Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Orange Group Confirms Data Breach, Hacker Leaks Internal Documents
News
Orange Group Confirms Data Breach, Hacker Leaks Internal Documents
Mitchell Langley February 25, 2025
A hacker leaked thousands of Orange Group's internal documents. The breach compromised user records and employee data. Orange Group confirmed the incident.
Boys & Girls Clubs of Tennessee Valley Data Breach Exposes Sensitive Information
News
Boys & Girls Clubs of Tennessee Valley Data Breach Exposes Sensitive Information
Andrew Doyle February 25, 2025
The Boys & Girls Clubs of the Tennessee Valley experienced a data breach between November 19-23, 2024, exposing personal data including Social Security numbers and ...
IT Service Provider Hack in Russia Puts Financial Sector on High Alert
News
IT Service Provider Hack in Russia Puts Financial Sector on High Alert
Mitchell Langley February 25, 2025
Russia's financial sector faces a significant threat after a major IT service provider, LANIT, was hacked. Authorities urge password and credential changes.
Lucent Health Data Breach: Law Firm Investigates Legal Claims
News
Lucent Health Data Breach: Law Firm Investigates Legal Claims
Andrew Doyle February 25, 2025
A data breach at Lucent Health exposed sensitive personal information, including Social Security numbers and medical records. The Murphy Law Firm is investigating legal claims ...
News
Genea IVF Clinic Data Leak: Medical Records, Addresses, and Phone Numbers at Risk
Mitchell Langley February 24, 2025
Genea, a major Australian IVF provider, suffered a data breach on February 14th. Sensitive patient data, including medical records and contact information, was compromised. The ...
CISA Warns of Craft CMS Code Injection Flaw
Cybersecurity
CISA Warns of Craft CMS Code Injection Flaw
Andrew Doyle February 24, 2025
CISA warns of an actively exploited Craft CMS code injection flaw (CVE-2025-23209), urging users to upgrade to patched versions 5.5.8 and 4.13.8 or later.
Vivifi Data Leak: Millions of Loan Applicants' Data Exposed
News
Vivifi Data Leak: Millions of Loan Applicants’ Data Exposed
Andrew Doyle February 24, 2025
A massive vivifi data leak exposed 36 million files containing sensitive personal data of Indian loan applicants, including passports and bank details, due to a ...
Bybit Hack: $1.5 Billion Ethereum Theft in Biggest Crypto Heist Ever
News
Bybit Hack: $1.5 Billion Ethereum Theft in Biggest Crypto Heist Ever
Mitchell Langley February 24, 2025
Hackers stole $1.5 billion in Ethereum from Bybit, the world's second-largest crypto exchange. The heist is the largest digital theft ever recorded. Bybit is offering ...
Cyber Attack on Rainbow District School Board Had Personal Data Stolen in Data Leak
News
Cyber Attack on Rainbow District School Board Had Personal Data Stolen in Data Leak
Mitchell Langley February 24, 2025
Rainbow District School Board confirms a cyber attack resulting in a data breach, exposing staff and student personal data, including social insurance numbers and bank ...
This Week In Cybersecurity: 17th February to 21st February
Cybersecurity Newsletter
This Week In Cybersecurity: 17th February to 21st February
Andrew Doyle February 21, 2025
This week highlights significant cybersecurity incidents, including the rise of BlackLock ransomware, a data breach at Insight Partners, and the emergence of FinalDraft malware. Stay ...
Chinese Hackers from Salt Typhoon Deploy Custom Malware in US Telecom Cyberespionage Campaign
News
Chinese Hackers from Salt Typhoon Deploy Custom Malware in US Telecom Cyberespionage Campaign
Mitchell Langley February 21, 2025
Chinese state-sponsored hackers, the Salt Typhoon group, used custom malware, JumbledPath, to infiltrate US telecom networks, stealing data and monitoring communications.
CISA and FBI Report Ghost Ransomware Breached 70 Countries
News
CISA and FBI Report Ghost Ransomware Breached 70 Countries
Mitchell Langley February 21, 2025
CISA and the FBI warn of a global Ghost ransomware attack impacting organizations across 70 countries, exploiting known vulnerabilities in various software and systems. Immediate ...
Black Basta Ransomware Data Leak Exposes Internal Communications and Targets
News
Black Basta Ransomware Data Leak Exposes Internal Communications and Targets
Andrew Doyle February 21, 2025
The Black Basta ransomware gang's internal chat logs leaked, exposing victims, tactics, and key members. The data leak reveals internal conflicts and potential Russian bank ...
Darcula PhaaS 3.0 Can Now Auto-Generate Phishing Kits for Any Brand
News
Darcula PhaaS 3.0 Auto-Generates Phishing Kits for Any Brand
Andrew Doyle February 21, 2025
Darcula PhaaS, a phishing-as-a-service platform, now offers a DIY phishing kit generator. This allows users to easily create phishing attacks targeting any brand, significantly increasing ...
The Rise of AI Agents: A New Era of AI Cyberthreats
News
The Rise of AI Agents: A New Era of AI Cyberthreats
Andrew Doyle February 20, 2025
AI agents are transforming cybersecurity, enabling autonomous attacks that overwhelm defenses. This new AI cyberthreat demands proactive strategies and advanced defenses to mitigate the risks.
Cayuga Medical Center Suffers Cyberattack, Operations Temporarily Disrupted
News
Cayuga Medical Center Suffers Cyberattack, Operations Temporarily Disrupted
Mitchell Langley February 20, 2025
Cayuga Medical Center experienced a cyberattack on February 19th, temporarily halting ER admissions and diverting ambulances. The hospital is now fully operational.
Australian Fertility Services Giant Genea Hit by Major Security Breach
News
Australian Fertility Services Giant Genea Hit by Major Security Breach
Andrew Doyle February 20, 2025
Australian fertility services giant Genea suffered a significant security breach, exposing potentially sensitive patient data. The company is investigating the extent of the unauthorized ...
NailaoLocker Ransomware Targets EU Healthcare Sector in a Cyberattack
News
NailaoLocker Ransomware Targets EU Healthcare Sector in a Cyberattack
Mitchell Langley February 20, 2025
NailaoLocker ransomware, a newly discovered threat, targeted EU healthcare organizations between June and October 2024, exploiting a Check Point vulnerability. The attack leveraged ShadowPad and ...
Hunters International Ransomware: Hive Ransomware Ressurected
Resources
Hunters International Ransomware: Hive Ransomware Ressurected
Andrew Doyle February 20, 2025
Hunters International is a Ransomware-as-a-Service (RaaS) group that emerged in October 2023, following the disruption of the Hive ransomware group. They've conducted over 200 attacks ...
Venture Capital Giant Insight Partners Hit by Cyber Attack
News
Venture Capital Giant Insight Partners Hit by Cyber Attack
Mitchell Langley February 19, 2025
Insight Partners, a venture capital giant, suffered a cyber attack in January via social engineering. The firm manages over $90 billion in assets and is ...
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Fasana’s Collapse: How One Ransomware Attack Crippled a German Manufacturer
June 21, 2025
Podcasts
Inside the 16 Billion Credential Leak: The Infostealer Engine Behind the Biggest Breach Yet
June 21, 2025
Podcasts
Over 1,500 Minecraft Users Infected in Stargazers Ghost Malware Campaign
June 20, 2025

Cyber Security News

CISA Orders Federal Agencies to Patch Samsung Zero-Day Exploited by LandFall Spyware
Application Security
CISA Orders Federal Agencies to Patch Samsung Zero-Day Exploited by LandFall Spyware
November 11, 2025
Konni Campaign Impersonates Human Rights Groups in Cross-Platform Espionage Operation
Cybersecurity
Konni Campaign Impersonates Human Rights Groups in Cross-Platform Espionage Operation
November 11, 2025
NAKIVO Enhances Disaster Recovery With Real-Time Replication and Multilingual Support
Application Security
NAKIVO Enhances Disaster Recovery With Real-Time Replication and Multilingual Support
November 10, 2025
Microsoft Reveals Whisper Leak Side-Channel Attack That Threatens LLM Communication Privacy
Cybersecurity
Microsoft Reveals Whisper Leak Side-Channel Attack That Threatens LLM Communication Privacy
November 10, 2025
Critical runC Vulnerabilities Undermine Container Isolation in Docker and Kubernetes
Application Security
Critical runC Vulnerabilities Undermine Container Isolation in Docker and Kubernetes
November 10, 2025
QNAP Patches Seven Zero-Day Vulnerabilities Exploited at Pwn2Own 2025
Cybersecurity
QNAP Patches Seven Zero-Day Vulnerabilities Exploited at Pwn2Own 2025
November 10, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Over 100 Malicious Chrome Extensions Found Masquerading as AI Tools, VPNs, and Crypto Utilities
May 21, 2025
A massive and ongoing campaign involving over 100 malicious Chrome extensions has been uncovered, with threat actors deploying browser add-ons disguised as free AI tools, ...
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
May 21, 2025
A supply chain attack on RVTools delivered Bumblebee malware through a trojanized installer, compromising virtualization admins and enabling follow-on ransomware or data exfiltration attacks.
Tesco, Aldi Supplier Peter Green Chilled Hit by Ransomware, Disrupting UK Retail Supply Chains
May 21, 2025
UK logistics firm Peter Green Chilled suffered a ransomware attack, disrupting deliveries for Tesco, Aldi, and Sainsbury’s amid a rising wave of supply chain cyberattacks. ...
SK Telecom Malware Breach Lasted 3 Years, Exposed 27 Million Phone Numbers
May 21, 2025
SK Telecom’s malware breach exposed 27 million phone numbers over three years via a supply chain attack targeting its security affiliate SK Shieldus.
PowerSchool Hacker Pleads Guilty to Student Data Extortion Scheme
May 21, 2025
A 19-year-old hacker has pleaded guilty to breaching PowerSchool and extorting millions by threatening to leak sensitive data on over 71 million students and teachers. ...
Mobile Carrier Cellcom Breached, Company Confirms Cyberattack Behind Extended Outages
May 21, 2025
Cellcom confirms a cyberattack caused week-long service outages across Wisconsin and Michigan, impacting calls and SMS; personal data reportedly not compromised.
VanHelsing Ransomware Builder Leaked by Former Developer on Hacking Forum
May 21, 2025
VanHelsing ransomware's builder and affiliate panel source code leaked after a former developer tried to sell it, prompting the gang to release it themselves.
Arla Foods Upahl Site Hit by Cyberattack—What It Means for Food Supply Chains
May 20, 2025
In May 2025, a cyberattack disrupted operations at Arla Foods’ major dairy facility in Upahl, Germany—halting skyr production, impacting local IT systems, and forcing product ...
Bypassing Antivirus: What Defendnot Reveals About the Weak Spots in Windows Security
May 20, 2025
In this episode, we dissect one of the most advanced Windows security evasion tools released in recent memory: Defendnot. Designed to exploit undocumented Windows Security ...
BreachRx Raises $15M to Automate the Chaos of Incident Response
May 20, 2025
In this episode, we dive into BreachRx’s $15 million Series A raise — and what it means for the future of enterprise cybersecurity incident response. ...
Scattered Spider Breached M&S via Third-Party TCS Credentials, Sources Confirm
May 20, 2025
Scattered Spider used third-party TCS employee credentials to breach M&S systems, exposing customer data and costing over £1 billion in market value and lost profits. ...
Trojanized KeePass Installer Leads to Ransomware on VMware ESXi Servers
May 20, 2025
Fake KeePass installers promoted via Bing ads delivered Cobalt Strike and stole credentials, ultimately leading to ESXi ransomware attacks linked to Black Basta affiliates.
TeleMessage Breach Exposes U.S. Government Messaging Data, 410GB Archive Published by DDoSecrets
May 20, 2025
Hackers exploited a flaw in TeleMessage’s TM SGNL app, exposing U.S. official communications. DDoSecrets published 410GB of chat logs and metadata from the breach.
Arla Foods Cyberattack Disrupts German Production Site, Causes Delivery Delays
May 20, 2025
Arla Foods confirmed a cyberattack at its Upahl production site in Germany, disrupting operations and causing delivery delays. No data theft has been confirmed.
O2 Flaw Leaked Customer Geolocation Data to Any Caller
May 20, 2025
O2 exposed customers’ real-time locations via VoLTE call metadata. A researcher found SIP headers leaking geolocation and device data. The issue is now resolved.
110,000+ Records Compromised: The NRS Cybersecurity Failure
May 19, 2025
In this episode, we unpack the 2024 cybersecurity incident that rocked the debt collection and healthcare sectors: the massive data breach at Nationwide Recovery Services ...
Coinbase Insider Breach Exposes Customer Data and Government IDs; $20M Ransom Rejected
May 19, 2025
Coinbase Insider Breach revealed that rogue support agents aided a cyberattack stealing customer data and government IDs. The attackers demanded $20 million, but Coinbase refused ...
Hackers Target VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own Berlin 2025
May 19, 2025
Researchers at Pwn2Own Berlin 2025 earned $695,000 for exploiting zero-day flaws in VMware ESXi, Microsoft SharePoint, Firefox, and AI platforms.
Adidas and Dior Confirm Customer Data Breaches Following Targeted Cyberattacks
May 19, 2025
Adidas and Dior confirmed data breaches affecting customer information in Korea and China. Both brands reported no financial data exposure and began notifying affected individuals. ...
CISA Flags Chrome Vulnerability CVE-2025-4664: Patch Before June 5th
May 19, 2025
In this episode, we break down the recently discovered and actively exploited Chrome vulnerability CVE-2025-4664—a high-severity flaw stemming from insufficient policy enforcement in Chrome’s Loader ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited