Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Trinity Ransomware: The Enigma of the .trinitylock
Resources
Trinity Ransomware: The Enigma of the .trinitylock
Andrew Doyle March 4, 2025
Overview: Known Aliases of Trinity Ransomware: Trinity Ransomware. Possible links to 2023Lock and Venus ransomware, implying potential shared infrastructure or ...
Freddie Mac Data Breach: Social Security Numbers Compromised
News
Freddie Mac Data Breach: Social Security Numbers Compromised
Andrew Doyle March 3, 2025
Freddie Mac confirms a significant data breach exposing customer names and Social Security numbers. The extent of the breach and its cause remain under investigation. ...
Belgian Intelligence Service Breach: Chinese Hackers Under Investigation
News
Belgian Intelligence Service Breach: Chinese Hackers Under Investigation
Andrew Doyle March 3, 2025
Belgian authorities investigate a potential Chinese state-sponsored cyberattack on its State Security Service (VSSE), compromising sensitive data and emails between 2021 and 2023. The breach ...
Via Credit Union Data Breach Impacts Thousands: Indiana Credit Unions Face Cybersecurity Challenges
News
Via Credit Union Data Breach Impacts Thousands: Indiana Credit Unions Face Cybersecurity Challenges
Mitchell Langley March 3, 2025
Via Credit Union suffered a significant data breach affecting over 60,000 members, exposing sensitive personal and financial data. Interra Credit Union also experienced a smaller ...
Angel One Data Leak: AWS Breach Exposes User Data
News
Angel One Data Leak: AWS Breach Exposes User Data
Andrew Doyle March 3, 2025
Angel One, a leading stockbroking firm, suffered a data leak. Unauthorized access to AWS resources exposed client data. An investigation is underway.
This Week In Cybersecurity: 24th February to 28th February
Cybersecurity Newsletter
This Week In Cybersecurity: 24th February to 28th February
Mitchell Langley March 3, 2025
Explore the latest cybersecurity incidents, including the EncryptHub ransomware affecting 618 organizations, a Jasper network breach, and the $1.5 billion Bybit hack. Southern Water faced ...
State of Code Security in 2025: A Wiz Report Reveals Critical Vulnerabilities
News
State of Code Security in 2025: A Wiz Report Reveals Critical Vulnerabilities
Mitchell Langley March 3, 2025
Wiz's 2025 State of Code Security Report exposes alarming vulnerabilities in code repositories: 61% of organizations have secrets exposed in public repositories, leaving sensitive data ...
Serbian Police Exploit Cellebrite Zero-Day to Unlock Android Phones
News
Serbian Police Exploit Cellebrite Zero-Day to Unlock Android Phones
Andrew Doyle March 3, 2025
Serbian authorities exploited Cellebrite's zero-day Android vulnerabilities (CVE-2024-53104, CVE-2024-53197, CVE-2024-50302) to unlock a phone, raising serious security concerns for enterprises.
Ransomware Groups Use BYOVD Attacks Exploiting Paragon Partition Manager Bug
News
Ransomware Groups Use BYOVD Attacks Exploiting Paragon Partition Manager Bug
Andrew Doyle March 3, 2025
Critical Paragon Partition Manager vulnerabilities are being exploited in BYOVD attacks, allowing ransomware gangs SYSTEM-level access and execution of malicious code. Urgent patching is advised. ...
Major Data Breach Exposes 33,000+ Users of Flat Earth Zodiac App
News
Major Data Breach Exposes 33,000+ Users of Flat Earth Zodiac App
Andrew Doyle March 3, 2025
A significant data breach impacting the "Flat Earth Sun, Moon and Zodiac" mobile application has exposed the personal information of over 33,000 users. This incident ...
Akira Ransomware: The Extortion Ghost in a Shell
Resources
Akira Ransomware: The Extortion Ghost in a Shell
Andrew Doyle March 2, 2025
Akira has targeted a range of organizations, including universities (Stanford), major IT service providers (Tietoevry), and numerous businesses across various sectors. Critical infrastructure, including healthcare ...
EncryptHub Ransomware and Infostealer Campaign Targets 618 Organizations Globally
News
EncryptHub Ransomware and Infostealer Campaign Targets 618 Organizations Globally
Andrew Doyle February 27, 2025
EncryptHub Breach Affects 618 Organizations Hit Using Infostealers and Ransomware
Genea IVF Data Breach Claimed by Termite Ransomware Gang
News
Genea IVF Data Breach Claimed by Termite Ransomware Gang
Mitchell Langley February 27, 2025
Australian IVF provider Genea suffered a major data breach. The Termite ransomware gang stole 940GB of sensitive patient data. This includes medical histories, personal details, ...
Lazarus Group Stole $1.5 Billion in Bybit Hack by Exploiting a Safe{Wallet} Developer Machine
News
Lazarus Group Stole $1.5 Billion in Bybit Hack by Exploiting a Safe{Wallet} Developer Machine
Mitchell Langley February 27, 2025
Lazarus hackers stole $1.5 billion from Bybit by compromising a Safe{Wallet} developer machine. The attack involved malicious JavaScript, highlighting vulnerabilities in multisig wallet platforms.
Black Basta Ransomware Costs Southern Water £4.5 Million
News
Black Basta Ransomware Costs Southern Water £4.5 Million
Andrew Doyle February 27, 2025
Southern Water reveals a £4.5 million cost from a Black Basta ransomware attack in February 2024. The attack, while not impacting operations, triggered significant expenses ...
Jasper Network Breach: City Investigates Cybersecurity Incident
News
Jasper Network Breach: City Investigates Cybersecurity Incident
Mitchell Langley February 27, 2025
Jasper, Alabama, is investigating a network security breach. Experts are working to determine the extent of the unauthorized access. No personal data is believed compromised.
GitVenom Malware Campaign Targets Crypto Users via GitHub
News
GitVenom Malware Campaign Targets Crypto Users via GitHub
Mitchell Langley February 26, 2025
The GitVenom malware campaign uses hundreds of compromised GitHub repositories to distribute info-stealers, RATs, and clipboard hijackers, stealing cryptocurrency and credentials.
Auto-Color Linux Backdoor Malware Targets Governments and Universities
News
Auto-Color Linux Backdoor Malware Targets Governments and Universities
Andrew Doyle February 26, 2025
A new, highly evasive Auto-Color Linux backdoor targets North American and Asian governments and universities. The malware uses custom encryption and rootkit-like features for persistence.
Data Breach at DISA Impacts 3.3 Million Compromising Social Security Numbers and Financial Data
News
Data Breach at DISA Impacts 3.3 Million Compromising Social Security Numbers and Financial Data
Mitchell Langley February 26, 2025
DISA Global Solutions, a US drug testing firm, suffered a data breach exposing the sensitive data of 3.3 million individuals. Social Security numbers and financial ...
Have You Been Pwned As Well? The Data Breach Notification Service Adds 284 Million Accounts as Stolen by Infostealer Malware
News
Have You Been Pwned As Well? The Data Breach Notification Service Adds 284 Million Accounts as Stolen by Infostealer Malware
Andrew Doyle February 26, 2025
Have I Been Pwned added 284 million accounts compromised by infostealer malware found on a Telegram channel. The breach includes emails, passwords, and website data.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
The Nucor Cyberattack: How Ransomware Threatens American Steel
June 23, 2025
Podcasts
Inside the $225M Crypto Seizure: How Law Enforcement Traced Illicit Funds Across Borders
June 22, 2025
Podcasts
Inside CVE-2025-23121: Veeam RCE Flaw Opens Door to Ransomware
June 22, 2025

Cyber Security News

Intel Engineer Allegedly Walks off With 18,000 Confidential Files in Data Theft Lawsuit
Information Security
Intel Engineer Allegedly Walks off With 18,000 Confidential Files in Data Theft Lawsuit
November 11, 2025
AI Startups Leak Cloud Secrets on GitHub, Exposing Model Data
Data Security
AI Startups Leak Cloud Secrets on GitHub, Exposing Model Data
November 11, 2025
Critical Vulnerability in 'expr-eval' Library Enables Remote Code Execution
Application Security
Critical Vulnerability in ‘expr-eval’ Library Enables Remote Code Execution
November 11, 2025
Russian Initial Access Broker Pleads Guilty in Yanluowang Ransomware Campaign
Cybersecurity
Russian Initial Access Broker Pleads Guilty in Yanluowang Ransomware Campaign
November 11, 2025
Firefox 145 Brings Major Privacy Upgrade to Defend Against Fingerprinting
Application Security
Firefox 145 Brings Major Privacy Upgrade to Defend Against Fingerprinting
November 11, 2025
Triofox CVE-2025-12480 Exploited in Attacks Despite Available Patch
CVE Vulnerability Alerts
Triofox CVE-2025-12480 Exploited in Attacks Despite Available Patch
November 11, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
$21M Seized and DanaBot, Qakbot, and Bumblebee Disrupted in Operation Endgame Takedown
May 23, 2025
In this episode, we break down the latest and most impactful phase of Operation Endgame, the international law enforcement campaign targeting the backbone of the ...
From TikTok to Total Compromise: The Rise of Social Media Infostealers
May 23, 2025
In this episode, we dive into the alarming surge of infostealer malware campaigns leveraging social media platforms, particularly TikTok, as their distribution vector. Threat actors ...
BlackLock Ransomware Group Claims Breach of Toho, But Evidence Falls Short
May 23, 2025
Cybercriminal group BlackLock claims to have breached Japanese film giant Toho, but researchers found no credible data, casting doubt on the authenticity of the attack. ...
Chinese Hackers Exploit Ivanti EPMM Zero-Day to Breach Government Agencies
May 23, 2025
Chinese hackers exploited a zero-day flaw in Ivanti EPMM to breach global government systems. Immediate patching and security monitoring are strongly advised.
Coca-Cola Investigates Alleged Data Breach Tied to Everest Ransomware Group
May 23, 2025
Hackers from the Everest group claim to have leaked Coca-Cola employee and HR data, including PII and internal documents, potentially tied to a Middle East ...
iOS Sleep App Exposes Personal and Health Data of Over 25,000 Users
May 23, 2025
Sleep Journey iOS app exposed over 25,000 users' personal and health data due to a misconfigured Firebase database, posing significant privacy and security risks.
Chinese Hackers Exploit Cityworks Zero-Day to Breach U.S. Local Government Systems
May 23, 2025
Hackers from the Everest group claim to have leaked Coca-Cola employee and HR data, including PII and internal documents, potentially tied to a Middle East ...
Kettering Health Breached: What the Interlock Ransomware Group Did and Why It Matters
May 22, 2025
In this episode, we dive into the ransomware attack that struck Kettering Health, a major healthcare provider, and the evolving tactics of the Interlock ransomware ...
Deepfake Threats, Mobile Biometrics, and the Future of Trust
May 22, 2025
As digital deception evolves, so must our defenses. In this episode, we dive deep into the escalating battle for trust in our increasingly connected world. ...
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
May 22, 2025
Quantum hacking is no longer science fiction. This in-depth guide explores post-quantum security, quantum-resistant cryptography, and how to protect your business from future cyber threats.
Russian APT28 Hackers Target Ukraine Aid Operations Through Global Espionage Campaign
May 22, 2025
Russian APT28 hackers have targeted international aid operations to Ukraine since 2022, using cyber espionage to monitor, disrupt, and exfiltrate data from key sectors.
Marks & Spencer Projects $402 Million Profit Loss After Cyberattack Disrupts Operations
May 22, 2025
Marks & Spencer faces a $402 million profit hit following a cyberattack linked to Scattered Spider, disrupting sales and operations and exposing customer data.
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
May 22, 2025
Kettering Health canceled elective procedures after a ransomware-linked outage. Interlock ransomware group is suspected. Emergency services remain operational, but threat actors may leak stolen data. ...
3AM Ransomware Operators Use Spoofed IT Calls, Email Bombing for Network Breaches
May 22, 2025
The 3AM ransomware gang exploits spoofed IT support calls and email bombing to socially engineer remote access, targeting corporate networks in stealthy credential-based breaches.
Global Crackdown Dismantles Lumma Infostealer Malware Network, Seizes 2,300 Domains
May 22, 2025
Authorities and private sector partners have dismantled the infrastructure of the Lumma Infostealer malware, a dominant player in the malware-as-a-service (MaaS) ecosystem.
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
May 22, 2025
Over 100 Malicious Chrome Extensions Found Stealing User Data Through Spoofed VPN and Productivity Tools
EU Sanctions Stark Industries and Leadership for Supporting Russian Cyber Operations
May 22, 2025
The EU has sanctioned Stark Industries and its leadership for enabling Russian cyber operations, disinformation, and infrastructure support used in attacks against European interests.
119,000 ICS Devices Exposed: The Internet’s Hidden Infrastructure Risk
May 22, 2025
In this episode, we dive into a growing cybersecurity crisis: the exposure of Industrial Control Systems (ICS) on the public internet. These systems power our ...
Serviceaide Data Leak Exposes Health Records of Over 480,000 Catholic Health Patients
May 21, 2025
Serviceaide exposed over 480,000 Catholic Health patients' records due to a misconfigured Elasticsearch database, putting sensitive personal and medical data at risk.
Coinbase Data Breach Exposes Personal Information of 69,461 Customers in Contractor-Driven Incident
May 21, 2025
Coinbase confirms a data breach involving overseas contractors that exposed personal and financial information of 69,461 users, prompting fears of social engineering and financial fraud. ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited