Main Menu
Cyber Security
RansomHouse Breaches Trellix; Source Code Repositories Accessed
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
Germany, Spain Dismantle Rebooted Crimenetwork, Arrest Operator
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks
cPanel and WHM Patch Three CVEs, Two Rated High Severity
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Fake Claude AI Site Delivers New Beagle Windows Backdoor
RCE, MCP OAuth Hijack, and Prompt Injection Found in Claude Dev Tools
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
Virginia Contractor Convicted for Destroying Federal Databases
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Two Americans Jailed for Running North Korean IT Worker Laptop Farms
GothFerrari Gets 6.5 Years for $250M Crypto Home-Invasion Theft Ring
DAEMON Tools Build Breach Spread Three-Stage Backdoor for 27 Days
PamDOORa Linux PAM Backdoor Sold for $1,600, Grants Covert SSH Access
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Nefilim Affiliate Stryzhak Sentenced in U.S. for Ransomware Campaign
Trend Micro: QLNX Implant Targets Developers for Supply Chain Attacks
MetInfo CVE-2026-29014 Exploited – Unauthenticated PHP Code Injection
FTC Bans Data Broker Kochava from Selling Americans Location Data
Apache CVE-2026-23918 Enables DoS and RCE in HTTP/2 — Patch to 2.4.67
China-Linked UAT-8302 Targets Governments in South America and Europe
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
News
Russia-Linked Hackers Deploy Sophisticated Social Engineering Attack and Evade MFA
Mitchell Langley June 24, 2025
Russian state-sponsored hackers targeted a critic of the Kremlin using a novel social engineering tactic that tricked the victim into bypassing multi-factor authentication protections.
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
News
16 Billion Passwords Exposed in Record-Breaking Breach: A Deep Dive into the Data Leak That Affects Everyone
Andrew Doyle June 24, 2025
A massive breach has exposed 16 billion login credentials, potentially affecting services like Facebook, Google, and Apple. This fresh infostealer data opens the door to ...
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
News
APT28 Hackers Use Signal to Target Ukraine with New Malware Families BeardShell and SlimAgent
Andrew Doyle June 24, 2025
Russian threat group APT28 is using Signal messages to deliver new malware—BeardShell and SlimAgent—targeting Ukrainian government entities through sophisticated phishing and loader tactics.
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
News
Anubis Ransomware Gang Claims 64GB Disneyland Paris Leak in Alleged Construction Data Breach
Mitchell Langley June 24, 2025
Anubis ransomware group claims to hold 64GB of Disneyland Paris data, including engineering plans and behind-the-scenes content, though the source and sensitivity remain unclear.
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
News
McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals
Mitchell Langley June 24, 2025
McLaren Health Care has suffered a major data breach, exposing sensitive personal and medical data of 743,000 individuals, following a history of ransomware incidents.
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
News
Oxford City Council Cyberattack Exposes Two Decades of Election Worker Data
Andrew Doyle June 24, 2025
Oxford City Council has confirmed a cybersecurity breach involving legacy systems, exposing election worker data from 2001 to 2022 after detecting unauthorized access to its ...
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
News
Aflac Confirms Data Breach Amid Rising Wave of Scattered Spider Attacks on U.S. Insurance Industry
Andrew Doyle June 24, 2025
Insurance giant Aflac has confirmed a breach involving sensitive personal and health data, part of a broader wave of attacks linked to the Scattered Spider ...
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
News
BitoPro Exchange Ties $11 Million Crypto Theft to North Korea’s Lazarus Group
Mitchell Langley June 24, 2025
Taiwan-based crypto exchange BitoPro has linked the $11 million theft from its platform to the North Korean Lazarus Group, citing attack similarities and forensic evidence. ...
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
News
Ryuk Ransomware Operator Extradited to the U.S. After FBI-Led Global Investigation
Andrew Doyle June 19, 2025
A key figure behind Ryuk ransomware’s initial network intrusions has been extradited to the U.S., marking a major step in global efforts against ransomware operations. ...
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
News
Episource Data Breach Exposes Health Information of 5.4 Million U.S. Patients
Andrew Doyle June 19, 2025
A data breach at Episource has compromised the personal and medical information of over 5.4 million individuals in a targeted January 2025 cyberattack.
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
News
New Veeam RCE Vulnerability Allows Domain Users to Compromise Backup Servers
Andrew Doyle June 19, 2025
Veeam patched a critical RCE flaw (CVE-2025-23121) allowing domain users to hijack backup servers, risking ransomware exploitation in misconfigured enterprise environments.
Predatory Sparrow Drains and Burns $90M in Cyberattack on Iran’s Nobitex Exchange
News
Predatory Sparrow Drains and Burns $90M in Cyberattack on Iran’s Nobitex Exchange
Mitchell Langley June 19, 2025
Predatory Sparrow claims responsibility for a politically motivated cyberattack on Iran’s Nobitex exchange, draining and burning over $90 million in unusable cryptocurrency.
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
News
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Support Software
Mitchell Langley June 19, 2025
BeyondTrust patched a critical vulnerability (CVE-2025-5309) in its Remote Support software that allowed unauthenticated attackers to gain full remote code execution on servers.
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
News
Viasat Confirms Salt Typhoon Espionage Hack in 2024 U.S. Telecom Cyber Campaign
Mitchell Langley June 18, 2025
China-backed Salt Typhoon breached Viasat in a broader espionage campaign against U.S. telecoms ahead of the 2024 election, targeting both government and private networks.
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
News
Freedman Healthcare Hit by World Leaks Ransomware, Impacts 27 U.S. State Public Health Agencies
Mitchell Langley June 18, 2025
A World Leaks ransomware attack on Freedman Healthcare may expose over 42,000 sensitive files. The health tech firm supports data systems for 27 U.S. state ...
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
News
TP-Link Router Vulnerabilities Actively Exploited by Hackers, CISA Urges Immediate Disconnection
Andrew Doyle June 18, 2025
CISA warns of active exploitation targeting outdated TP-Link routers with command injection flaws. Users and federal agencies must act fast to avoid security breaches.
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
News
Scattered Spider Suspected in Erie Indemnity Attack as Insurance Sector Faces New Cyber Threat
Andrew Doyle June 18, 2025
Scattered Spider may have pivoted from retail to insurance, with Erie Indemnity likely its first U.S. victim. Experts urge insurers to prepare for advanced phishing ...
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
News
EDRi Calls for Complete Spyware Ban Across EU to Protect Democracy and Digital Rights
Mitchell Langley June 18, 2025
EDRi is calling for a full ban on spyware in the EU, warning that unchecked surveillance software threatens human rights, democratic institutions, and cybersecurity.
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
News
Washington Post Email Accounts Hacked in Suspected Nation-State Cyberattack
Andrew Doyle June 17, 2025
Several Washington Post journalists’ Microsoft email accounts were compromised in a cyberattack believed to be the work of a foreign government targeting national security reporting. ...
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
News
Hackers Shift Focus to U.S. Insurance Sector, Mimic Scattered Spider Playbook
Mitchell Langley June 17, 2025
Cybercriminals are now targeting the U.S. insurance sector with Scattered Spider-style tactics—experts warn of imminent threats involving phishing, SIM swapping, and MFA abuse.
Application Security
CVE-2026-7482 in Ollama Exposes 300,000 AI Servers to Memory Leaks
Gabby Lee May 11, 2026
Cybersecurity
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
Andrew Doyle May 11, 2026
Cybersecurity
RansomHouse Breaches Trellix; Source Code Repositories Accessed
Mitchell Langley May 11, 2026
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Cybersecurity
Sygnia Responder, DigitalMint Negotiator Sentenced for BlackCat Role
Andrew Doyle May 6, 2026

TOP CYBERSECURITY HEADLINES

Cybersecurity
RansomHouse Breaches Trellix; Source Code Repositories Accessed
Application Security
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
Cybersecurity
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
Cybersecurity
Germany, Spain Dismantle Rebooted Crimenetwork, Arrest Operator

This Week’s Security Spotlight

Cybersecurity
NVIDIA GeForce NOW Breach Exposes Armenian Users’ Data
Andrew Doyle May 11, 2026
Application Security
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
Andrew Doyle May 11, 2026
Cybersecurity
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
Gabby Lee May 11, 2026
Kaspersky DAEMON Tools Backdoored in Supply Chain Attack
Cybersecurity
Kaspersky: DAEMON Tools Backdoored in Supply Chain Attack
Mitchell Langley May 6, 2026
More In News
Trending
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Microsoft: AiTM Phishing Hit 35,000 Users in 26 Countries
HR Emails Are the New Phishing Bait — And MFA Won’t Save You
Tax Season Never Really Ends for Hackers

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
The Nucor Cyberattack: How Ransomware Threatens American Steel
June 23, 2025
Podcasts
Inside the $225M Crypto Seizure: How Law Enforcement Traced Illicit Funds Across Borders
June 22, 2025
Podcasts
Inside CVE-2025-23121: Veeam RCE Flaw Opens Door to Ransomware
June 22, 2025

Cyber Security News

Adobe's Latest Security Patches Address Critical Vulnerabilities in ColdFusion
Application Security
Adobe’s Latest Security Patches Address Critical Vulnerabilities in ColdFusion
January 14, 2026
Central Maine Healthcare Data Breach Sensitive Information of Over 145,000 at Risk
Data Security
Central Maine Healthcare Data Breach: Sensitive Information of Over 145,000 at Risk
January 14, 2026
Microsoft Enhances Secure Boot Certificates for Windows 11
Application Security
Microsoft Enhances Secure Boot Certificates for Windows 11
January 14, 2026
CISO Strategies for 2026 Navigating Future Cybersecurity Challenges
Cybersecurity
CISO Strategies for 2026: Navigating Future Cybersecurity Challenges
January 13, 2026
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
Cybersecurity
University of Hawaii Ransomware Attack Leads to Data Breach at Cancer Center
January 13, 2026
Implementing Access Reviews to Enhance Security in Microsoft 365
Application Security
Implementing Access Reviews to Enhance Security in Microsoft 365
January 13, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
348,000 Patients Impacted in Mt. Baker Imaging Data Breach
August 5, 2025
A cyberattack on Mt. Baker Imaging exposed sensitive data for 348,000 Washington patients, including medical and financial records, triggering a class action lawsuit.
Everest Ransomware Group Claims Mailchimp but Experts Say Leak Is Minor and Unproven
August 5, 2025
Everest claims Mailchimp data breach, citing a small internal dataset; security insiders and Intuit report no evidence of systemic compromise.
Akira Ransomware Surges on SonicWall Devices Using Zero-Day and Credential Abuse
August 5, 2025
A sharp uptick in Akira ransomware activity is exploiting SonicWall remote access infrastructure, potentially via an unpatched zero-day. Akira Ransomware Campaign Intensifies Against SonicWall SSL ...
Attackers Abuse Link-Wrapping Services to Steal Microsoft 365 Credentials
August 5, 2025
Attackers hijack Proofpoint and Intermedia link-wrapping to hide Microsoft 365 phishing pages, using compromised protected accounts to harvest login credentials.
Nvidia Triton Inference Server Vulnerabilities Expose AI Infrastructure to Attack
August 4, 2025
A major warning has hit the AI community: Nvidia’s Triton Inference Server — one of the most widely used open-source platforms for deploying and scaling ...
CISA & FEMA Release $100M in Cybersecurity Grants to Strengthen State, Local, and Tribal Defenses
August 4, 2025
The U.S. Department of Homeland Security, through CISA and FEMA, has announced over $100 million in new cybersecurity grant funding for Fiscal Year 2025 — ...
350,000 Patient Records Exposed: Inside the Northwest Radiologists Data Breach
August 4, 2025
In this episode, we investigate the Northwest Radiologists data breach, a devastating cyberattack that compromised the personal and medical information of approximately 350,000 patients in ...
AI Jailbreaks on the Rise: How Hackers Are Extracting Training Data from LLMs
August 4, 2025
In this episode, we examine the rapidly growing threat of AI jailbreaks — a cybersecurity challenge reshaping the landscape of large language models (LLMs) and ...
DragonForce Ransomware – Hacktivist Turned Cybercriminal Enterprise
August 4, 2025
DragonForce is a ransomware and data extortion group that evolved from a pro-Palestinian hacktivist collective into a financially motivated cybercriminal enterprise.
Hackers Target Python Developers With Phishing Campaign Using Fake PyPI Site
August 3, 2025
A phishing attack is targeting Python developers with fake PyPI login prompts to steal credentials and potentially distribute malware via compromised Python packages.
Mastering the Metasploit Framework: The Ultimate Guide to Exploits, Payloads, and Ethical Hacking
August 1, 2025
Explore the full potential of the Metasploit Framework for ethical hacking, penetration testing, and CVE exploitation with this complete, real-world guide for cybersecurity professionals.
Shadow IT in the Enterprise: Risks You Didn’t Know You Had
July 31, 2025
Unmanaged SaaS and shadow IT applications silently open dangerous security gaps. Discover how enterprise teams can detect, control, and protect against these invisible but growing ...
Critical Honeywell Experion PKS Vulnerabilities Threaten Global Industrial Control Systems
July 31, 2025
In this episode, we analyze the multiple vulnerabilities recently disclosed in Honeywell’s Experion Process Knowledge System (PKS), a widely deployed industrial control and automation solution ...
Minnesota Deploys National Guard Cyber Unit Following Major Cyberattack on St. Paul City Systems
July 31, 2025
Minnesota activates the National Guard’s cyber unit after a cyberattack cripples St. Paul’s municipal systems, prompting emergency declarations and a multi-agency response.
Tea App Disables Messaging After Second Breach Exposes Over One Million Private Conversations
July 31, 2025
Tea app disables messaging after two breaches: 72,000 verification images leaked, then 1.1 million private messages exposed; FBI and security firms investigating.
ShinyHunters Behind Salesforce-Related Data Breaches at Qantas, Allianz Life, LVMH
July 31, 2025
ShinyHunters targets Salesforce users at Qantas, Allianz, and LVMH in voice phishing attacks to steal customer data and conduct private extortion campaigns.
RiteCheck Confirms Data Breach Affecting Nearly 70,000 Customers and Employees
July 31, 2025
RiteCheck has disclosed a 2023 data breach impacting nearly 70,000 people, exposing Social Security numbers, payment card data, and IDs after an 11-month delay.
Auto-Color Linux Malware Exploits SAP Zero-Day CVE-2025-31324
July 31, 2025
In this episode, we uncover the Auto-Color Linux malware, a stealthy and highly persistent Remote Access Trojan (RAT) that is rapidly emerging as one of ...
Inside the July 2025 PyPI Phishing Scam: How Hackers Stole Developer Credentials
July 31, 2025
In this episode, we investigate the growing cybersecurity storm targeting the Python Package Index (PyPI) — the backbone of Python’s software distribution ecosystem. A recent ...
IoT Security Crisis: Dahua Smart Camera Vulnerabilities Expose Surveillance Systems
July 31, 2025
In this episode, we examine the alarming discovery of critical security vulnerabilities in Dahua smart cameras, one of the world’s most widely deployed surveillance systems. ...
RansomHouse Breaches Trellix; Source Code Repositories Accessed
Fake OpenAI Repo Trended on Hugging Face Before Malware Found
MacSync Infostealer Weaponizes Google Ads and Claude.ai Chats
Germany, Spain Dismantle Rebooted Crimenetwork, Arrest Operator
TCLBanker Trojan Spreads via WhatsApp and Outlook, Hits 59 Banks
cPanel and WHM Patch Three CVEs, Two Rated High Severity
Twelve Critical vm2 Vulnerabilities Allow Node.js Sandbox Escape
Fake Claude AI Site Delivers New Beagle Windows Backdoor
RCE, MCP OAuth Hijack, and Prompt Injection Found in Claude Dev Tools
“Dirty Frag” Zero-Day Grants Root Access on Most Linux Distributions
Zara Data Breach Exposes Personal Data of More Than 197,000 Customers
Nation-State Actors Exploited PAN-OS CVE-2026-0300 for Nearly a Month
Actively Exploited Ivanti EPMM CVE-2026-6973 Added to CISA KEV
ZiChatBot Backdoor Uses Zulip API as C2 in PyPI Supply Chain Attack
TCLBanker Trojan Spread via Fake Logitech Installers Hits 59 Platforms
Quasar Linux RAT Hijacks Developer Systems to Compromise Supply Chains
PCPJack Malware Exploits Five CVEs to Worm Across Cloud Environments
Virginia Contractor Convicted for Destroying Federal Databases
ACSC Warns of Active ClickFix Campaigns Delivering Vidar Stealer
Two Americans Jailed for Running North Korean IT Worker Laptop Farms