Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
BlackLock Ransomware: A Rapidly Rising Cyber Threat
News
BlackLock Ransomware: A Rapidly Rising Cyber Threat
Mitchell Langley February 19, 2025
BlackLock ransomware, emerging in March 2024, has seen a 1425% surge in activity, making it a prominent player in the ransomware-as-a-service (RaaS) ecosystem and a ...
Latvian Document Management System Leak Exposes 25 Million Records
News
Latvian Document Management System Leak Exposes 25 Million Records
Mitchell Langley February 19, 2025
A Latvian document management system leak exposed 25 million records, including names, national IDs, and addresses, highlighting critical data security vulnerabilities.
OpenSSH Flaws Expose SSH Servers to Critical DoS Attacks and MiTM Vulnerabilities
News
OpenSSH Flaws Expose SSH Servers to Critical DoS Attacks and MiTM Vulnerabilities
Andrew Doyle February 19, 2025
Critical OpenSSH vulnerabilities enable devastating DoS attacks and sophisticated MiTM attacks on SSH servers. Immediate updates are crucial to prevent data breaches and service disruptions.
MacOS Malware FrigidStealer Employ Sophisticated Web Injection Attacks
News
MacOS Malware FrigidStealer Employ Sophisticated Web Injection Attacks
Andrew Doyle February 19, 2025
New MacOS malware, FrigidStealer, uses web injection attacks by cybercriminal groups TA2726 and TA2727, distributing malware based on browser and operating system, bypassing security ...
Zacks Investment Research Breach: 12 Million Records Exposed in Latest Cyber Attack
News
Zacks Investment Research Breach: 12 Million Records Exposed in Latest Cyber Attack
Mitchell Langley February 18, 2025
A major Zacks Investment Research Breach exposed 12 million customer records, including sensitive personal and financial data, highlighting the urgent need for enhanced cybersecurity measures.
Coast Guard Data Breach Delays Pay for 1,135 Service Members
News
Coast Guard Data Breach Delays Pay for 1,135 Service Members
Mitchell Langley February 18, 2025
A Coast Guard data breach delayed pay for 1,135 service members. The Coast Guard Investigative Service and Coast Guard Cyber Command are investigating the breach, ...
Lee Enterprises Says It Was Hit By a Ransomware Attack
News
Lee Enterprises Says It Was Hit By a Ransomware Attack
Andrew Doyle February 18, 2025
A ransomware attack against Lee Enterprises, a major US newspaper publisher, caused significant disruptions, impacting print and online operations for over two weeks. The attack ...
Finastra Data Breach: Customer Data Compromised in Cyber Attack
News
Finastra Data Breach: Customer Data Compromised in Cyber Attack
Andrew Doyle February 18, 2025
Finastra's data breach exposed customer names and financial account information after a cyber attack. Law enforcement is involved, and affected individuals are urged to take ...
Italian Websites Under Cyberattack: Pro-Russian Group Claims Responsibility
News
Italian Websites Under Cyberattack: Pro-Russian Group Claims Responsibility
Andrew Doyle February 18, 2025
Pro-Russian hackers launched a cyber attack on Italian websites, including banks and airports, in retaliation for President Mattarella's comments comparing Russia's actions to Nazi Germany.
FinalDraft Malware: New Stealthy Cyber Attack Abuses Outlook for Command and Control
News
FinalDraft Malware: New Stealthy Cyber Attack Abuses Outlook for Command and Control
Andrew Doyle February 17, 2025
FinalDraft malware uses Outlook email drafts for covert command-and-control communication, enabling data exfiltration, process injection, and lateral movement with minimal traces. The malware, part of ...
This Week In Cybersecurity: 17th February to 21st February
Cybersecurity Newsletter
This Week In Cybersecurity: 17th February to 21st February
Mitchell Langley February 17, 2025
In recent developments, significant data breaches and coordinated international actions against cybercrime have emerged. Zacks Investment Research exposed personal data of 12 million users, while ...
2.7 Billion IoT Device Records Exposed in Massive Data Breach
News
2.7 Billion IoT Device Records Exposed in Massive Data Breach
Andrew Doyle February 17, 2025
A massive data breach exposed 2.7 billion IoT device records, highlighting critical security vulnerabilities and the need for robust authentication and data encryption.
Akira Ransomware Attack Targets Defunct Australian Media Company
News
Akira Ransomware Attack Targets Defunct Australian Media Company
Andrew Doyle February 17, 2025
Akira Ransomware claims a cyber attack on defunct Australian media company Regency Media, stealing 16GB+ of data, highlighting the risk of unmanaged legacy data post-business ...
Australian National University Faces Cyber Attack, FSociety Ransomware Threatens Data Leak
News
Australian National University Faces Cyber Attack, FSociety Ransomware Threatens Data Leak
Mitchell Langley February 17, 2025
The Australian National University (ANU) is facing a serious cyber attack after being targeted by the FSociety ransomware group. The Canberra-based institution is currently investigating ...
Chinese Espionage Tools Fuel RA World Ransomware Attack Targeting Asian Firm
News
Chinese Espionage Tools Fuel RA World Ransomware Attack Targeting Asian Firm
Mitchell Langley February 16, 2025
A China-based threat actor, Emperor Dragonfly, deployed RA World ransomware, demanding $2 million. The attack leveraged tools previously used in Chinese cyber espionage operations, blurring ...
Zacks Investment Data Breach Exposes 12 Million Users
News
Zacks Investment Data Breach Exposes 12 Million Users
Andrew Doyle February 14, 2025
A hacker leaked data from 12 million Zacks Investment accounts, including names, addresses, emails, and passwords. This is potentially the third major breach at Zacks ...
whoAMI Attacks: Exploiting Amazon EC2 Instances for Code Execution
News
whoAMI Attacks: Exploiting Amazon EC2 Instances for Code Execution
Mitchell Langley February 14, 2025
whoAMI attacks allow hackers to gain code execution on Amazon EC2 instances by exploiting flaws in AMI selection. Attackers publish malicious AMIs with names mimicking ...
Chinese Hackers Breach More US Telecoms via Unpatched Cisco Routers despite Sanctions
News
Chinese Hackers Breach More US Telecoms via Unpatched Cisco Routers despite Sanctions
Andrew Doyle February 14, 2025
Chinese hackers, exploiting Cisco router vulnerabilities, breached multiple US telecoms and accessed sensitive government communications, highlighting the ongoing threat of state-sponsored cyberattacks.
Port of Ostend Suffers Cyberattack, Ensor System Targeted
News
Port of Ostend Suffers Cyberattack, Ensor System Targeted
Andrew Doyle February 14, 2025
The Port of Ostend, a significant Belgian port, filed a complaint with the federal police following a cyberattack on Monday night.
PNG Tax Office Cyber Attack Exposes Sensitive Data, Raising Concerns
News
PNG Tax Office Cyber Attack Exposes Sensitive Data, Raising Concerns
Mitchell Langley February 13, 2025
A cyberattack on Papua New Guinea’s Internal Revenue Commission (IRC) in January 2025 compromised its systems, potentially exposing sensitive data. The PNG tax office cyber ...
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Oxford City Council Breach Exposes 21 Years of Data
June 20, 2025
Podcasts
Weaponized GitHub Repositories: How Banana Squad and Water Curse Are Hitting Devs
June 20, 2025
Podcasts
Chain IQ Breach Exposes UBS & Pictet Employee Data: A Supply Chain Failure
June 20, 2025

Cyber Security News

GlassWorm Returns With Malicious VSCode Extensions Infecting Thousands
Application Security
GlassWorm Returns With Malicious VSCode Extensions Infecting Thousands
November 10, 2025
Sensitive Data at OBGYN Associates Exposed in Data Breach
Cybersecurity
Sensitive Data at OB/GYN Associates Exposed in Data Breach
November 10, 2025
SonicWall Confirms State-Sponsored Hackers Targeted Cloud Backup Service
Cybersecurity
SonicWall Confirms State-Sponsored Hackers Targeted Cloud Backup Service
November 10, 2025
Microsoft Enhances Quick Machine Recovery and Smart App Control in Windows Insider Build
Application Security
Microsoft Enhances Quick Machine Recovery and Smart App Control in Windows Insider Build
November 9, 2025
Malicious NuGet Packages Found With Time-Delay Payloads Targeting Databases and ICS Devices
Application Security
Malicious NuGet Packages Found With Time-Delay Payloads Targeting Databases and ICS Devices
November 9, 2025
LANDFALL Spyware Exploited Samsung Galaxy Zero-Day in Targeted Middle East Attacks
CVE Vulnerability Alerts
LANDFALL Spyware Exploited Samsung Galaxy Zero-Day in Targeted Middle East Attacks
November 9, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Ransomware Gangs Adopt Skitnet Malware for Post-Exploitation Attacks in Enterprise Environments
May 19, 2025
Ransomware groups including BlackBasta and Cactus are using Skitnet malware for stealthy post-exploitation in enterprise networks, enabling persistence, data theft, and remote control.
How Can I Protect Myself from the M&S Cyberattack?
May 19, 2025
Marks & Spencer suffered a data breach. Here’s how customers can protect themselves from phishing, fraud, and future attacks using simple, actionable online safety tips. ...
483,000 Patients at Risk: Catholic Health Vendor Breach Exposes Critical Data
May 19, 2025
In this episode, we dive deep into a newly disclosed healthcare data breach affecting over 483,000 patients of Catholic Health, stemming from a misconfigured Elasticsearch ...
Broadcom Employee Data Leaked After Supply Chain Breach at ADP Partner
May 19, 2025
Broadcom employee data leaked after a ransomware attack on ADP partner Business Systems House. Sensitive files appeared on the dark web, impacting global semiconductor workers. ...
SK Telecom Data Breach Exposes Nearly 27 Million SIM Records
May 19, 2025
SK Telecom suffered a data breach impacting nearly 27 million SIM records, with malware infections across 23 servers and critical personal data left unencrypted.
This Week In Cybersecurity: May 12th to 16th, 2025
May 19, 2025
"This week in cybersecurity highlights significant data breaches, vulnerabilities, and emerging threats impacting various sectors, emphasizing the need for robust security measures."
Legal Aid Agency Data Breach Exposes Sensitive Information of Legal Aid Applicants
May 19, 2025
A cyberattack on the UK’s Legal Aid Agency exposed personal, financial, and criminal data of applicants dating back to 2010, prompting a full shutdown of ...
Chrome’s New Vulnerability CVE-2025-4664: A Security Flaw That Can Lead to Account Takeover
May 16, 2025
In this episode, we take an in-depth look at the newly discovered CVE-2025-4664 vulnerability in Google Chrome’s Loader component. This high-severity security flaw is affecting ...
Scattered Spider Targets UK and US Retailers: The Growing Threat to Major Brands
May 16, 2025
In this episode, we dive deep into the recent wave of cyberattacks plaguing major UK retailers such as Marks & Spencer, Co-op, and Harrods, with ...
Ransomware Gangs Exploit SAP NetWeaver Vulnerability in Ongoing Global Attacks
May 16, 2025
Ransomware groups RansomEXX and BianLian have joined global threat actors exploiting a critical SAP NetWeaver vulnerability, risking full remote system compromise for unpatched servers.
OpenAI Testing Model Context Protocol Integration for ChatGPT
May 16, 2025
OpenAI is testing Model Context Protocol support in ChatGPT, allowing secure access to third-party tools and enterprise platforms for more powerful, contextual task handling.
Proofpoint Acquires Hornetsecurity for $1B: A New Era in Microsoft 365 Security
May 16, 2025
 In a major move within the cybersecurity space, Proofpoint has announced the acquisition of Hornetsecurity for over $1 billion. This deal significantly strengthens Proofpoint’s foothold ...
RoundPress Cyberespionage Campaign Exploits XSS Flaws in Government Webmail
May 16, 2025
Russian-linked hackers exploited XSS flaws in Roundcube, Zimbra, and others to steal government emails globally through a no-click attack dubbed the RoundPress campaign.
North Korean Hackers TA406 Target Ukraine to Gauge Russia’s Military Demands
May 15, 2025
North Korean hackers TA406 target Ukrainian government entities to assess Russia’s war demands, using phishing, PowerShell malware, and credential theft to inform DPRK military strategy. ...
Bank Street College of Education Exposes Half a Million Files with Sensitive Personal Data
May 15, 2025
Bank Street College of Education exposed 500,000+ personal files via a misconfigured AWS bucket, including resumes and contact details. Risk of phishing and ID fraud ...
Dior Confirms Data Breach Exposing Chinese Customer Information
May 15, 2025
Christian Dior confirms a customer data breach affecting Chinese users. Names, contacts, and shopping data were leaked; no financial details were compromised. Investigation ongoing.
Nucor Shuts Down Production Lines Following Cybersecurity Incident
May 15, 2025
Nucor Corporation has shut down select production operations following a cybersecurity incident that compromised internal systems. The company is investigating and restoring operations.
Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach
May 15, 2025
Hackers are selling 89 million Steam user records in an apparent supply chain breach involving vendor access. Valve denies a direct Steam breach but continues ...
HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage
May 15, 2025
HireClick leaked over 5.7 million resume files after leaving an AWS bucket unsecured. The data exposure poses significant risks of fraud, phishing, and identity theft. ...
Valve Denies Steam Data Breach, Dismisses Leaked Data as Useless Expired Codes
May 15, 2025
Valve denies claims of a Steam data breach, stating leaked data consists of expired SMS codes with no account credentials, passwords, or personal information.
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited