Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
This Facebook Phishing Attack Could Steal EVERYTHING!
News
This Facebook Phishing Attack Could Steal EVERYTHING!
Mitchell Langley February 10, 2025
Facebook attack uses phishing emails claiming copyright infringement to steal data. Protect yourself now!
This Week In Cybersecurity: 04th February to 06th February
Cybersecurity Newsletter
This Week In Cybersecurity: 04th February to 06th February
Mitchell Langley February 7, 2025
This week saw significant cybersecurity incidents, including a ransomware attack on the New York Blood Center, disrupting vital blood supplies during a shortage. Connecticut's Community ...
Frederick Health Hospital's Ransomware Disaster Patient Care Disrupted
News
Frederick Health Hospital’s Ransomware Disaster: Patient Care Disrupted
Andrew Doyle February 7, 2025
On January 27, 2025, Frederick Health Hospital (FHH) became the target of a sophisticated ransomware attack, forcing the immediate shutdown ...
NCC Group's Cyber Threat Intelligence Report Reveals Record Ransomware Attacks
News
NCC Group’s Cyber Threat Intelligence Report Reveals Record Ransomware Attacks
Mitchell Langley February 6, 2025
NCC Group's 2024 cyber threat report reveals a record 5,263 ransomware attacks, with LockBit and RansomHub leading the surge. The industrial sector was hardest hit, ...
NCC Group's Cyber Threat Intelligence Report Reveals Record Ransomware Attacks
News
Hackers Spoof Microsoft ADFS Login Pages in Phishing Attacks
Mitchell Langley February 6, 2025
Hackers spoof Microsoft ADFS login pages, bypassing MFA to steal credentials and launch further phishing attacks targeting corporate email accounts. This highlights the threat of ...
Connecticut Healthcare Data Breach Exposes 1 Millions Records
News
Connecticut Healthcare Data Breach Exposes 1 Millions Records
Mitchell Langley February 6, 2025
The Connecticut healthcare data breach has affected over one million Connecticut residents, marking one of the largest healthcare data breaches in recent history.
Ransomware Payments Drop 35%: Chainalysis Reports Victims Refuse to Pay Ransom
News
Ransomware Payments Drop 35%: Chainalysis Reports Victims Refuse to Pay Ransom
Mitchell Langley February 6, 2025
Ransomware payments plummeted by 35% in 2024, totaling $814 million. This significant drop, reported by Chainalysis, suggests increased law enforcement effectiveness and victim resistance to ...
State-Sponsored Hackers Abuse Google's Gemini AI for Attacks
Cybersecurity
State-Sponsored Hackers Abuse Google’s Gemini AI for Attacks
Mitchell Langley February 4, 2025
Multiple state-sponsored groups are using Google's Gemini AI assistant. They use it primarily for productivity improvements. However, they also use it for reconnaissance and attack ...
US Healthcare Provider Data Breach at Connecticut Impacts 1 Million Patients
News
US Healthcare Provider Data Breach at Connecticut Impacts 1 Million Patients
Mitchell Langley February 4, 2025
A massive healthcare provider data breach at Connecticut's Community Health Center exposed the personal and health data of over 1 million patients, including Social Security ...
Prevent Data Breaches with Amazon Redshift Enhanced Security
News
Prevent Data Breaches with Amazon Redshift Enhanced Security
Mitchell Langley February 4, 2025
Amazon Redshift enhances security defaults to prevent data breaches and ransomware by restricting public access, enabling encryption, and enforcing SSL connections, mitigating risks like the ...
GrubHub Data Breach Exposes Customer, Driver, and Merchant Data
News
GrubHub Data Breach Exposes Customer, Driver, and Merchant Data
Gabby Lee February 4, 2025
The GrubHub data breach has compromised the personal information of an unspecified number of customers, merchants, and drivers. The attack ...
Mississippi Electric Utility Data Breach Affects 20,000 Residents
News
Mississippi Electric Utility Data Breach Affects 20,000 Residents
Gabby Lee February 4, 2025
The Mississippi electric utility, Yazoo Valley Electric Power Association, suffered a data breach affecting 20,000 residents. The breach exposed personal information, prompting identity theft protection ...
New York Blood Center Ransomware Attack
News
New York Blood Center Ransomware Attack: Critical Blood Supplies at Risk
Mitchell Langley February 4, 2025
The New York Blood Center Enterprises (NYBCe) suffered a ransomware attack on January 26th, disrupting operations and impacting blood supplies amid a pre-existing blood shortage.
BRS Cyber Attack: Data Breach at Business Registration Exposes Sensitive Business Information
News
BRS Cyber Attack: Data Breach at Business Registration Exposes Sensitive Business Information
Mitchell Langley February 3, 2025
Cyberattack on Kenya's Business Registration Services (BRS) has exposed sensitive company data, sold on the dark web. Authorities investigate, ruling out ransomware.
DeepSeek AI Data Breach Causes National Security Risks and Data Privacy Concerns
News
DeepSeek AI Data Breach Causes National Security Risks and Data Privacy Concerns
Mitchell Langley January 31, 2025
The DeepSeek AI data breach exposed sensitive user data, raising national security concerns and prompting warnings from U.S. officials about privacy violations and corporate espionage.
This Week In Cybersecurity: 27th January to 31st January
Cybersecurity Newsletter
This Week In Cybersecurity: 27th January to 31st January
Mitchell Langley January 31, 2025
British Museum Forced to Close After IT Attack by Ex-worker The British Museum experienced an IT attack attributed to a ...
Phemex Crypto Firm Breached With $85 Million in Cryptocurrency Stolen
News
Phemex Crypto Firm Breached With $85 Million in Cryptocurrency Stolen
Mitchell Langley January 31, 2025
Phemex suffered a major security breach, resulting in the theft of over $85 million in cryptocurrency. The attack targeted hot wallets, prompting immediate suspension of ...
ENGlobal Cybersecurity Breach and CenterPoint Energy Data Leak Probes Investigation
News
ENGlobal Cybersecurity Breach and CenterPoint Energy Data Leak Probes Investigation
Mitchell Langley January 31, 2025
Williams stated,
RCSD Warns Community of Data Breach: 134,000 Records Potentially Accessed
News
RCSD Warns Community of Data Breach: 134,000 Records Potentially Accessed
Mitchell Langley January 31, 2025
The Rochester City School District (RCSD) warns its community of a significant data breach. The breach exposed sensitive personal information, prompting immediate action and investigation. ...
UK's Morrisons Breached: Cyber Attack at Technology Provider Dents Christmas Sales
News
UK’s Morrisons Breached: Cyber Attack at Technology Provider Dents Christmas Sales
Mitchell Langley January 31, 2025
A November cyber attack at Morrisons' technology provider, Blue Yonder, disrupted operations, impacting Christmas sales and resulting in lower-than-expected first-quarter growth.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Double Extortion, Biometric Data, and Donuts: How Play Ransomware Hit Krispy Kreme
June 19, 2025
Podcasts
Archetyp Market Seized: €250M Drug Empire Toppled by Operation Deep Sentinel
June 17, 2025
Podcasts
KillSec Exploits Zero-Day to Breach Ocuco: 241K Patients Exposed
June 17, 2025

Cyber Security News

Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
Cybersecurity
Russian-Linked Sandworm Deploy Data Wipers to Disrupt Ukraine’s Grain Export Sector
November 6, 2025
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
Cybersecurity
Radon Nuclear Waste Facility Breach Exposes Test Records and Staff Details
November 6, 2025
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
Cybersecurity
Stanford Health Care Employee and Payroll Data Leaked in Perfectshift Database Breach
November 6, 2025
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
Cybersecurity
Qilin Ransomware Gang Claims Cyberattack on Swiss Bank Habib Bank AG Zurich
November 6, 2025
Cybersecurity
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
November 6, 2025
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Application Security
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
November 6, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
May 12, 2025
LockBit's dark web affiliate panels were hacked, exposing thousands of victim negotiation messages, affiliate details, and bitcoin addresses in a leaked MySQL database.
Ascension Data Breach Exposes Personal and Health Information of Over 430,000 Patients
May 12, 2025
Ascension confirms a third-party data breach affecting 437,329 patients, exposing sensitive personal and medical data, including Social Security numbers and health insurance details.
PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain
May 8, 2025
A zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824, became the center of a global cybersecurity storm when it was ...
Pegasus Spyware, WhatsApp v. NSO Group, and the Global Battle for Data Privacy
May 8, 2025
In this episode, we dive deep into the legal, technical, and geopolitical implications of the U.S. court ruling in WhatsApp v. NSO Group—a landmark case ...
How CodeAnt AI is Automating Code Reviews for 50+ Dev Teams
May 8, 2025
AI tools are generating more code than ever — but who’s reviewing it? In this episode, we spotlight CodeAnt AI, the fast-growing platform built to ...
The Truth About Identity Attacks: How to Protect Your Business and Data
May 8, 2025
In today's digital landscape, identity attacks are rampant, costing businesses millions and causing irreparable damage to reputations. This comprehensive guide explores seven common identity-based attacks, ...
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
May 8, 2025
U.S. Oil and Gas Sectors Face Persistent Cyber Threats, CISA Warns The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory warning that ...
NSO Group Fined $167 Million for Pegasus Spyware Attack on WhatsApp Users
May 8, 2025
A U.S. jury has ordered NSO Group to pay over $167 million in damages for a 2019 Pegasus spyware attack that targeted 1,400 WhatsApp users. ...
PowerSchool Hacker Now Extorting Individual School Districts Using Stolen Data
May 8, 2025
The PowerSchool hacker is now targeting individual school districts, threatening to leak sensitive student and staff data stolen in the December 2024 breach.
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
May 8, 2025
Play ransomware operators exploited a critical Windows log file vulnerability (CVE-2025-29824) in zero-day attacks, targeting global IT, finance, and retail sectors.
The Langflow Breach: How a Popular AI Tool Opened the Door to Hackers
May 7, 2025
A newly disclosed zero-day vulnerability, CVE-2025-3248, is being actively exploited in the wild—and it’s targeting Langflow, a popular open-source framework for building AI-powered applications. In ...
Mirai Reloaded: Why CVE-2024-7399 Still Haunts Samsung Servers
May 7, 2025
In this episode, we break down the active exploitation of CVE-2024-7399, a critical path traversal and arbitrary file upload vulnerability in Samsung MagicINFO 9 Server. ...
UK Retail Cyberattacks Prompt Urgent Warning from National Cyber Security Centre
May 7, 2025
The UK’s NCSC has issued a warning after recent cyberattacks disrupted major retailers including Marks & Spencer, Harrods, and Co-op, urging stronger cybersecurity readiness.
CVE-2025-31324: A Critical SAP Zero-Day in Active Exploitation
May 7, 2025
A critical zero-day vulnerability — CVE-2025-31324 — is shaking the enterprise tech world. In this episode, we dive deep into the alarming exploit targeting SAP NetWeaver ...
Masimo Cyberattack Disrupts Operations Amid $350M Audio Brand Sale to Samsung
May 7, 2025
Masimo disclosed a cyberattack impacting manufacturing and logistics, coinciding with the $350M sale of its Sound United audio brands to Samsung subsidiary Harman.
Ransom House Ransomware Claims Breach at Oettinger Brewery, Threatens to Leak Internal Data
May 7, 2025
Ransom House claims to have breached German brewing giant Oettinger, threatening to leak sensitive data if the company fails to meet its ransom demands.
Langflow RCE Flaw Actively Exploited: CISA Urges Immediate Patch
May 7, 2025
CISA confirms active exploitation of critical Langflow RCE flaw CVE-2025-3248, urging urgent updates to prevent full server takeover through exposed API endpoints.
“Bring Your Own Installer” EDR Bypass Used in Ransomware Attack Targeting SentinelOne
May 7, 2025
A new “Bring Your Own Installer” bypass lets ransomware actors disable SentinelOne EDR protection by exploiting the agent upgrade process, leaving endpoints exposed to attack. ...
Another Day, Another Commvault Zero-Day: RCE, Path Traversal, and KEV Inclusions
May 6, 2025
In this episode, we break down the anatomy of some of the most critical vulnerabilities threatening enterprise systems in 2025 — and the real-world attacks ...
Kelly Benefits Breach: What 413,000 Exposed Records Teach Us About Cybersecurity
May 6, 2025
In this episode, we dive deep into the massive data breach at Kelly Benefits, a payroll and benefits administrator that exposed the sensitive personal data ...
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited