Main Menu
Cyber Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited
Instagram’s Privacy Controls Data Exposure: Review of Recent Findings
Former Google Engineer Found Guilty of Stealing AI Data for Chinese Firms
eScan Antivirus Compromised: Supply Chain Security Breach Uncovered
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Android Malware Incident: Hugging Face Repository Misuse
Chrome Extensions Prove Malicious with Data Hijacking Tricks
White House Revokes Software Security Rules But Keeps Key Resources
Microsoft Sets Retirement for NTLM Protocol in Windows for Enhanced Security
Startup Aisy Secures $2.3 Million Seed Fund to Enhance Vulnerability Management
Surge in Illegal Cryptocurrency Flows Reaches $158 Billion by 2025
Legal Repercussions Mount for Cognizant After TriZetto Incident
Global Crackdown Disrupts Illegal IPTV Services and Sends Strong Message
More Than 175,000 Exposed Hosts Pose Risks for Ollama LLM Misuse
Vermont School Breached in PowerSchool Hack
News
Vermont School Breached in PowerSchool Hack
Mitchell Langley January 13, 2025
PowerSchool data breach exposed the personal data of Vermont school students and staff. The impact varies, but cybersecurity concerns are high. Schools are taking steps ...
This Week In Cybersecurity: 06th January to 10th January
News
This Week In Cybersecurity: 06th January to 10th January
Mitchell Langley January 11, 2025
Casio Data Breach Ransomware Attack Compromised 8,500 Individuals A ransomware attack on Casio in October 2024 compromised personal data of ...
PowerSchool Data Breach Impacts Bozeman Public Schools
News
PowerSchool Data Breach Impacts Bozeman Public Schools
Mitchell Langley January 11, 2025
PowerSchool data breach impacted Bozeman Public Schools, compromising student, family, and teacher data including contact details and employment information. PowerSchool and the district are working ...
PowerSchool Data Breach Hits Louisiana School Districts: Ascension Parish Schools, Livingston Parish Schools Among the Ones Affected
News
PowerSchool Data Breach Hits Louisiana School Districts: Ascension Parish Schools, Livingston Parish Schools Among the Ones Affected
Mitchell Langley January 10, 2025
PowerSchool data breach impacted Louisiana school districts, potentially exposing sensitive student and staff information. PowerSchool claims the data has been deleted, but the incident highlights ...
New Mirai Botnet Leverages Zero-Day Exploits to Target Industrial Routers
News
New Mirai Botnet Leverages Zero-Day Exploits to Target Industrial Routers
Mitchell Langley January 10, 2025
A new Mirai botnet is using zero-day exploits to target industrial routers and smart home devices, launching high-intensity DDoS attacks. Learn about the vulnerabilities and ...
UK's Nominet Hit by Cyber Attack: Hackers Exploited Zero-Day Ivanti VPN Vulnerability
News
UK’s Nominet Hit by Cyber Attack: Hackers Exploited Zero-Day Ivanti VPN Vulnerability
Gabby Lee January 10, 2025
The UK Internet Domain Registry, Nominet, suffered a cyber attack exploiting a zero-day vulnerability in Ivanti VPN software. While no data breach is confirmed, the ...
BayMark Health Services Data Breach: Ransomware Attack Exposes Patient Data
News
BayMark Health Services Data Breach: Ransomware Attack Exposes Patient Data
Mitchell Langley January 10, 2025
BayMark Health Services suffered a significant data breach after a ransomware attack, exposing sensitive patient information. The company is working to mitigate the damage and ...
Medusind Breach Exposes Sensitive Patient Data of Over 360,000 Customers
News
Medusind Breach Exposes Sensitive Patient Data of Over 360,000 Customers
Gabby Lee January 10, 2025
US dental and medical billing firm Medusind suffered a significant data breach, exposing the personal, financial, and medical data of over 360,000 customers. The breach, ...
PowerSchool Hack Compromises Alabama K-12 Student Data
News
PowerSchool Hack Compromises Alabama K-12 Student Data
Mitchell Langley January 10, 2025
PowerSchool data breach has affected Alabama K-12 schools, raising concerns about student and teacher data security. The incident highlights the ongoing vulnerability of educational institutions ...
Casio Data Breach Ransomware Attack Compromised 8,500 Individuals
News
Casio Data Breach Ransomware Attack Compromised 8,500 Individuals
Mitchell Langley January 8, 2025
Casio confirms customer data compromised in ransomware attack
Green Bay Packers Pro Shop Data Breach Exposes Customer Information
News
Green Bay Packers Pro Shop Data Breach Exposes Customer Information
Mitchell Langley January 8, 2025
Green Bay Packers data breach affected NFL team's Packers Pro Shop website with customer's info compromised.
Rivers Casino Data Breach Follows Class-Action Lawsuits After Personal Information Compromised
News
Rivers Casino Data Breach Follows Class-Action Lawsuits After Personal Information Compromised
Gabby Lee January 8, 2025
Rivers Casino Philadelphia data breach exposed sensitive customer information, leading to multiple class-action lawsuits. Learn about the extent of the breach and the legal actions ...
PowerSchool Hack Exposes Sensitive Data of Students and Teachers in K-12 Districts
News
PowerSchool Hack Exposes Sensitive Data of Students and Teachers in K-12 Districts
Mitchell Langley January 8, 2025
PowerSchool hack exposed student and teacher data from K-12 districts, including SSNs and PII, prompting investigations and credit monitoring services for those affected.
Top 15 Cyberattacks of 2024 The Worst Incidents for Enterprise
Blog
Top 15 Cyberattacks of 2024: The Worst Incidents for Enterprise
Mitchell Langley January 8, 2025
2024 saw a record number of significant cyberattacks targeting enterprises. This blog post dissects the Top 15 Cyber Attacks of 2024, examining the impact, vulnerabilities ...
Hacked Chrome Extensions Expose 2.6 Million Users to Data Leaks
News
Hacked Chrome Extensions Expose 2.6 Million Users to Data Leaks
Mitchell Langley January 7, 2025
Over 36 Hacked Chrome extensions put 2.6 million users at risk of data leaks, exposing browsing data and credentials. Security researchers urge immediate removal of ...
Westend Dental Fined $350,000 for Covering Up Ransomware Attack Data Breach
News
Westend Dental Fined $350,000 for Covering Up Ransomware Attack Data Breach
Gabby Lee January 7, 2025
Westend Dental LLC, a US dental chain, was fined $350,000 for lying about a 2020 ransomware attack that resulted in a major data breach. Their ...
Nuclei Vulnerability Allows Signature Bypass and Code Execution
Cybersecurity
Nuclei Vulnerability Allows Signature Bypass and Code Execution
Mitchell Langley January 7, 2025
Nuclei vulnerability (CVE-2024-43405) allows signature bypass and code execution due to inconsistencies in newline character handling between signature verification and YAML parsing. Update to version ...
Washington Sues T-Mobile Over Data Breach Impacting Millions
News
Washington Sues T-Mobile Over Data Breach Impacting Millions
Mitchell Langley January 7, 2025
Washington state sued T-Mobile for a massive data breach affecting millions, alleging negligence and inadequate customer notification. The T-Mobile data breach exposed sensitive personal information.
City Bank Data Breach: Client Financial Statements Sold on Underground Forums
News
City Bank Data Breach: Client Financial Statements Sold on Underground Forums
Gabby Lee January 7, 2025
City Bank data breach resulted in client financial statements being sold on underground forums. The vulnerability, involving weak multi-factor authentication and improper session handling, was ...
PLAYFULGHOST Malware: Exploiting Phishing, SEO Poisoning, and Trojanized VPNs
News
PLAYFULGHOST Malware: Exploiting Phishing, SEO Poisoning, and Trojanized VPNs
Mitchell Langley January 7, 2025
PLAYFULGHOST malware uses phishing, SEO poisoning, and trojanized VPN apps to steal data, highlighting the need for robust cybersecurity practices.
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
Andrew Doyle February 4, 2026
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
Mitchell Langley February 4, 2026
Everest Extortion Group and Iron Mountain Data Incident Key Insights
News
Everest Extortion Group and Iron Mountain Data Incident: Key Insights
Mitchell Langley February 4, 2026
Osiris Ransomware Disables Security Tools in Novel Attack
News
Osiris Ransomware Disables Security Tools in Novel Attack
Andrew Doyle January 28, 2026

TOP CYBERSECURITY HEADLINES

RapidFort Secures $42 Million to Enhance Software Security Automation
Cybersecurity
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X's Grok AI for Generating Inappropriate Images
Cybersecurity
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability Understanding Its Impact on Docker Desktop and CLI
Application Security
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA's Vulnerability Notice Revisions Spark Concerns
Cybersecurity
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns

This Week’s Security Spotlight

Revelations from Epstein Files Allegations of a Personal Hacker
Cybersecurity
Revelations from Epstein Files: Allegations of a “Personal Hacker”
Andrew Doyle February 4, 2026
Nike Investigates Breach as Hackers Threaten Data Disclosure
Cybersecurity
Nike Investigates Breach as Hackers Threaten Data Disclosure
Andrew Doyle January 28, 2026
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Application Security
Microsoft Investigates Outlook Crashing on iPad Devices due to Coding Error
Andrew Doyle January 28, 2026
TP-Link's Vulnerability Critical Patch for VIGI Cameras
Network Security
TP-Link’s Vulnerability: Critical Patch for VIGI Cameras
Gabby Lee January 20, 2026
More In News
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Silent Surveillance: The Hidden Risks in 40,000+ Unsecured Cameras
June 15, 2025
Podcasts
Paragon’s Promise vs. Reality: How Graphite Is Being Used Against Journalists and Activists
June 15, 2025
Podcasts
zeroRISC Secures $10M to Commercialize OpenTitan and Reinvent Supply Chain Security
June 14, 2025

Cyber Security News

Nikkei Slack Breach Exposes 17,000 Employees’ and Partners’ Data
Information Security
Nikkei Slack Breach Exposes 17,000 Employees’ and Partners’ Data
November 4, 2025
Emergency WSUS Patch Breaks Hotpatching Function for Windows Server 2025 Systems
Application Security
Emergency WSUS Patch Breaks Hotpatching Function for Windows Server 2025 Systems
November 4, 2025
SleepyDuck Malware Poses Supply Chain Threat Through Fake VS Code Extension
Application Security
SleepyDuck Malware Poses Supply Chain Threat Through Fake VS Code Extension
November 4, 2025
How Device Code Phishing Abuses OAuth Flows on Google and Azure
Identity and Access Management
How Device Code Phishing Abuses OAuth Flows on Google and Azure
November 3, 2025
Balancer Protocol Breached in $128 Million Attack on DeFi Pools
Cybersecurity
Balancer Protocol Breached in $128 Million Attack on DeFi Pools
November 3, 2025
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
Application Security
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
November 3, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Darcula: AI-Enhanced Phishing Platform Targets Users Worldwide
April 29, 2025
The Darcula phishing platform has been upgraded with AI, enabling cybercriminals to quickly generate multilingual phishing scams and harvest user credentials on a global scale. ...
Major AI Vulnerability Exposed: Single Prompt Grants Full Control
April 28, 2025
Researchers uncovered a major AI vulnerability allowing attackers to bypass safeguards with a single prompt, gaining control over AI systems to generate dangerous content.
Hard-Coded Havoc: The Fatal Flaws in Planet’s Network Devices
April 28, 2025
A wave of critical vulnerabilities in Planet Technology’s industrial switches and network management systems could let attackers hijack devices, steal data, and sabotage industrial networks—with ...
Craft CMS Crisis: The 10.0-Rated RCE Flaw Every Developer Must Patch Now
April 28, 2025
A critical, actively exploited vulnerability (CVE-2025-32432) is wreaking havoc on Craft CMS—allowing attackers to execute arbitrary PHP code on unpatched servers with no authentication required. ...
Policy Puppetry: How a Single Prompt Can Trick ChatGPT, Gemini & More Into Revealing Secrets
April 28, 2025
Recent research by HiddenLayer has uncovered a shocking new AI vulnerability—dubbed the “Policy Puppetry Attack”—that can bypass safety guardrails in all major LLMs, including ChatGPT, ...
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
April 28, 2025
Cybersecurity myths are more dangerous than you think. Here are 13 common myths that are silently sabotaging your security—and what to do instead.
WooCommerce Admins Targeted by Fake Security Patches Delivering WordPress Backdoors
April 28, 2025
A new phishing campaign is targeting WooCommerce administrators with fake security alerts designed to hijack websites by installing hidden backdoors and persistent malware.
Marks & Spencer Halts Online Orders Following Cyberattack
April 28, 2025
Marks & Spencer suspended online orders following a cyberattack impacting digital and in-store services, while investigations continue in collaboration with external cybersecurity specialists.
Pro-Russian Hackers NoName Intensify DDoS Attacks Against German Organizations
April 28, 2025
Pro-Russian hackers NoName057(16) have intensified DDoS attacks against German organizations, targeting banks, manufacturers, and government websites in retaliation for political decisions related to Ukraine.
DragonForce Expands Ransomware Model with White-Label Branding
April 28, 2025
DragonForce expands its ransomware cartel with a white-label model, allowing affiliates to use its infrastructure under their own brand, taking a 20% cut of ransoms. ...
SK Telecom Shares Drop Sharply Following a Cyberattack and Customer Data Breach
April 28, 2025
SK Telecom Reports Customer Data Breach Linked to Cyberattack SK Telecom, South Korea’s largest mobile carrier, announced that it suffered a major customer data breach ...
Lazarus Strikes Again: Inside Operation SyncHole and the 1-Day Exploitation Crisis
April 25, 2025
In this episode, we break down the most urgent cybersecurity developments from late April 2025—including the Lazarus Group’s high-profile “Operation SyncHole” targeting South Korean industries. ...
OAuth Phishing and Microsoft 365: The Hidden Threats SMBs Can’t Ignore
April 25, 2025
In this episode, we dissect the real-world challenges of securing Microsoft 365 environments—especially for small and medium-sized businesses—amid rising threats and licensing limitations. From Reddit ...
Navigating the Complex Intersection of AI and Data Privacy
April 25, 2025
The rise of artificial intelligence (AI) presents incredible opportunities, but it also introduces complex challenges regarding data privacy. This blog post delves into the crucial ...
Why Outlook Is Eating Your CPU — And What Microsoft Says About It
April 25, 2025
Microsoft has acknowledged a serious issue affecting users of classic Outlook for Windows: CPU usage spikes up to 50% just from typing emails. First appearing ...
Russian Military Targeted by AlpineQuest Android Spyware Hidden in Trojanized Mapping App
April 25, 2025
Spyware hidden in a fake AlpineQuest app is stealing sensitive data from Russian soldiers, revealing operational plans via location tracking and real-time Telegram monitoring.
Frederick Health Data Breach Impacts 934,326 Patients
April 25, 2025
In January, a ransomware attack on Frederick Health Medical Group exposed sensitive data of 934,326 patients, triggering law enforcement involvement and mandatory federal breach reporting. ...
This Week In Cybersecurity: 21st – 25th April, 2025
April 25, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Interlock Ransomware Gang Claims DaVita Cyberattack, Leaks 1.5TB of Stolen Data
April 25, 2025
The Interlock ransomware group has claimed responsibility for a cyberattack on DaVita, leaking 1.5TB of sensitive data allegedly stolen from the Fortune 500 healthcare provider.
MTN Confirms Data Breach Impacting Customer Information, Core Systems Unaffected
April 25, 2025
MTN confirms a data breach exposing limited customer data, assures core systems are safe. Law enforcement and regulators have been notified as investigations continue.
RapidFort Secures $42 Million to Enhance Software Security Automation
UK Data Protection Authority Probes X’s Grok AI for Generating Inappropriate Images
The DockerDash Vulnerability: Understanding Its Impact on Docker Desktop and CLI
U.S. CISA’s Vulnerability Notice Revisions Spark Concerns
React Native’s Metro Server Vulnerability: A Growing Cyber Threat
Reconnaissance Attack On Citrix NetScaler Targets Login Panels with Proxy Networks
State-Sponsored Cyber Espionage: Notepad++ Update Traffic Hijacked
Cybercriminals Exploit Weak Security in 1,400 MongoDB Servers
Malicious VS Code Extensions Spread GlassWorm Loader
Surge in Fake Investment Platforms Exploiting Social Media
Fast Food Giant McDonald Calls for Creative Passwords to Enhance Security
Identity Challenges in User Data Storage and Security Maintenance
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
Microsoft’s Strategy to Eliminate NTLM in Favor of Kerberos
ClawHub’s Third-Party Skills Security Risks: User Data at Stake
Firefox Introduces Options to Control AI Features
Microsoft Acknowledges Shutdown Issue in Windows 10 and 11 Systems
Increasing Threats from Automated Data Extortion Targeting MongoDB
Apple Enhances Location Privacy With New Feature for iPhone and iPad
Zero-Day Vulnerabilities in Ivanti EPMM Exploited