Main Menu
Cyber Security
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Tech Giants Invest $12.5 Million in Open Source Software Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Stryker’s Internal Microsoft Environment Was Breached Last Week
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
How AI Is Making Financial Fraud 4.5 Times More Profitable
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Silence from the Corporate Giants: Four Companies Yet to Comment on Oracle EBS Hack
FBI Seeks Gamer Help in Steam Malware Investigation
Shadow AI Is Quietly Spreading Across SaaS Environments
Microsoft Teams Is Adding Automatic Bot Tagging in Meeting Lobbies
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
VENON Banking Malware Targets Brazilian Users With Rust-Based Code
Apple Releases iOS and iPadOS Updates to Patch Coruna Exploits
Veeam Software Fixes Critical RCE Vulnerabilities in Backup & Replication Solution
England Hockey Investigates Possible Data Breach by AiLock Ransomware Group
International Operation Dismantles the Dangerous SocksEscort Proxy Service
Apple Patches Older iPhones and iPads Against Coruna Exploit Kit Attacks
Cybercriminals Target Airline Loyalty Programs: A New Threat to Travelers
Global Arrests Made in a Social Media Scam Targeting Thousands
SQL Injection Flaw in Ally WordPress Plugin Puts 400,000 Sites at Risk
Eleven11bot: New Botnet Infects 86,000 Devices for DDoS Attacks
News
Eleven11bot: New Botnet Infects 86,000 Devices for DDoS Attacks
Mitchell Langley March 6, 2025
The Eleven11bot botnet has infected over 86,000 IoT devices, primarily focusing on security cameras and NVRs to launch DDoS attacks globally.
Outsourcing Cybersecurity Could Save Your Company Millions – Here's How-
Blog
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
Andrew Doyle March 6, 2025
The digital landscape is a battlefield, with cyberattacks growing in both frequency and sophistication. Businesses of all sizes, from small ...
BianLian Ransomware: Shadow Data Extortion Group
Resources
BianLian Ransomware: Shadow Data Extortion Group
Andrew Doyle March 5, 2025
The BianLian ransomware group represents a significant and growing threat to organizations worldwide. Operating with precision and stealth, they have targeted critical infrastructure and private ...
OnlyFans Cyberattacks: Fake CAPTCHAs and Malware Distribution Threaten Users
News
OnlyFans Cyberattacks: Fake CAPTCHAs and Malware Distribution Threaten Users
Andrew Doyle March 4, 2025
OnlyFans users are targeted by sophisticated phishing attacks deploying fake Cloudflare CAPTCHAs and malware-laden links, distributing keyloggers and ransomware. Urgent security measures are needed.
Vo1d Botnet Surpasses 1.59 Million Infected Android TVs Across 226 Countries
News
Vo1d Botnet Surpasses 1.59 Million Infected Android TVs Across 226 Countries
Mitchell Langley March 4, 2025
The Vo1d botnet has infected over 1.59 million Android TVs across 226 countries, enhancing its stealth and operational capabilities significantly.
ClickFix Attack Deploys Havoc C2 via Microsoft SharePoint
News
ClickFix Attack Deploys Havoc C2 via Microsoft SharePoint
Mitchell Langley March 4, 2025
A new ClickFix attack is exploiting Microsoft SharePoint to deploy the Havoc framework, tricking users into running malicious PowerShell commands.
CISA Tags Windows and Cisco Vulnerabilities as Actively Exploited
News
CISA Tags Windows and Cisco Vulnerabilities as Actively Exploited
Andrew Doyle March 4, 2025
CISA warns that critical vulnerabilities in Cisco and Windows systems are actively exploited, urging federal agencies to secure networks by March 23, 2025.
Trinity Ransomware: The Enigma of the .trinitylock
Resources
Trinity Ransomware: The Enigma of the .trinitylock
Andrew Doyle March 4, 2025
Overview: Known Aliases of Trinity Ransomware: Trinity Ransomware. Possible links to 2023Lock and Venus ransomware, implying potential shared infrastructure or ...
Freddie Mac Data Breach: Social Security Numbers Compromised
News
Freddie Mac Data Breach: Social Security Numbers Compromised
Andrew Doyle March 3, 2025
Freddie Mac confirms a significant data breach exposing customer names and Social Security numbers. The extent of the breach and its cause remain under investigation. ...
Belgian Intelligence Service Breach: Chinese Hackers Under Investigation
News
Belgian Intelligence Service Breach: Chinese Hackers Under Investigation
Andrew Doyle March 3, 2025
Belgian authorities investigate a potential Chinese state-sponsored cyberattack on its State Security Service (VSSE), compromising sensitive data and emails between 2021 and 2023. The breach ...
Via Credit Union Data Breach Impacts Thousands: Indiana Credit Unions Face Cybersecurity Challenges
News
Via Credit Union Data Breach Impacts Thousands: Indiana Credit Unions Face Cybersecurity Challenges
Mitchell Langley March 3, 2025
Via Credit Union suffered a significant data breach affecting over 60,000 members, exposing sensitive personal and financial data. Interra Credit Union also experienced a smaller ...
Angel One Data Leak: AWS Breach Exposes User Data
News
Angel One Data Leak: AWS Breach Exposes User Data
Andrew Doyle March 3, 2025
Angel One, a leading stockbroking firm, suffered a data leak. Unauthorized access to AWS resources exposed client data. An investigation is underway.
This Week In Cybersecurity: 24th February to 28th February
Cybersecurity Newsletter
This Week In Cybersecurity: 24th February to 28th February
Mitchell Langley March 3, 2025
Explore the latest cybersecurity incidents, including the EncryptHub ransomware affecting 618 organizations, a Jasper network breach, and the $1.5 billion Bybit hack. Southern Water faced ...
State of Code Security in 2025: A Wiz Report Reveals Critical Vulnerabilities
News
State of Code Security in 2025: A Wiz Report Reveals Critical Vulnerabilities
Mitchell Langley March 3, 2025
Wiz's 2025 State of Code Security Report exposes alarming vulnerabilities in code repositories: 61% of organizations have secrets exposed in public repositories, leaving sensitive data ...
Serbian Police Exploit Cellebrite Zero-Day to Unlock Android Phones
News
Serbian Police Exploit Cellebrite Zero-Day to Unlock Android Phones
Andrew Doyle March 3, 2025
Serbian authorities exploited Cellebrite's zero-day Android vulnerabilities (CVE-2024-53104, CVE-2024-53197, CVE-2024-50302) to unlock a phone, raising serious security concerns for enterprises.
Ransomware Groups Use BYOVD Attacks Exploiting Paragon Partition Manager Bug
News
Ransomware Groups Use BYOVD Attacks Exploiting Paragon Partition Manager Bug
Andrew Doyle March 3, 2025
Critical Paragon Partition Manager vulnerabilities are being exploited in BYOVD attacks, allowing ransomware gangs SYSTEM-level access and execution of malicious code. Urgent patching is advised. ...
Major Data Breach Exposes 33,000+ Users of Flat Earth Zodiac App
News
Major Data Breach Exposes 33,000+ Users of Flat Earth Zodiac App
Andrew Doyle March 3, 2025
A significant data breach impacting the "Flat Earth Sun, Moon and Zodiac" mobile application has exposed the personal information of over 33,000 users. This incident ...
Akira Ransomware: The Extortion Ghost in a Shell
Resources
Akira Ransomware: The Extortion Ghost in a Shell
Andrew Doyle March 2, 2025
Akira has targeted a range of organizations, including universities (Stanford), major IT service providers (Tietoevry), and numerous businesses across various sectors. Critical infrastructure, including healthcare ...
EncryptHub Ransomware and Infostealer Campaign Targets 618 Organizations Globally
News
EncryptHub Ransomware and Infostealer Campaign Targets 618 Organizations Globally
Andrew Doyle February 27, 2025
EncryptHub Breach Affects 618 Organizations Hit Using Infostealers and Ransomware
Genea IVF Data Breach Claimed by Termite Ransomware Gang
News
Genea IVF Data Breach Claimed by Termite Ransomware Gang
Mitchell Langley February 27, 2025
Australian IVF provider Genea suffered a major data breach. The Termite ransomware gang stole 940GB of sensitive patient data. This includes medical histories, personal details, ...
Software Supply Chains Are the New Frontline for Cyber Risk
Cybersecurity
Software Supply Chains Are the New Frontline for Cyber Risk
Gabby Lee March 19, 2026
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
Cybersecurity
Companies House Confirmed a Vulnerability That Put Millions of Business Records at Risk
Andrew Doyle March 18, 2026
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
News
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
Andrew Doyle March 18, 2026
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Cybersecurity
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Mitchell Langley March 18, 2026

TOP CYBERSECURITY HEADLINES

New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
Cybersecurity
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Cybersecurity
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Cybersecurity
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Application Security
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages

This Week’s Security Spotlight

Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Cybersecurity
Canadian Outsourcing Leader Telus Digital Faces a Severe Data Breach
Andrew Doyle March 13, 2026
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Cybersecurity
Senate Confirms Joshua Rudd to Lead the NSA and US Cyber Command
Andrew Doyle March 12, 2026
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
CVE Vulnerability Alerts
Critical Security Vulnerabilities Patched in n8n Workflow Automation Platform
Mitchell Langley March 12, 2026
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Cybersecurity
OpenClaw Security Issues Persist as SecureClaw Open Source Tool Debuts
Andrew Doyle February 19, 2026
More In News
Trending
Targeted Phishing Attack Breaches Security Firm Executive
Russian Campaign Targets Ukraine with BadPaw and MeowMeow Malware
Underground Sale of Compromised cPanel Credentials Fuels Phishing Infrastructure
Phishing Warnings as LastPass Users Get Targeted by Fake Alerts

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Ghost Students and AI Scams: How Identity Theft is Gutting Financial Aid
June 11, 2025
Podcasts
Inside the React Native NPM Supply Chain Breach: 16 Packages, 1 Million+ Downloads, and a RAT in the Code
June 10, 2025
Podcasts
Mirai Strikes Again: Spring4Shell, Wazuh, and TBK DVRs Exploited in Live Campaigns
June 10, 2025

Cyber Security News

British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
Cybersecurity
British Telco Brsk Under Cybersecurity Scrutiny Amid Claims of Data Breach
November 30, 2025
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CICD Automation Flaw
Cybersecurity
PostHog Hit by Shai-Hulud 2.0 npm Worm Through CI/CD Automation Flaw
November 30, 2025
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
Application Security
Microsoft Alerts Users to Windows 11 Lock Screen Malfunction
November 30, 2025
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
Cybersecurity
Project Cites State Access Fears as Cloud Sovereignty Debate Intensifies
November 30, 2025
Advanced Capabilities of Unrestricted LLMs Emerging Threats for Cybersecurity
Cybersecurity
Advanced Capabilities of Unrestricted LLMs: Emerging Threats for Cybersecurity
November 30, 2025
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Application Security
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
November 30, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
FBI Warns of Luna Moth Tactics: Inside the Silent Ransom Group’s Law Firm Attacks
May 26, 2025
In this episode, we dive into the evolving tactics of the Silent Ransom Group (SRG)—also known as Luna Moth—a cybercriminal outfit that has shifted from ...
Qilin Ransomware Gang Targets Luxury Jet Firm Elit Avia, Leaks Staff Documents
May 26, 2025
Ransomware group Qilin posts alleged staff data from Elit Avia, including passport photos, raising security concerns for employees at the luxury private jet operator.
Operation Endgame Dismantles 300 Servers in Global Ransomware Infrastructure Crackdown
May 26, 2025
Operation Endgame dismantled 300 servers and 650 domains supporting ransomware campaigns, while U.S. authorities indicted 16 cybercriminals tied to DanaBot malware and botnet operations.
Stormous Ransomware Gang Posts French Government Credentials on Dark Web
May 26, 2025
Stormous ransomware gang published email and password data allegedly tied to French government bodies, raising concerns over outdated security practices and ongoing exposure risks.
Ransomware Attack on Kettering Health Forces Mass Procedure Cancellations and Exposes Patient Safety Risks
May 26, 2025
A ransomware attack on Kettering Health forced mass cancellations across 120+ medical sites, exposing patient safety risks and prompting scam attempts targeting sensitive patient data. ...
Trust Exploited: Unpacking the macOS Malware Attacking Ledger Wallets
May 23, 2025
A growing cyber threat is targeting macOS users who rely on Ledger cold wallets to secure their cryptocurrency. In this episode, we dissect the anti-Ledger ...
This Week In Cybersecurity: 19th to 23rd May, 2025
May 23, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
$21M Seized and DanaBot, Qakbot, and Bumblebee Disrupted in Operation Endgame Takedown
May 23, 2025
In this episode, we break down the latest and most impactful phase of Operation Endgame, the international law enforcement campaign targeting the backbone of the ...
From TikTok to Total Compromise: The Rise of Social Media Infostealers
May 23, 2025
In this episode, we dive into the alarming surge of infostealer malware campaigns leveraging social media platforms, particularly TikTok, as their distribution vector. Threat actors ...
BlackLock Ransomware Group Claims Breach of Toho, But Evidence Falls Short
May 23, 2025
Cybercriminal group BlackLock claims to have breached Japanese film giant Toho, but researchers found no credible data, casting doubt on the authenticity of the attack. ...
Chinese Hackers Exploit Ivanti EPMM Zero-Day to Breach Government Agencies
May 23, 2025
Chinese hackers exploited a zero-day flaw in Ivanti EPMM to breach global government systems. Immediate patching and security monitoring are strongly advised.
Coca-Cola Investigates Alleged Data Breach Tied to Everest Ransomware Group
May 23, 2025
Hackers from the Everest group claim to have leaked Coca-Cola employee and HR data, including PII and internal documents, potentially tied to a Middle East ...
iOS Sleep App Exposes Personal and Health Data of Over 25,000 Users
May 23, 2025
Sleep Journey iOS app exposed over 25,000 users' personal and health data due to a misconfigured Firebase database, posing significant privacy and security risks.
Chinese Hackers Exploit Cityworks Zero-Day to Breach U.S. Local Government Systems
May 23, 2025
Hackers from the Everest group claim to have leaked Coca-Cola employee and HR data, including PII and internal documents, potentially tied to a Middle East ...
Kettering Health Breached: What the Interlock Ransomware Group Did and Why It Matters
May 22, 2025
In this episode, we dive into the ransomware attack that struck Kettering Health, a major healthcare provider, and the evolving tactics of the Interlock ransomware ...
Deepfake Threats, Mobile Biometrics, and the Future of Trust
May 22, 2025
As digital deception evolves, so must our defenses. In this episode, we dive deep into the escalating battle for trust in our increasingly connected world. ...
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
May 22, 2025
Quantum hacking is no longer science fiction. This in-depth guide explores post-quantum security, quantum-resistant cryptography, and how to protect your business from future cyber threats.
Russian APT28 Hackers Target Ukraine Aid Operations Through Global Espionage Campaign
May 22, 2025
Russian APT28 hackers have targeted international aid operations to Ukraine since 2022, using cyber espionage to monitor, disrupt, and exfiltrate data from key sectors.
Marks & Spencer Projects $402 Million Profit Loss After Cyberattack Disrupts Operations
May 22, 2025
Marks & Spencer faces a $402 million profit hit following a cyberattack linked to Scattered Spider, disrupting sales and operations and exposing customer data.
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
May 22, 2025
Kettering Health canceled elective procedures after a ransomware-linked outage. Interlock ransomware group is suspected. Emergency services remain operational, but threat actors may leak stolen data. ...
New Threat Vector Exploits DNS Queries for Data Exfiltration in AI Environments
EU Council Sanctions Three Entities and Two Individuals for Cyberattacks on Critical Infrastructure
Identity-Based Access Control for AI Agents Is Now a Security Necessity
Hidden Commands in Font Rendering Are Being Used to Manipulate AI Assistants Through Webpages
Surf AI Raises $57 Million for Its Agentic Security Operations Platform
LeakNet Ransomware Adopts ClickFix to Trick Users Into Compromising Themselves
RondoDox Botnet Ramps Up Attacks, Hitting 15,000 Daily Exploitation Attempts
Tech and Retail Giants Sign Global Pact to Combat Online Scams and Fraud
Tech Giants Invest $12.5 Million in Open Source Software Security
Ongoing Python Package Attack Uses Stolen GitHub Tokens
Stryker’s Internal Microsoft Environment Was Breached Last Week
Payload Ransomware Group Claims Breach of Royal Bahrain Hospital
Phishing Attack Hits Intuitive’s Internal IT Business Systems
DRILLAPP Backdoor Campaign Targets Ukrainian Organizations With Edge Debugging Abuse
New Malware Tactics Take Aim at Windows, iOS, and Linux Users
Companies House Restores WebFiling Service After Security Flaw Exposed Corporate Data
How AI Is Making Financial Fraud 4.5 Times More Profitable
Ongoing Exchange Online Outage Leaves Customers Without Mailbox Access
Signal Cyberattack in Germany Targets Politicians Through Impersonation
Targeted Phishing Attack Breaches Security Firm Executive