Main Menu
Cyber Security
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Tech Giants Invest $12.5 Million in Open Source Software Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Stryker’s Internal Microsoft Environment Was Breached Last Week
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
How AI Is Making Financial Fraud 4.5 Times More Profitable
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
FBI Seeks Gamer Help in Steam Malware Investigation
Shadow AI Is Quietly Spreading Across SaaS Environments
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
VENON Banking Malware Targets Brazilian Users With Rust-Based Code
Apple Releases iOS and iPadOS Updates to Patch Coruna Exploits
Veeam Software Fixes Critical RCE Vulnerabilities in Backup & Replication Solution
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
International Operation Dismantles the Dangerous SocksEscort Proxy Service
Apple Patches Older iPhones and iPads Against Coruna Exploit Kit Attacks
Cybercriminals Target Airline Loyalty Programs: A New Threat to Travelers
Global Arrests Made in a Social Media Scam Targeting Thousands
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
WhatsApp Introduces Parent-Controlled Accounts for Younger Users
LockBit Linked SuperBlack Ransomware Exploits Fortinet Authentication Bypass Flaws
News
LockBit Linked SuperBlack Ransomware Exploits Fortinet Authentication Bypass Flaws
Mitchell Langley March 14, 2025
New SuperBlack ransomware leverages Fortinet authentication bypass flaws (CVE-2024-55591 and CVE-2025-24472), showing strong ties to LockBit. Immediate patching is crucial.
ClickFix Phishing Campaign Targets Booking.com Using Infostealers and RATs
News
ClickFix Phishing Campaign Targets Booking.com Using Infostealers and RATs
Andrew Doyle March 14, 2025
A sophisticated ClickFix phishing campaign uses fake Booking.com emails to deliver infostealers and RATs, targeting hospitality businesses. Strong security measures are crucial.
Volt Typhoon Energy Grid Cyberattack Exposes US Infrastructure Vulnerabilities
News
Volt Typhoon Energy Grid Cyberattack Exposes US Infrastructure Vulnerabilities
Mitchell Langley March 14, 2025
The Volt Typhoon advanced persistent threat (APT) group maintained access to a Massachusetts power utility's OT network for almost a year, highlighting critical infrastructure vulnerabilities.
Australian Financial Firm FIIG Securities Faces Lawsuit After Massive Financial Data Breach
News
Australian Financial Firm FIIG Securities Faces Lawsuit After Massive Financial Data Breach
Andrew Doyle March 14, 2025
FIIG Securities faces legal action from ASIC for inadequate cybersecurity, leading to a data breach exposing 18,000 clients' sensitive information. The breach highlights the critical ...
MassJacker Malware: Clipboard Hijacking Malware Tartgets 778,000 CryptoWallets
News
MassJacker Malware: Clipboard Hijacking Malware Tartgets 778,000 CryptoWallets
Mitchell Langley March 12, 2025
MassJacker malware uses clipboard hijacking to steal cryptocurrency from 778,000 wallets, highlighting sophisticated obfuscation and a potentially massive financial impact.
Cyberattack on Sunflower Medical Group and Multiple Healthcare Providers Suffer Data Breaches
News
Cyberattack on Sunflower Medical Group and Multiple Healthcare Providers Suffer Data Breaches
Andrew Doyle March 12, 2025
Multiple healthcare providers suffered significant cyberattacks and data breaches in 2025, exposing sensitive patient information, highlighting the urgent need for enhanced cybersecurity measures.
Rhode Island's Community Care Alliance Data Breach Exposes 114K Records, Central Texas Pediatric Orthopedics and Whitman Hospital Report Cyberattacks
News
Rhode Island’s Community Care Alliance Data Breach Exposes 114K Records, Central Texas Pediatric Orthopedics and Whitman Hospital Report Cyberattacks
Andrew Doyle March 12, 2025
Community Care Alliance Data Breach with 114,975 Records Exposed, Central Texas Pediatric Orthopedics and Whitman Hospital Report Cyberattacks
PowerSchool Hacked Way Back in August, Before December's Data Breach
News
PowerSchool Hacked Way Back in August, Before December’s Data Breach
Mitchell Langley March 12, 2025
PowerSchool's December 2024 data breach was preceded by hacks in August and September, exposing sensitive data for millions of students and teachers. A CrowdStrike investigation ...
Hillcrest Convalescent Center, Bay Cove Human Services and SMC Corporation of America Report Data Breaches
News
Hillcrest Convalescent Center, Bay Cove Human Services and SMC Corporation of America Report Data Breaches
Mitchell Langley March 12, 2025
Hillcrest Convalescent Center, Bay Cove Human Services and SMC Corporation of America have all reported Data Breaches
X Hit by Cyberattack: DDoS Assault by Dark Storm Group Causes Worldwide Outages
Resources
X Hit by Cyberattack: DDoS Assault by Dark Storm Group Causes Worldwide Outages
Mitchell Langley March 11, 2025
X faced a massive cyberattack, with Dark Storm claiming responsibility for a significant DDoS assault, causing widespread outages and prompting the use of Cloudflare's DDoS ...
Elon Musk Claims 'Massive Cyberattack' on X Originated from Ukraine
News
Elon Musk Claims ‘Massive Cyberattack’ on X Originated from Ukraine
Andrew Doyle March 11, 2025
Elon Musk confirmed a massive cyberattack on X, originating from the Ukraine area, causing widespread service disruptions and highlighting the vulnerability of major tech platforms.
New York Sues Allstate and National General Over Data Breaches
News
New York Sues Allstate and National General Over Data Breaches
Mitchell Langley March 11, 2025
New York sues Allstate and National General for failing to protect consumer data, resulting in two major data breaches exposing thousands of driver's license numbers.
Cl0p Ransomware Published Rackspace Files on Leak Site
News
Cl0p Ransomware Published Rackspace Files on Leak Site
Andrew Doyle March 11, 2025
Cl0p ransomware publishes Rackspace files after ignored demands, exposing hundreds of Cleo victims. This data breach highlights the ongoing threat to enterprise and cloud security.
WordPress Vulnerability Expolited to Hack Moroccan Data Protection Authority Website
News
WordPress Vulnerability Expolited to Hack Moroccan Data Protection Authority Website
Andrew Doyle March 11, 2025
Morocco's data protection authority website suffered a WordPress plugin vulnerability exploit, resulting in reputational damage despite no sensitive data loss.
NBA and NASCAR Accounts on X Hacked to Promote Cryptocurrency Scams
News
NBA and NASCAR Accounts on X Hacked to Promote Cryptocurrency Scams
Andrew Doyle March 10, 2025
The official NBA and NASCAR accounts on X were hacked to promote fake cryptocurrencies, raising serious concerns about cybersecurity and user safety on social media.
$5 Million Stolen from 1inch Due to Smart Contract Flaw
News
$5 Million Stolen from 1inch Due to Smart Contract Flaw
Mitchell Langley March 10, 2025
On March 5, 2025, 1inch confirmed a $5 million theft due to a smart contract flaw, affecting only resolver funds, not end-user assets.
US Cities Warn of Parking Phishing Texts Used to Steal Personal Data
News
US Cities Warn of Parking Phishing Texts Used to Steal Personal Data
Andrew Doyle March 10, 2025
US cities warn residents about a new wave of phishing texts claiming unpaid parking fees, threatening fines and attempting to steal personal information.
Chicago Public Schools Data Breach Exposes Hundreds of Thousands of Student Records
News
Chicago Public Schools Data Breach Exposes Hundreds of Thousands of Student Records
Mitchell Langley March 10, 2025
Hundreds of thousands of Chicago Public School students' data was exposed in a recent data breach, affecting names, birthdates, and student IDs. The FBI and ...
Bank of America Issues Warning on Data Breach: Millions of Accounts at Risk
News
Bank of America Issues Warning on Data Breach: Millions of Accounts at Risk
Andrew Doyle March 10, 2025
Bank of America has announced a massive data breach affecting millions, with customers' sensitive information potentially compromised due to a vendor's mishandling of documents.
Data Breach Settlement: Rite Aid Agrees to Pay $6.8 Million to Affected Customers
News
Data Breach Settlement: Rite Aid Agrees to Pay $6.8 Million to Affected Customers
Mitchell Langley March 10, 2025
Rite Aid has agreed to a $6.8 million settlement following a data breach affecting over 2 million customers, emphasizing the need for robust cybersecurity measures.
Sam Altman's Eyeball-Scanning Orb Takes on a New Role in AI Integration
Cybersecurity
Sam Altman’s Eyeball-Scanning Orb Takes on a New Role in AI Integration
Gabby Lee March 18, 2026
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
Cybersecurity
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
Andrew Doyle March 18, 2026
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
News
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Andrew Doyle March 18, 2026
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Cybersecurity
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Mitchell Langley March 18, 2026

TOP CYBERSECURITY HEADLINES

EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Cybersecurity
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Cybersecurity
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Application Security
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
Cybersecurity
Surf AI Raises $57 Million for Its Agentic Security Operations Platform

This Week’s Security Spotlight

Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Cybersecurity
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Andrew Doyle March 13, 2026
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Andrew Doyle March 12, 2026
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Mitchell Langley March 12, 2026
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
More In News
Trending
Targeted Phishing Attack Breaches Security Firm Executive
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure
Phishing Warnings as LastPass Users Get Targeted by Fake Alerts

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Fog, RedFox, and the Rise of Silent Intruders: Cyberattacks Surge Against Financial Institutions
June 14, 2025
Podcasts
9.8 Severity and Counting: Inside Trend Micro’s Latest Security Emergency
June 13, 2025
Podcasts
Zero-Day in the Call Center: Mitel MiCollab Exploited in Active Attacks
June 13, 2025

Cyber Security News

South Korea's Coupang Faces Data Breach Impacting Millions Implications for The Retail Giant
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
December 2, 2025
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
Application Security
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
December 2, 2025
India's Telecommunications Ministry Mandates Preloaded Cybersecurity App
Application Security
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
December 2, 2025
Microsoft Tackles Excel Attachment Issue in New Outlook Client
Application Security
Microsoft Tackles Excel Attachment Issue in New Outlook Client
December 2, 2025
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
Cybersecurity
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
December 1, 2025
OBR Launches Investigation After Budget Forecast Leak
Cybersecurity
OBR Launches Investigation After Budget Forecast Leak
December 1, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
June 1, 2025
Exploit details for a critical Cisco IOS XE Wireless LAN Controller vulnerability (CVE-2025-20188) are now public, raising urgent concerns about remote code execution risks.
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
June 1, 2025
Two critical vBulletin vulnerabilities, actively exploited in the wild, allow attackers to execute code remotely by abusing template logic and PHP’s Reflection API.
184 Million Login Credentials Exposed in Major Unprotected Database Leak
June 1, 2025
Over 184 million login credentials were exposed online in plain text, revealing widespread negligence in data protection and the growing threat of credential-based cyberattacks.
Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers
May 30, 2025
In this episode, we dive into the graphical corruption saga triggered by Firefox version 139, released on May 27, 2025. Aimed at uncovering what went ...
ConnectWise Breach: Nation-State Exploits CVE-2025-3935 in ScreenConnect
May 30, 2025
ConnectWise has confirmed a cyberattack targeting ScreenConnect, its remote access solution used by thousands of Managed Service Providers (MSPs). The breach is reportedly tied to ...
Unbound Raises $4M to Secure Generative AI in the Enterprise
May 30, 2025
In this episode, we break down the recent $4 million seed funding round for Unbound, a startup tackling one of the biggest unsolved problems in ...
This Week In Cybersecurity: 26th to 30th May, 2025
May 30, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
Victoria’s Secret Takes Website Offline Following Security Incident
May 30, 2025
Victoria’s Secret temporarily disabled its website and limited in-store services to address a cybersecurity incident. Third-party experts have been engaged; stores remain open.
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
May 30, 2025
An exposed Unimed server leaked over 14 million private patient-doctor messages, including medical data, documents, and IDs—posing major cybersecurity and privacy risks.
Russian Nuclear Facility Blueprints Exposed in Massive Security Breach
May 30, 2025
Russian nuclear facility blueprints were exposed in a public procurement database, revealing sensitive layouts of missile silos and bunkers tied to Moscow’s nuclear modernization.
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
May 30, 2025
Chinese APT41 hackers used Google Calendar to run malware operations and exfiltrate data, exploiting Calendar events for covert command-and-control and stealth communications.
Windows Updates, Reimagined: Inside Microsoft’s Unified Orchestration Push
May 29, 2025
Microsoft is taking direct aim at one of the biggest pain points in the Windows ecosystem: update fragmentation. In this episode, we dive deep into ...
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
May 29, 2025
Medusa ransomware claims a 150GB data breach at RE/MAX and demands $200K ransom. Exposed files include agent details, commissions, and internal property documents.
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
May 29, 2025
BSI warns of an unpatched flaw in Windows Server 2025 Active Directory that allows domain takeover via dMSA. Microsoft rates it moderate; Germany rates it ...
Systemd as a Weapon: How PumaBot Exploits Linux Persistence
May 29, 2025
Linux systems are under siege—particularly in the world of IoT and internet-exposed servers. In this episode, we dissect PumaBot, a new GoLang-based botnet that’s turning ...
The LexisNexis Breach: 364,000 Records Exposed via GitHub
May 29, 2025
On December 25, 2024, while most businesses were offline, a serious data breach struck LexisNexis Risk Solutions—exposing the personal data of over 360,000 individuals. The ...
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
May 29, 2025
Everest ransomware group claims to have breached Jordan Kuwait Bank, stealing 11.7GB of internal data, including personal employee details, and demanding ransom by May 31. ...
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
May 29, 2025
An exposed Azure storage bucket leaked 1.6 million customer emails from Etsy, TikTok Shop, and others, revealing names, addresses, and order data.
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
May 29, 2025
Chaos ransomware has claimed a cyberattack on the Salvation Army, threatening to leak sensitive charity data unless demands are met. Scope and content remain undisclosed. ...
Ransomware Hits MathWorks: Week-Long Outage Disrupts Millions
May 28, 2025
On this episode, we dissect the ransomware attack that brought MathWorks—a cornerstone software provider for engineers, scientists, and educators—to a grinding halt. The attack, which ...
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Tech Giants Invest $12.5 Million in Open Source Software Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Stryker’s Internal Microsoft Environment Was Breached Last Week
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
Phishing Attack Hits Intuitive’s Internal IT Business Systems
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
How AI Is Making Financial Fraud 4.5 Times More Profitable
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Targeted Phishing Attack Breaches Security Firm Executive
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack