Main Menu
Cyber Security
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026: What Day 1 Revealed
QualDerm Partners Data Breach Hits Over 3.1 Million People
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Gartner Publishes Its First Market Guide for Guardian Agents
Software Supply Chains Are the New Frontline for Cyber Risk
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Tech Giants Invest $12.5 Million in Open Source Software Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Stryker’s Internal Microsoft Environment Was Breached Last Week
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
How AI Is Making Financial Fraud 4.5 Times More Profitable
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
FBI Seeks Gamer Help in Steam Malware Investigation
Shadow AI Is Quietly Spreading Across SaaS Environments
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
ChatGPT is Down Worldwide Impacting Millions
Cybersecurity
ChatGPT is Down Worldwide Impacting Millions
Mitchell Langley April 3, 2025
Global ChatGPT outage caused widespread disruption, displaying a "Something went wrong" error. OpenAI acknowledged the problem and implemented a fix.
Royal Mail Data Breach: No Operational Impact Reported
News
Royal Mail Data Breach: No Operational Impact Reported
Andrew Doyle April 3, 2025
Royal Mail investigates a data breach involving third-party supplier Spectos GmbH. Over 144GB of data, including customer PII, was leaked; however, Royal Mail operations remain ...
Triada Malware Preloaded on Counterfeit Android Devices
News
Triada Malware Preloaded on Counterfeit Android Devices
Andrew Doyle April 3, 2025
Counterfeit Android phones are infecting users with Triada malware pre-installed in the firmware, stealing data and cryptocurrency. This supply chain attack highlights the risks of ...
Urgent Security Alert: Exploited CSLU Backdoor Threatens Cisco Systems
News
Urgent Security Alert: Exploited CSLU Backdoor Threatens Cisco Systems
Mitchell Langley April 3, 2025
Exploited Cisco CSLU backdoor admin account enables unauthorized access and control. Immediate patching is critical to prevent attacks.
SimonMed Imaging Confirms Cybersecurity Breach in January 2025
News
SimonMed Imaging Confirms Cybersecurity Breach in January 2025
Andrew Doyle April 3, 2025
SimonMed Imaging confirmed a cybersecurity breach in January 2025, exposing patient data through a vendor, prompting investigations, security upgrades, and at least one class-action lawsuit. ...
173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach
News
173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach
Andrew Doyle April 3, 2025
Chord Specialty Dental Partners reports a data breach impacting 173,000 patients, exposing personal and health data, and offering free credit monitoring services to affected individuals. ...
openSNP to Shut Down: Genetic Data Privacy Concerns Lead to Platform Closure
News
openSNP to Shut Down: Genetic Data Privacy Concerns Lead to Platform Closure
Mitchell Langley April 3, 2025
openSNP, a genetic data sharing platform, will close and delete all data on April 30th due to escalating privacy concerns and the risk of government ...
RedCurl Cyberespionage Group Deploys Ransomware Targeting Hyper-V
News
RedCurl Cyberespionage Group Deploys Ransomware Targeting Hyper-V
Mitchell Langley March 27, 2025
RedCurl, a known cyberespionage group, has deployed QWCrypt ransomware targeting Hyper-V servers, marking a significant shift in their tactics and raising concerns about their motivations.
Garden of Life Faces Three Class-Action Lawsuits Following Data Breach
News
Garden of Life Faces Three Class-Action Lawsuits Following Data Breach
Andrew Doyle March 27, 2025
Garden of Life faces three class-action lawsuits after a data breach exposed customer payment card information, alleging negligence and inadequate data security.
NSW Government Website Data Breach With 9,000 Court files
News
NSW Government Website Data Breach With 9,000 Court files
Andrew Doyle March 27, 2025
major data breach exposed 9,000 sensitive NSW court files. Authorities are investigating, aiming to identify accessed data within a week. Victims are urged to ...
StreamElements Confirms Third-Party Data Breach Affecting 210,000 Users
News
StreamElements Confirms Third-Party Data Breach Affecting 210,000 Users
Mitchell Langley March 27, 2025
StreamElements confirms a third-party data breach exposing data for 210,000 users, highlighting the risks of relying on external vendors.
Oracle Customers Validate Stolen Data from Cloud Server Breach
News
Oracle Customers Validate Stolen Data from Cloud Server Breach
Andrew Doyle March 27, 2025
Oracle denies a data breach affecting 6 million users, but independent verification confirms the authenticity of stolen data, contradicting their claims.
Sydney Tools Data Breach Exposes 34 Million+ Customer Orders
News
Sydney Tools Data Breach Exposes 34 Million+ Customer Orders
Mitchell Langley March 26, 2025
A massive data breach at Sydney Tools exposed over 34 million customer orders and sensitive employee data, including names, addresses, and salaries. The unsecured database ...
South Carolina Eye Clinic Suffers Data Breach: Ransomware Suspected
News
South Carolina Eye Clinic Suffers Data Breach: Ransomware Suspected
Mitchell Langley March 26, 2025
Columbia Eye Clinic in South Carolina suffered a data breach, potentially a ransomware attack, exposing patient data including names, contact information, and procedure codes.
Urgent Security Update: Authentication Bypass Vulnerability in VMware Tools for Windows (CVE-2025-22230)
News
Urgent Security Update: Authentication Bypass Vulnerability in VMware Tools for Windows (CVE-2025-22230)
Andrew Doyle March 26, 2025
Critical VMware Tools vulnerability (CVE-2025-22230) enables privilege escalation on Windows VMs. Immediate patching is paramount for enterprise security.
Numotion Data Breach Impacts Nearly 500,000 Individuals
News
Numotion Data Breach Impacts Nearly 500,000 Individuals
Andrew Doyle March 26, 2025
Numotion's latest data breach exposed the personal and health information of nearly 500,000 individuals, following a series of similar incidents, leading to multiple lawsuits.
Cloudflare R2 Service Outage: A Case Study in Human Error and System Design
News
Cloudflare R2 Service Outage: A Case Study in Human Error and System Design
Andrew Doyle March 26, 2025
Cloudflare's R2 service suffered a 77-minute outage due to a password rotation error, highlighting the risks of human error in cloud infrastructure.
Next.js Flaw Allows Unauthorized Access
News
Next.js Flaw Allows Unauthorized Access
Mitchell Langley March 25, 2025
Critical Next.js vulnerability (CVE-2025-29927) lets attackers bypass authorization, impacting versions before 15.2.3. Urgent updates are needed.
Ukraine Railway Hit by Cyberattack: Online Systems Disrupted
News
Ukraine Railway Hit by Cyberattack: Online Systems Disrupted
Andrew Doyle March 25, 2025
A major cyberattack targeted Ukraine's railway system, disrupting online services but not train operations. Restoration efforts are ongoing.
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
Cybersecurity
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
Andrew Doyle March 25, 2025
Chinese Weaver Ant hackers infiltrated a telecom network for over four years, using advanced techniques like web shell tunneling and data exfiltration.
Firefox 149 Launches with a Built-In VPN for Better Privacy
Application Security
Firefox 149 Launches with a Built-In VPN for Better Privacy
Andrew Doyle March 25, 2026
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Cybersecurity
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Mitchell Langley March 25, 2026
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
News
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Andrew Doyle March 18, 2026
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Cybersecurity
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Mitchell Langley March 18, 2026

TOP CYBERSECURITY HEADLINES

Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Cybersecurity
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Cybersecurity
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Cybersecurity
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026 What Day 1 Revealed
Cybersecurity
Major Announcements from RSAC 2026: What Day 1 Revealed

This Week’s Security Spotlight

Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Cybersecurity
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Andrew Doyle March 13, 2026
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Andrew Doyle March 12, 2026
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Mitchell Langley March 12, 2026
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
More In News
Trending
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Targeted Phishing Attack Breaches Security Firm Executive
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
DragonForce Ransomware: The Evolving Threat to Healthcare Data
June 17, 2025
Podcasts
Google’s $32B Bid for Wiz Faces DOJ Fire: A Cloud Security Power Play or Market Grab?
June 17, 2025
Podcasts
SimpleHelp Exploit Fallout: Ransomware Hits Utility Billing Platforms
June 16, 2025

Cyber Security News

Inotiv Reports Massive Data Breach Impacting Thousands
Data Security
Inotiv Reports Massive Data Breach Impacting Thousands
December 8, 2025
Agentic Security Fortifies Its Position with $130 Million Funding Round
Cybersecurity
Agentic Security Fortifies Its Position with $130 Million Funding Round
December 8, 2025
Porsche Owners in Russia Face Unexpected Disruption Satellite Security System Malfunction
Cybersecurity
Porsche Owners in Russia Face Unexpected Disruption: Satellite Security System Malfunction
December 8, 2025
Hackers Breach Marquis A Fintech Data Nightmare
Cybersecurity
Hackers Breach Marquis: A Fintech Data Nightmare
December 5, 2025
AI Used to Delete Government Databases in Breach of Cybersecurity Protocols
Cybersecurity
AI Used to Delete Government Databases in Breach of Cybersecurity Protocols
December 5, 2025
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware CISA's Critical Alert
Application Security
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware: CISA’s Critical Alert
December 5, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Over 46,000 Grafana Instances Still Vulnerable to ‘Grafana Ghost’ Account Takeover Bug
June 16, 2025
A critical vulnerability in Grafana leaves over 46,000 internet-facing instances exposed to account hijacking and JavaScript injection through malicious plugin redirects.
Silent Surveillance: The Hidden Risks in 40,000+ Unsecured Cameras
June 15, 2025
In this episode, we dig into a disturbing yet underreported national security threat: the exploitation of internet-connected surveillance cameras—especially those manufactured in the People’s Republic ...
Paragon’s Promise vs. Reality: How Graphite Is Being Used Against Journalists and Activists
June 15, 2025
In this episode, we dive deep into the alarming revelations surrounding Graphite, a powerful spyware tool developed by Israeli firm Paragon Solutions. Promoted as a ...
zeroRISC Secures $10M to Commercialize OpenTitan and Reinvent Supply Chain Security
June 14, 2025
zeroRISC just raised $10 million to bring OpenTitan—the first open-source silicon Root of Trust—to market. In this episode, we break down what this funding means ...
Fog, RedFox, and the Rise of Silent Intruders: Cyberattacks Surge Against Financial Institutions
June 14, 2025
The financial services industry is under siege. In this episode, we unpack the latest findings from Radware’s 2025 Financial Threat Analysis and multiple intelligence reports ...
9.8 Severity and Counting: Inside Trend Micro’s Latest Security Emergency
June 13, 2025
In this episode, we break down Trend Micro’s urgent June 10th security update that patched ten high- and critical-severity vulnerabilities—some with CVSSv3.1 scores as high ...
Zero-Day in the Call Center: Mitel MiCollab Exploited in Active Attacks
June 13, 2025
In this episode, we dissect the critical vulnerabilities plaguing Mitel MiCollab, a widely used unified communications platform, and explore how attackers are exploiting these flaws ...
Graphite Spyware Used in Zero-Click iOS Attacks on European Journalists
June 13, 2025
Citizen Lab confirms Paragon’s Graphite spyware exploited an iOS zero-day to launch zero-click attacks on European journalists through iMessage without any user interaction.
Password-Spraying Campaign Hits Over 80,000 Microsoft Entra ID Accounts with TeamFiltration Tool
June 13, 2025
Threat actor UNK_SneakyStrike used TeamFiltration to launch password-spraying attacks on over 80,000 Microsoft Entra ID accounts across hundreds of global organizations.
The Info-Stealer Sting: A Deep Dive into INTERPOL’s Operation Secure
June 13, 2025
Join us for a gripping discussion on “Operation Secure,” a landmark international crackdown that reverberated through the dark corners of the cybercriminal world between January ...
Hackers Claim 64 Million T-Mobile Records Leaked Online
June 13, 2025
Hackers claim to have leaked 64 million T-Mobile records online, including sensitive personal and device data. The breach may contain new data unseen in past ...
Qilin Ransomware Claims Asefa Attack: 210GB of Data Leaked Including FC Barcelona Insurance Files
June 13, 2025
Qilin ransomware group claims to have stolen 210GB of sensitive data from Spanish insurer Asefa, including internal documents and a Camp Nou insurance plan.
Spyware Scandal Expands as Second Italian Journalist Targeted with Paragon Surveillance Tool
June 13, 2025
Citizen Lab confirms Paragon spyware targeted a second journalist at Fanpage, deepening Italy’s political surveillance controversy and raising new concerns over investigative oversight.
How to Defend Your Organization Against Scattered Spider’s Service Desk Attacks
June 12, 2025
Scattered Spider service desk attacks exploit social engineering to bypass security, targeting help desks for credential access. Learn defense strategies using open-source tools and training. ...
Food Delivery App GonnaOrder Leaked Customer Names, Addresses, and Order Info for Nearly Two Years
June 12, 2025
A misconfigured Kafka Broker on GonnaOrder’s platform exposed customer names, phone numbers, and delivery details across Europe from August 2022 to May 2025.
Headero App Data Leak Exposes Over Four Million Sensitive User Records, Including GPS and Sexual Preferences
June 12, 2025
A misconfigured database tied to the Headero dating app exposed over four million sensitive user records, including GPS coordinates, explicit chat logs, and STD statuses. ...
Ransomware Attack on Mastery Schools Exposes Thousands of Sensitive Records, Including Credit Card and Biometric Data
June 12, 2025
A ransomware breach at Mastery Schools in Philadelphia exposed sensitive personal and financial records, affecting over 37,000 individuals including students, staff, and families.
Mental Health Provider Mount Rogers Targeted by INC Ransom, Internal Documents and Personal Details Leaked
June 12, 2025
Ransomware group INC Ransom breached Mount Rogers Community Services, leaking internal files, personal emails, and invoices from the mental health provider's systems.
Erie Insurance Cyberattack Causes System-Wide Disruptions and Portal Outages
June 12, 2025
Erie Insurance confirms a cyberattack as the source of major service disruptions since June 7, affecting customer access, claims processing, and business operations.
Tomcat Manager Attacks: 400 IPs in Coordinated Brute-Force Attack
June 11, 2025
On June 5, 2025, GreyNoise flagged a massive spike in coordinated brute-force login attempts targeting Apache Tomcat Manager interfaces. Nearly 400 unique IP addresses, many ...
Cybercriminals Exploit Google Ads in a Deceptive Tax Document Malvertising Campaign
Dutch Ministry of Finance Hit by Cyberattack as Data Breach Investigation Continues
Open Source Projects Face a Rising Tide of Malware Infections
Major Announcements from RSAC 2026: What Day 1 Revealed
QualDerm Partners Data Breach Hits Over 3.1 Million People
Cryptocurrency Threats via Phishing Campaign Targeting French-Speaking Corporations
Microsoft Fixes Gmail and Yahoo Synchronization Issues for Classic Outlook Users
Gartner Publishes Its First Market Guide for Guardian Agents
TeamPCP Strikes Again, This Time Targeting the Python Package litellm
Software Supply Chains Are the New Frontline for Cyber Risk
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud