Main Menu
Cyber Security
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
CISA Warns of Craft CMS Code Injection Flaw
Top Cyber Threats Facing Enterprise Businesses in 2025: A Comprehensive Guide
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
Critical Cisco Smart Licensing Utility Flaws Exploited in Attacks
News
Critical Cisco Smart Licensing Utility Flaws Exploited in Attacks
Mitchell Langley March 21, 2025
Cisco's Smart Licensing Utility vulnerabilities CVE-2024-20439 and CVE-2024-20440 are now exploited, allowing unauthorized access through a backdoor admin account.
HellCat Hacking Spree Targets Jira Servers Worldwide
News
HellCat Hacking Spree Targets Jira Servers Worldwide
Andrew Doyle March 21, 2025
HellCat hackers are exploiting compromised Jira credentials in a worldwide hacking spree, targeting companies like Ascom and Jaguar Land Rover, stealing sensitive data including source ...
RansomHub Ransomware Leverages New Betruger Backdoor for Enhanced Attacks
News
RansomHub Ransomware Leverages New Betruger Backdoor for Enhanced Attacks
Andrew Doyle March 21, 2025
RansomHub ransomware uses a new multi-function backdoor, Betruger, for enhanced attacks, streamlining the deployment process and minimizing detection.
Critical MegaRAC Bug Lets Attackers Hijack and Brick Servers
News
Critical MegaRAC Bug Lets Attackers Hijack and Brick Servers
Mitchell Langley March 21, 2025
MI MegaRAC BMC vulnerability (CVE-2024-54085) lets attackers remotely hijack and brick servers, impacting numerous vendors and potentially causing significant damage.
This Week In Cybersecurity: 17th March to 21st March, 2025
Cybersecurity Newsletter
This Week In Cybersecurity: 17th March to 21st March, 2025
Andrew Doyle March 21, 2025
This week in cybersecurity reports on a range of incidents, including a major data breach at California Cryobank and a supply chain attack affecting GitHub ...
Veeam Backup & Replication Flaw Allows Remote Execution of Malicious Code
News
Veeam Backup & Replication Flaw Allows Remote Execution of Malicious Code
Andrew Doyle March 20, 2025
A critical vulnerability in Veeam Backup & Replication allows remote code execution, affecting various versions and posing significant security risks.
Microsoft Exchange Online Outage Impacts Outlook Web Users
News
Microsoft Exchange Online Outage Impacts Outlook Web Users
Mitchell Langley March 20, 2025
A Microsoft Exchange Online outage severely impacted Outlook on the web users globally, causing login and access issues. Microsoft attributed the problem to a code ...
DollyWay Malware Campaign Compromises 20,000 WordPress Sites
News
DollyWay Malware Campaign Compromises 20,000 WordPress Sites
Mitchell Langley March 20, 2025
The DollyWay malware campaign, active since 2016, has compromised over 20,000 WordPress sites, redirecting users to malicious sites and generating millions of fraudulent impressions monthly.
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
Cybersecurity
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
Andrew Doyle March 20, 2025
WhatsApp has patched a zero-click vulnerability exploited by Paragon spyware, affecting journalists and activists globally, highlighting ongoing cybersecurity challenges.
Ukrainian Military Targeted in New Signal Spear-Phishing Attacks
News
Ukrainian Military Targeted in New Signal Spear-Phishing Attacks
Mitchell Langley March 20, 2025
krainian military personnel are facing sophisticated spear-phishing attacks using compromised Signal accounts to deliver Dark Crystal RAT malware. Urgent security updates are needed.
Arcane Infostealer Infects YouTube and Discord Users Through Game Cheats
News
Arcane Infostealer Infects YouTube and Discord Users Through Game Cheats
Andrew Doyle March 20, 2025
The Arcane infostealer, a new malware, is stealing data from YouTube and Discord users via game cheats, targeting VPNs, messengers, and cryptocurrency wallets. Its sophisticated ...
Pennsylvania Education Union Data Breach Impacts 500,000 Individuals
News
Pennsylvania Education Union Data Breach Impacts 500,000 Individuals
Andrew Doyle March 20, 2025
he Pennsylvania State Education Association (PSEA) suffered a data breach exposing the personal information of over 500,000 individuals, including financial and health records. Rhysida ransomware ...
Ransomware Victims on Dark Web - 3rd March, 2025
Ransomware
Ransomware Victims on Dark Web – 3rd March, 2025
Andrew Doyle March 20, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
California Cryobank Data Breach Exposes Sensitive Customer Information
News
California Cryobank Data Breach Exposes Sensitive Customer Information
Mitchell Langley March 19, 2025
California Cryobank, a major US sperm bank, suffered a data breach exposing customer names, bank details, Social Security numbers, and more. The company is offering ...
GitHub Action Hack May Cause Another Supply Chain Attack
News
GitHub Action Hack May Cause Another Supply Chain Attack
Andrew Doyle March 19, 2025
A cascading supply chain attack, starting with a GitHub Action hack, exposed CI/CD secrets across 23,000 repositories, highlighting vulnerabilities in third-party code reliance.
Western Alliance Bank Data Breach Impacts 21,899 Customers
News
Western Alliance Bank Data Breach Impacts 21,899 Customers
Mitchell Langley March 19, 2025
Western Alliance Bank suffered a data breach impacting 21,899 customers, exposing sensitive personal and financial information due to a third-party vendor's software vulnerability exploited by ...
11 State-Sponsored Hacking Groups Exploit Windows Zero-Day Exploit
News
11 State-Sponsored Hacking Groups Exploit Windows Zero-Day Exploit
Andrew Doyle March 19, 2025
A critical Windows zero-day exploit, ZDI-CAN-25373, has been exploited by 11 state-sponsored hacking groups since 2017, enabling data theft and espionage. Microsoft initially declined to ...
$6.1 Million Crypto Stolen in WEMIX Hack
News
$6.1 Million Crypto Stolen in WEMIX Hack
Andrew Doyle March 19, 2025
WEMIX, a blockchain gaming platform, suffered a $6.1 million crypto theft. Hackers stole authentication keys, planning the attack for two months before executing 13 successful ...
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
News
StilachiRAT Malware Steals Crypto Using Advanced Reconnaissance
Mitchell Langley March 18, 2025
Microsoft discovered StilachiRAT, a new RAT malware using sophisticated techniques to steal cryptocurrency and perform reconnaissance. Its advanced evasion capabilities make proactive defense crucial.
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
News
GitHub Action Supply Chain Attack Exposes CI/CD Secrets
Andrew Doyle March 18, 2025
A supply chain attack on the popular tj-actions/changed-files GitHub Action exposed CI/CD secrets. Attackers compromised a PAT, impacting 23,000 repositories. GitHub has since removed the ...
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Syed Arslan May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle April 21, 2025

TOP CYBERSECURITY HEADLINES

Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
News
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
M&S Confirms Customer Data Breach Following Cyberattack
News
M&S Confirms Customer Data Breach Following Cyberattack
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
News
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Thousands of Node Developers Compromised by Malware in Popular npm Packages
News
Thousands of Node Developers Compromised by Malware in Popular npm Packages

SECURITYWEEK INDUSTRY EXPERTS

Dior Confirms Data Breach Exposing Chinese Customer Information
News
Dior Confirms Data Breach Exposing Chinese Customer Information
Mitchell Langley May 15, 2025
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
News
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
Andrew Doyle May 14, 2025
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
News
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
Andrew Doyle May 14, 2025
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
News
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
Mitchell Langley May 14, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
AirBorne: How a Zero-Click Bug Threatens Millions of Apple and Third-Party Devices
April 30, 2025
Podcasts
$10.5M to Fight AI-Phishing: The Rise of Pistachio’s Cybersecurity Training Platform
April 30, 2025
Podcasts
The Silent Majority: Why 51% of Internet Traffic Is Now Bots
April 29, 2025

Cyber Security News

This Week In Cybersecurity: 25th November to 29th November
Cybersecurity
This Week In Cybersecurity: 25th November to 29th November
November 29, 2024
LifeLabs Data Breach Report Finally Public After Four-Year Legal Battle
Cybersecurity
LifeLabs Data Breach Report Finally Public After Four-Year Legal Battle
November 27, 2024
Thala Recovers $25.5 Million After Security Breach
Cybersecurity
Thala Recovers $25.5 Million After Security Breach
November 25, 2024
WolfsBane Linux Malware Unleashed by Chinese Hackers
Cybersecurity
WolfsBane Linux Malware Unleashed by Chinese Hackers
November 22, 2024
This Week In Cybersecurity: 18th to 22nd November
Cybersecurity
This Week In Cybersecurity: 18th to 22nd November
November 22, 2024
HeptaX Cyberattack: A Deep Dive into the Multi-Stage RDP Exploitation Targeting Enterprises
Application Security
HeptaX Cyberattack: A Deep Dive into the Multi-Stage RDP Exploitation Targeting Enterprises
November 21, 2024
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
IKEA Ransomware Attack Cost Fourlis Group Millions in Revenue
April 14, 2025
Cybersecurity incident disrupted IKEA operations across multiple countries just before Black Friday The IKEA ransomware attack that struck just two days before Black Friday in ...
Neptune RAT Malware Spreading Through YouTube and GitHub, Targeting Windows PCs
April 10, 2025
Neptune RAT malware is spreading through YouTube and GitHub, infecting Windows PCs. This dangerous Trojan allows hackers complete system control, demanding immediate action from businesses ...
FortiSwitch Flaw Allows Remote Admin Password Changes
April 10, 2025
FortiSwitch vulnerability (CVE-2024-48887) lets attackers remotely change admin passwords. Fortinet released patches; immediate updates are crucial.
Oracle Denies Major Cloud Breach, Confirms Hack of “Obsolete Servers”
April 10, 2025
Oracle denies a major cloud breach, confirming instead a hack of obsolete servers. No Oracle Cloud customer data was compromised, the company claims.
Hackers Exploit SSRF Bug in EC2-Hosted Sites to Steal AWS Credentials
April 10, 2025
Hackers exploited SSRF bugs in EC2-hosted sites to steal AWS credentials, accessing EC2 Metadata and potentially IAM credentials via IMDSv1. This highlights the ongoing threat ...
Western Sydney University Data Breach Exposes 10,000 Student Records
April 10, 2025
Western Sydney University confirms a data breach exposing the personal information of 10,000 students. The university is investigating and has contacted authorities.
Half of UK Firms Delay Digital Projects Due to Soaring Cyber Warfare Risks
April 9, 2025
Half of UK firms are delaying digital projects due to rising cyber warfare fears, according to a new report highlighting the impact of nation-state attacks ...
Everest Ransomware: Data Extortionist Turned Initial Access Broker
April 9, 2025
Everest ransomware, active since 2020, evolved from data extortion and ransomware to primarily acting as an Initial Access Broker (IAB), targeting healthcare providers.
Treasury OCC Data Breach: Hackers Accessed 150,000 Emails Since June 2023
April 9, 2025
The Treasury's Office of the Comptroller of the Currency suffered a major data breach, exposing over 150,000 emails and sensitive financial data since June 2023.
WhatsApp Vulnerability Allows Malicious Code Execution on Windows PCs
April 9, 2025
WhatsApp flaw (CVE-2025-30401) lets attackers execute malicious code on Windows PCs by sending files with altered extensions. Update to WhatsApp 2.2450.6 or later immediately.
Mirai Botnet Exploiting TVT DVRs
April 9, 2025
A new Mirai botnet is causing a surge in attacks targeting TVT NVMS9000 DVRs, exploiting a vulnerability to gain admin access and potentially launch DDoS ...
Rödl Management Data Breach, Personal Data Exposed
April 9, 2025
Rödl Management suffered a data breach between January 30 and February 9, 2024, compromising consumer data. Investigations are underway, and affected individuals are receiving notifications.
Fall River Public Schools Responds to Cybersecurity Breach
April 9, 2025
Fall River Public Schools confirms a cybersecurity breach, working with experts to investigate unauthorized network access and ensure data protection.
Kellogg Data Breached, Clop Ransomware Exploits Cleo Zero-Day Vulnerabilities
April 8, 2025
WK Kellogg confirms a data breach exposing employee names and social security numbers, linked to the Clop ransomware gang's exploitation of Cleo software vulnerabilities.
Superannuation Hack Exposes $4.2 Trillion Sector’s Cybersecurity Vulnerabilities
April 8, 2025
A major superannuation hack exposed critical cybersecurity flaws, impacting major Australian funds and highlighting the urgent need for stronger security measures within the $4.2 trillion ...
Singapore Banks Suffer Ransomware Attack: DBS and Bank of China Affected
April 8, 2025
Singapore's DBS and Bank of China suffered a data breach due to a ransomware attack on their printing services provider, impacting thousands of customers. Funds ...
Vice Society Ransomware: The Anti K-12 RaaS Syndicate
April 8, 2025
Vice Society, a prolific RaaS group, preys on schools and other institutions, deploying readily available ransomware and threatening data leaks unless ransoms are paid. Their ...
Texas State Bar Data Breach Exposes Sensitive Attorney Information
April 8, 2025
Texas State Bar's data breach exposed sensitive attorney information, including SSNs, financial details, and legal case documents. Ransomware group INC claimed responsibility.
Everest Ransomware’s Dark Web Leak Site Defaced and Taken Offline
April 8, 2025
Everest ransomware's dark web leak site was defaced, disrupting their double-extortion scheme. This highlights the vulnerability of even sophisticated cybercriminal operations and the importance of ...
EncryptHub Has a Double Life of a Cybercriminal and Bug Bounty Hunter
April 8, 2025
Threat actor EncryptHub, responsible for compromising 618 organizations, secretly reported two Windows zero-day vulnerabilities to Microsoft, revealing a complex figure operating in both cybercrime and ...
Targeted iOS Attacks: The Zero-Days Apple Had to Patch Fast
DragonForce Hackers Disrupt UK Retail Giant Co-op in Geopolitically Charged Cyberattack
EU Launches European Vulnerability Database (EUVD) Amid CVE Funding Crisis
Twilio Denies Breach After Leak Claims to Expose Steam 2FA Codes
Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations
Marbled Dust’s Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
M&S Confirms Customer Data Breach Following Cyberattack
TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP
VMware Tools Vulnerability Lets Attackers Tamper with Virtual Machines
Thousands of Node Developers Compromised by Malware in Popular npm Packages
Türkiye-Backed Group Exploits Output Messenger Zero-Day in Cyberespionage Attack on Kurdish Targets
Moldovan Authorities Arrest Suspect Tied to DoppelPaymer Ransomware Attacks
rand-user-agent: The NPM Package That Opened a Backdoor
160,000 Victims Later: The Aspire USA Breach Under Valsoft’s Watch
Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain