Resources
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
In September 2025, a significant development in the realm of cyber threats emerged with the activities of a hacker group ...
RondoDox Botnet Utilizes React2Shell Vulnerability to Infiltrate Servers
RondoDox is exploiting the React2Shell flaw in Next.js to gain remote code execution, deploy malware, and install cryptominers. The campaign highlights how unpatched web frameworks ...
IBM Discloses Critical Security Vulnerability in API Connect
IBM has identified a critical vulnerability in its API Connect software, CVE-2025-13915, which allows attackers to bypass authentication and gain remote access. With a CVSS ...
Critical Vulnerability in SmarterTools SmarterMail Poses Severe Cybersecurity Risk
The Cyber Security Agency of Singapore warns of a dangerous remote code execution vulnerability in SmarterTools SmarterMail, CVE-2025-52691, with a CVSS score of 10.0.
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
Fortinet has flagged a resurgence in the exploitation of CVE-2020-12812, a vulnerability in FortiOS that allows attackers to bypass two-factor authentication. This poses significant risks ...
Arrest Linked to KMSAuto Malware Campaign That Hit 2.8 Million Systems
Authorities arrest a Lithuanian individual suspected of deploying clipboard-stealer malware through KMSAuto, impacting 2.8 million computers. The tool, camouflaged as a utility for unauthorized Windows ...
Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812
Fortinet has identified ongoing exploitation of the five-year-old FortiOS SSL VPN flaw CVE-2020-12812, revealing it poses significant risks in specific configurations.
CISA Issues Urgent Advisory on Digiever NVRs Due to Known Exploited Vulnerability
CISA has highlighted CVE-2023-52163, a vulnerability in Digiever NVRs, for active exploitation, advising immediate update and security precautions.
Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in U.S.
Artem Stryzhak, an alleged affiliate of the Nefilim ransomware group, has pleaded guilty to conspiracy to commit computer fraud in the United States. Extradited earlier ...
LongNosedGoblin: A New Threat from China Targets Southeast Asia and Japan
ESET reports the emergence of LongNosedGoblin, an uncharted threat targeting governmental bodies in Southeast Asia and Japan since September 2023. The group's focus is cyber ...
Weekly Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
This Week In Cybersecurity: 23rd June to 27th June
News Stories New ‘FileFix’ Attack Exploits Windows File Explorer to Deliver Stealthy Commands Threat actors use the search-ms URI protocol ...
This Week In Cybersecurity: 26th to 30th May, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
This Week In Cybersecurity: 19th to 23rd May, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
This Week In Cybersecurity: 21st – 25th April, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.