdowns.
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
News
Chinese APT Group ‘Salt Typhoon’ Breaches Canadian Telecom Firm Using Cisco IOS XE Vulnerability
Mitchell Langley June 24, 2025
Canada confirms a state-sponsored breach in its telecom sector, where Salt Typhoon exploited an unpatched Cisco vulnerability to compromise devices and reroute sensitive network traffic. ...
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
News
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
Mitchell Langley June 24, 2025
Russian state-sponsored hackers targeted a critic of the Kremlin using a novel social engineering tactic that tricked the victim into bypassing multi-factor authentication protections.
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
News
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
Andrew Doyle June 24, 2025
A massive breach has exposed 16 billion login credentials, potentially affecting services like Facebook, Google, and Apple. This fresh infostealer data opens the door to ...
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
News
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
Andrew Doyle June 24, 2025
Russian threat group APT28 is using Signal messages to deliver new malware—BeardShell and SlimAgent—targeting Ukrainian government entities through sophisticated phishing and loader tactics.
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
News
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
Mitchell Langley June 24, 2025
Anubis ransomware group claims to hold 64GB of Disneyland Paris data, including engineering plans and behind-the-scenes content, though the source and sensitivity remain unclear.
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
News
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
Mitchell Langley June 24, 2025
McLaren Health Care has suffered a major data breach, exposing sensitive personal and medical data of 743,000 individuals, following a history of ransomware incidents.
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
News
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
Andrew Doyle June 24, 2025
Oxford City Council has confirmed a cybersecurity breach involving legacy systems, exposing election worker data from 2001 to 2022 after detecting unauthorized access to its ...
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
News
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
Andrew Doyle June 24, 2025
Insurance giant Aflac has confirmed a breach involving sensitive personal and health data, part of a broader wave of attacks linked to the Scattered Spider ...
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
News
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
Mitchell Langley June 24, 2025
Taiwan-based crypto exchange BitoPro has linked the $11 million theft from its platform to the North Korean Lazarus Group, citing attack similarities and forensic evidence. ...
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
News
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
Andrew Doyle June 19, 2025
A key figure behind Ryuk ransomware’s initial network intrusions has been extradited to the U.S., marking a major step in global efforts against ransomware operations. ...
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
News
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
Andrew Doyle June 19, 2025
A data breach at Episource has compromised the personal and medical information of over 5.4 million individuals in a targeted January 2025 cyberattack.
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
News
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
Andrew Doyle June 19, 2025
Veeam patched a critical RCE flaw (CVE-2025-23121) allowing domain users to hijack backup servers, risking ransomware exploitation in misconfigured enterprise environments.
Predatory Sparrow Drains and Burns $90M in Cyberattack on Iran’s Nobitex Exchange
News
Predatory Sparrow Drains and Burns $90M in Cyberattack on Iran’s Nobitex Exchange
Mitchell Langley June 19, 2025
Predatory Sparrow claims responsibility for a politically motivated cyberattack on Iran’s Nobitex exchange, draining and burning over $90 million in unusable cryptocurrency.
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
News
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
Mitchell Langley June 19, 2025
BeyondTrust patched a critical vulnerability (CVE-2025-5309) in its Remote Support software that allowed unauthenticated attackers to gain full remote code execution on servers.
Cybersecurity
Threat Actors Are Ramping Up Microsoft Teams Exploitation for Network Access
Gabby Lee April 21, 2026
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
Cybersecurity
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
Gabby Lee April 21, 2026
News
Seiko USA Faces Ransom Threat After Website Defacement
Mitchell Langley April 21, 2026
Autovista Battles Ransomware Attack Across Europe and Australia
Cybersecurity
Autovista Battles Ransomware Attack Across Europe and Australia
Gabby Lee April 16, 2026

TOP CYBERSECURITY HEADLINES

CVE Vulnerability Alerts
Severe Command Injection Flaw Discovered in SGLang
Cybersecurity
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
News
Seiko USA Faces Ransom Threat After Website Defacement
Cybersecurity
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist

This Week’s Security Spotlight

Application Security
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Mitchell Langley April 21, 2026
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Cybersecurity
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest
Andrew Doyle April 16, 2026
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Cybersecurity
Capsule Security Secures $7 Million to Protect AI Agents at Runtime
Gabby Lee April 16, 2026
France's Rising Kidnapping Cases Amid Crypto Extortion Schemes
Cybersecurity
France’s Rising Kidnapping Cases Amid Crypto Extortion Schemes
Mitchell Langley April 16, 2026
More In News
Trending
APT28 Deploys PRISMEX Malware Against Ukraine and Its Allies
Newly Discovered UAT-10362 Threat Cluster Aims at Taiwanese NGOs
New Extortion Crew Uses Phishing to Breach High-Value Corporations
Bogus Traffic Violation Text Scam Targeting Americans

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
The Siemens-Microsoft Antivirus Dilemma Threatening OT Security
June 25, 2025
Podcasts
Prometei Botnet’s Global Surge: A Threat to Linux and Windows Systems Alike
June 25, 2025
Podcasts
Patient Trust on the Line: The Fallout from McLaren Health Care’s 2024 Breach
June 24, 2025

Cyber Security News

Microsoft Acknowledges Issues With Outlook Encryption Feature
Application Security
Microsoft Acknowledges Issues With Outlook Encryption Feature
January 7, 2026
Stalkerware Vendor's Guilty Plea A Rare Legal Victory in Consumer Spyware Prosecution
Cybersecurity
Stalkerware Vendor’s Guilty Plea: A Rare Legal Victory in Consumer Spyware Prosecution
January 7, 2026
The Influence of Security Advice and Accountability in Cybersecurity
Blog
The Influence of Security Advice and Accountability in Cybersecurity
January 7, 2026
Chrome Extensions Masquerading as AITOPIA Pose Risk
Application Security
Chrome Extensions Masquerading as AITOPIA Pose Risk
January 7, 2026
Microsoft Alters Exchange Online User Email Limitations After Customer Pushback
Cybersecurity
Microsoft Alters Exchange Online User Email Limitations After Customer Pushback
January 7, 2026
European Space Agency Confronts Repeated Data Breaches with Legal Action
Data Security
European Space Agency Confronts Repeated Data Breaches with Legal Action
January 7, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Approov Secures £5M to Fortify Mobile App and API Security Against AI-Driven Threats
August 5, 2025
In a major step for mobile and API cybersecurity, Approov, the Edinburgh-based security firm specializing in real-time mobile attestation and API protection, has raised £5 ...
Pwn2Own Ireland 2025: $1M WhatsApp Exploit Bounty Raises the Stakes
August 5, 2025
This October, Pwn2Own Ireland 2025 will take over Cork with one of the most ambitious cybersecurity competitions yet. Co-sponsored by Meta and organized by Trend ...
FraudOnTok Malware Campaign Targets TikTok Shop Users Through Fake Apps and Phishing Tactics
August 5, 2025
CTM360 exposes the FraudOnTok campaign targeting TikTok Shop users through fake apps and phishing, using SparkKitty spyware to steal crypto wallet data and drain funds. ...
Palo Alto Networks to Acquire CyberArk in $25 Billion Deal to Strengthen Identity Security
August 5, 2025
Palo Alto Networks will acquire CyberArk for $25 billion to combine AI-powered security with identity and privilege controls, targeting evolving enterprise threats.
Chanel Confirms US Customer Data Breach Linked to Salesforce Social Engineering Attacks
August 5, 2025
Chanel confirms a U.S.-based data breach from Salesforce social engineering attacks, exposing contact details amid a broader extortion campaign targeting global enterprise brands.
CurXecute Prompt-Injection Flaw in Cursor IDE Enables Remote Code Execution
August 5, 2025
Cursor IDE’s CurXecute flaw lets malicious prompts escalate to remote code execution; Pi-hole donor emails leaked via GiveWP plugin misconfiguration. Patches released.
Ransomware Gangs Exploit Microsoft SharePoint Flaws in Widespread Attack Campaign
August 5, 2025
Ransomware groups are exploiting Microsoft SharePoint flaws in a global attack campaign, affecting over 148 organizations and linking to Chinese state-backed threat actors.
348,000 Patients Impacted in Mt. Baker Imaging Data Breach
August 5, 2025
A cyberattack on Mt. Baker Imaging exposed sensitive data for 348,000 Washington patients, including medical and financial records, triggering a class action lawsuit.
Everest Ransomware Group Claims Mailchimp but Experts Say Leak Is Minor and Unproven
August 5, 2025
Everest claims Mailchimp data breach, citing a small internal dataset; security insiders and Intuit report no evidence of systemic compromise.
Akira Ransomware Surges on SonicWall Devices Using Zero-Day and Credential Abuse
August 5, 2025
A sharp uptick in Akira ransomware activity is exploiting SonicWall remote access infrastructure, potentially via an unpatched zero-day. Akira Ransomware Campaign Intensifies Against SonicWall SSL ...
Attackers Abuse Link-Wrapping Services to Steal Microsoft 365 Credentials
August 5, 2025
Attackers hijack Proofpoint and Intermedia link-wrapping to hide Microsoft 365 phishing pages, using compromised protected accounts to harvest login credentials.
Nvidia Triton Inference Server Vulnerabilities Expose AI Infrastructure to Attack
August 4, 2025
A major warning has hit the AI community: Nvidia’s Triton Inference Server — one of the most widely used open-source platforms for deploying and scaling ...
CISA & FEMA Release $100M in Cybersecurity Grants to Strengthen State, Local, and Tribal Defenses
August 4, 2025
The U.S. Department of Homeland Security, through CISA and FEMA, has announced over $100 million in new cybersecurity grant funding for Fiscal Year 2025 — ...
350,000 Patient Records Exposed: Inside the Northwest Radiologists Data Breach
August 4, 2025
In this episode, we investigate the Northwest Radiologists data breach, a devastating cyberattack that compromised the personal and medical information of approximately 350,000 patients in ...
AI Jailbreaks on the Rise: How Hackers Are Extracting Training Data from LLMs
August 4, 2025
In this episode, we examine the rapidly growing threat of AI jailbreaks — a cybersecurity challenge reshaping the landscape of large language models (LLMs) and ...
DragonForce Ransomware – Hacktivist Turned Cybercriminal Enterprise
August 4, 2025
DragonForce is a ransomware and data extortion group that evolved from a pro-Palestinian hacktivist collective into a financially motivated cybercriminal enterprise.
Hackers Target Python Developers With Phishing Campaign Using Fake PyPI Site
August 3, 2025
A phishing attack is targeting Python developers with fake PyPI login prompts to steal credentials and potentially distribute malware via compromised Python packages.
Mastering the Metasploit Framework: The Ultimate Guide to Exploits, Payloads, and Ethical Hacking
August 1, 2025
Explore the full potential of the Metasploit Framework for ethical hacking, penetration testing, and CVE exploitation with this complete, real-world guide for cybersecurity professionals.
Shadow IT in the Enterprise: Risks You Didn’t Know You Had
July 31, 2025
Unmanaged SaaS and shadow IT applications silently open dangerous security gaps. Discover how enterprise teams can detect, control, and protect against these invisible but growing ...
Critical Honeywell Experion PKS Vulnerabilities Threaten Global Industrial Control Systems
July 31, 2025
In this episode, we analyze the multiple vulnerabilities recently disclosed in Honeywell’s Experion Process Knowledge System (PKS), a widely deployed industrial control and automation solution ...
Anthropic’s Claude Desktop Unauthorized Installations Raise EU Law Compliance Concerns
Severe Command Injection Flaw Discovered in SGLang
Serial-to-IP Converter Flaws in Lantronix and Silex Products Put Critical Systems at Risk
Seiko USA Faces Ransom Threat After Website Defacement
Scottish Man Pleads Guilty in $8 Million Cryptocurrency Heist
Cyberattacks Are Outpacing MSP and Corporate Defenses
Huntress Identifies Active Exploitation of Microsoft Defender Vulnerabilities
Lawmakers’ Concerns About AI Include Worries of Potential ‘Destruction’
Microsoft Edge Update Introduces Bug Affecting Microsoft Teams Chats
Threat Actors Repurpose Tycoon 2FA Tools in New Phishing Schemes
Attackers Exploit Three Zero-Day Flaws in Microsoft Defender to Gain Elevated Access
Vercel Suffers Security Breach as Threat Actors Attempt to Sell Stolen Data
AI Security Challenges: Vendors’ Dual Messaging Raises Questions
NIST Alters Approach to Vulnerability Assessments, Ceasing Severity Scores for Lower-Priority Issues
Phishing Scams Are Now Exploiting Apple’s Trusted Email Servers
Hackers Target Trucking and Logistics Firms in Organized Crime-Linked Cyber Campaign
Critical Nginx-UI Vulnerability Lets Attackers Seize Full Server Control
Digitally Signed Adware Disables Antivirus Across Multiple Sectors
Cybercriminals Are Weaponizing n8n to Launch Phishing Attacks
Microsoft Awards $2.3 Million to Researchers in Zero Day Quest Hacking Contest