Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
All American Poly Data Breached, 2024 Cyberattack Exposes Sensitive Consumer Data
News
All American Poly Data Breached, 2024 Cyberattack Exposes Sensitive Consumer Data
Mitchell Langley January 30, 2025
All American Poly Corporation (American Poly) confirmed a data breach stemming from a 2024 cyberattack, exposing customer names and Social Security numbers. A data breach ...
Microsoft Teams Exploited in Sophisticated Ransomware Attacks
News
Microsoft Teams Exploited in Sophisticated Ransomware Attacks
Mitchell Langley January 29, 2025
Cybercriminals are exploiting Microsoft Teams for ransomware attacks, using spam emails, Teams messages, and calls to infiltrate companies, steal data, and deploy malware. Sophos identified ...
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
Cybersecurity
Apple CPU Side-Channel Attacks (SLAP & FLOP) Threaten Safari Browser Security
Mitchell Langley January 29, 2025
New Apple CPU side-channel attacks, dubbed SLAP and FLOP, exploit flaws in speculative execution to steal data from web browsers. Researchers demonstrated the attacks' ability ...
Clone2Leak Attacks Exploit Git Flaws to Steal Credentials
News
Clone2Leak Attacks Exploit Git Flaws to Steal Credentials
Mitchell Langley January 29, 2025
Clone2Leak attacks exploit Git vulnerabilities, allowing attackers to steal credentials from GitHub Desktop, Git LFS, and other tools via carriage return smuggling, newline injection, and ...
Microsoft and OpenAI Investigate Data Breach
News
Microsoft and OpenAI Investigate Data Breach
Gabby Lee January 29, 2025
Microsoft and OpenAI are investigating a data breach linked to DeepSeek, a Chinese AI startup, raising concerns about data security and intellectual property in the ...
DeepSeek AI Hit by Cyberattack: American AI Firms Trying to Poke Holes into DeepSeek
News
DeepSeek AI Hit by Cyberattack: American AI Firms Trying to Poke Holes into DeepSeek
Gabby Lee January 28, 2025
DeepSeek AI, a Chinese startup, faces a cyberattack after its AI assistant app skyrockets to the top of the US App Store, raising questions about ...
Subaru Security Flaw Allows Remote Vehicle Tracking and Hijacking
News
Subaru Security Flaw Allows Remote Vehicle Tracking and Hijacking
Mitchell Langley January 28, 2025
A Subaru vulnerability in the Starlink system allowed remote access, enabling tracking, unlocking, and starting vehicles. Ethical hacker Sam Curry discovered the flaw, highlighting significant ...
Smiths Group Hit by Cyber Attack: Shares Drop for the FTSE 100 Firm
News
Smiths Group Hit by Cyber Attack: Shares Drop for the FTSE 100 Firm
Mitchell Langley January 28, 2025
Smiths Group, a FTSE 100 firm, suffered a cyber attack resulting in unauthorized system access. The company isolated affected systems and is working with cybersecurity ...
UnitedHealthcare Data Breach Update: 190 Million Impacted in Change Healthcare Cyber Attack
News
UnitedHealthcare Data Breach Update: 190 Million Impacted in Change Healthcare Cyber Attack
Mitchell Langley January 27, 2025
The UnitedHealthcare data breach, resulting from a Change Healthcare cyberattack, has impacted a staggering 190 million individuals, making it the largest healthcare data breach in ...
TalkTalk Customer Data Breached, Hackers Claim Theft of Millions of Customer Records
News
TalkTalk Customer Data Breached, Hackers Claim Theft of Millions of Customer Records
Mitchell Langley January 27, 2025
TalkTalk investigates a major customer data breach after a hacker claims to have stolen personal information from millions of subscribers, a claim TalkTalk disputes.
British Museum Hit in IT Attack: Ex-Worker Behind Cyberattack
News
British Museum Hit in IT Attack: Ex-Worker Behind Cyberattack
Gabby Lee January 27, 2025
The British Museum faced a severe IT attack, forcing partial closure. A disgruntled ex-IT contractor caused the British Museum cyberattack, leading to system shutdowns and ...
This Week In Cybersecurity: 20th January to 24th January
News
This Week In Cybersecurity: 20th January to 24th January
Mitchell Langley January 24, 2025
This week in cybersecurity, we highlight major breaches, including the PowerSchool incident affecting Canadian schools and a cyberattack on Oregon's Carruth Compliance Consulting. Additionally, the ...
Conduent Confirms Cyberattack Disrupting Services Across Government Agencies
News
Conduent Confirms Cyberattack Disrupting Services Across Government Agencies
Mitchell Langley January 24, 2025
Conduent confirms cyberattack impacting government agencies and causing service disruptions across multiple US states. The company confirmed that it “experienced ...
Big Cheese Studio Game Code Compromised in Cyber Attack
News
Big Cheese Studio Game Code Compromised in Cyber Attack
Gabby Lee January 24, 2025
Polish game developer Big Cheese Studio suffered a cyberattack, with hackers demanding a cryptocurrency ransom and threatening data release. The Big Cheese Studio cyber attack ...
Texas Insider Breach: Theft of Benefit Funds Impacts 61,000
News
Texas Insider Breach: Theft of Benefit Funds Impacts 61,000
Mitchell Langley January 23, 2025
Texas insider breach at HHSC exposed the personal information of 61,000 individuals and resulted in the theft of benefit funds, leading to seven employee firings ...
Cyber Attack on Consultant Exposes Sensitive Data of Oregon School Employees
News
Cyber Attack on Consultant Exposes Sensitive Data of Oregon School Employees
Mitchell Langley January 23, 2025
A cyber attack on Carruth Compliance Consulting, managing retirement plans for Oregon school districts, exposed sensitive employee data including Social Security numbers and financial information. ...
Lessons from Ace Hardware Cyber Attack: A Case Study in Data Security for Enterprise Businesses
News
Lessons from Ace Hardware Cyber Attack: A Case Study in Data Security for Enterprise Businesses
Gabby Lee January 23, 2025
The Ace Hardware cyber attack exposed sensitive data from over 7,000 individuals, resulting in significant financial and reputational damage, highlighting the critical need for robust ...
North Pole Company Data Breach Exposes Sensitive Data of Half a Million Users
News
North Pole Company Data Breach Exposes Sensitive Data of Half a Million Users
Mitchell Langley January 22, 2025
The North Pole Company suffered a data breach, exposing sensitive data of 520,599 customers. The breach, revealed on BreachForums, highlights risks of identity theft and ...
PowerSchool Breach Might Have Exposed Decades of Canadian Students and Powerschool Teachers Data
News
PowerSchool Breach Might Have Exposed Decades of Canadian Students and Teachers Data
Mitchell Langley January 22, 2025
The PowerSchool CMS cyberattack exposed decades of student and Powerschool Teachers Data . Parents and schools urged to monitor personal information closely.
Dallas ISD PowerSchool Data Breach Exposes Student Information
News
Dallas ISD PowerSchool Data Breach Exposes Student Information
Gabby Lee January 22, 2025
Dallas ISD PowerSchool data breach exposes sensitive student information, including social security numbers. Learn about the cybersecurity incident and the risks.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
DragonForce Ransomware: The Evolving Threat to Healthcare Data
June 17, 2025
Podcasts
Google’s $32B Bid for Wiz Faces DOJ Fire: A Cloud Security Power Play or Market Grab?
June 17, 2025
Podcasts
SimpleHelp Exploit Fallout: Ransomware Hits Utility Billing Platforms
June 16, 2025

Cyber Security News

Malware Learns to Think Google Warns of AI-Powered Evasive Techniques
Cybersecurity
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
November 6, 2025
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Data Security
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
November 6, 2025
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
Application Security
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
November 6, 2025
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
Information Security
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
November 6, 2025
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
Cybersecurity
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
November 6, 2025
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
Cybersecurity
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
November 6, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
May 6, 2025
Explore six critical Supply Chain Cybersecurity Risks in 2025—from AI-driven cyberattacks and IoT vulnerabilities to quantum computing and geopolitical threats shaping logistics.
$491M Budget Cut: The White House Move That Could Reshape CISA
May 6, 2025
 In this episode, we unpack the rising tensions surrounding the Cybersecurity and Infrastructure Security Agency (CISA) as it faces proposed budget cuts, looming layoffs, and ...
Rhysida Ransomware Gang Claims Cyberattack on Peruvian Government Systems
May 6, 2025
Rhysida ransomware group has claimed responsibility for a cyberattack on Peru’s government systems, demanding payment for stolen data while officials deny any breach occurred.
Anonymous Hacks GlobalX Airline Over Deportation Flights Linked to ICE and Trump-Era Policy
May 6, 2025
Anonymous defaced a GlobalX subdomain and leaked flight manifests related to ICE deportation flights of Venezuelan migrants, protesting Trump-era policies ruled unlawful by a federal ...
Trump’s Security Adviser Targeted in Messaging App Breach Linked to Signal Clone
May 6, 2025
A hacked Signal clone used by Trump’s former security adviser Mike Waltz has raised serious concerns over the safety of sensitive government communications.
New York Post X Account Hacked and Hijacked in Targeted Crypto Scam
May 6, 2025
Hackers hijacked the New York Post’s verified X account to target crypto users via direct messages, redirecting victims to a Telegram-based scam under false pretenses. ...
EU Fines TikTok €530 Million For Data Protection Failures
May 6, 2025
TikTok has been fined €530 million by EU regulators over data protection failures and may face a data transfer suspension to China unless it complies ...
TikTok Fined €530M: GDPR Breach Over Data Transfers to China
May 5, 2025
The Irish Data Protection Commission (DPC) has fined TikTok a staggering €530 million ($601 million) for violating the GDPR by transferring European user data to ...
StealC Malware Upgraded With Advanced Data Theft and Stealth Capabilities
May 5, 2025
StealC malware receives major upgrade with advanced stealth, encryption, and data theft tools, including real-time Telegram alerts and full desktop screenshot capabilities.
Endor Labs Raises $93M to Cut AppSec Noise and Secure the Software Supply Chain
May 5, 2025
In this episode, we explore the security challenges of the AI-driven software era and how Endor Labs is reshaping application security for the modern development ...
UK Retailer Co-op Discloses Data Theft After DragonForce Ransomware Compromise
May 5, 2025
UK retailer Co-op has confirmed a data breach impacting millions, following a ransomware attack by DragonForce. Personal details were stolen, but no financial data.
U.S. Indicts Black Kingdom Ransomware Developer Behind 1,500 Microsoft Exchange Attacks
May 5, 2025
The U.S. has indicted a Yemeni national for operating Black Kingdom ransomware, targeting Microsoft Exchange servers in 1,500 global attacks demanding $10,000 in Bitcoin.
CVE-2025-3928: How One Vulnerability Breached Commvault’s Azure Stack
May 5, 2025
In this episode, we take a deep dive into CVE-2025-3928—a critical vulnerability in the Commvault Web Server that enables remote attackers to deploy and execute ...
Sodinokibi/REvil Ransomware: The Evasive Threat
May 5, 2025
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April 2019. Initially observed primarily in ...
beWanted Exposes Personal Data of 1.1 Million Job Seekers Across Europe and Latin America
May 5, 2025
Employment platform beWanted leaked over 1.1 million CVs containing names, ID numbers, contact details, and employment history.
Nova Scotia Power, a Canadian Utility, Breached: A Global Warning for Critical Infrastructure
May 2, 2025
On April 25, 2025, Nova Scotia Power, the province’s primary electricity provider, confirmed what many suspected: a cyber incident involving unauthorized access had compromised customer ...
SentinelOne Discloses Ongoing Attacks by Nation-State Hackers and Ransomware Gangs
May 2, 2025
In a rare move, SentinelOne has publicly confirmed that it is under persistent attack from nation-state threat actors and ransomware gangs. This episode breaks down ...
Nova Scotia Power Confirms Customer Data Compromised in Cyberattack
May 2, 2025
Nova Scotia Power confirms personal customer data was stolen in a cyberattack on April 25, though electricity services remain unaffected as the investigation continues.
OpenEoX and the Future of End-of-Life Standardization in IT
May 2, 2025
In this episode, we unpack the evolving landscape of Product Lifecycle Management (PLM) and why it’s become a strategic cornerstone in modern IT environments. From ...
Malicious PyPI Packages Exploit Gmail and WebSockets to Hijack Systems
May 2, 2025
Seven malicious PyPI packages exploited Gmail and WebSockets for remote command execution and data theft, with some packages downloaded over 18,000 times.
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited