Eduard Kovacs

Two individuals have been arrested and one alleged admin has been charged in the takedown of the Nulled and Cracked cybercrime forums.

Different research teams have demonstrated jailbreaks against ChatGPT, DeepSeek, and Alibaba’s Qwen AI models. 

Backline has emerged from stealth mode with an autonomous security remediation platform and $9 million in seed funding.

Several cybercrime websites have been seized in a law enforcement operation, including Nulled, Cracked, Sellix, and StarkRDP.

An unprotected database belonging to Chinese AI company DeepSeek exposed highly sensitive information, including chat history, secret keys, and backend data.

Tenable plans to acquire exposure management company Vulcan Cyber for roughly $150 million in cash and stock. 

New CPU side-channel attacks named SLAP and FLOP can be exploited to remotely steal data from Apple mobile and desktop devices. 

Rockwell Automation has released six new security advisories to inform customers about several critical and high-severity vulnerabilities.

Frenos, a company that has developed an autonomous OT security assessment platform, has raised $3.88 million in seed funding. 

Endpoint management and security firm NinjaOne to acquire cloud data backup, archiving, and recovery solutions provider Dropsuite for $252 million.

China’s DeepSeek blamed sign-up disruptions on a cyberattack as researchers started finding vulnerabilities in the R1 AI model. 

SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild.

Industrial automation protocols continue to be the most targeted in OT attacks, but building automation systems have been increasingly targeted. 

The impact of the Change Healthcare ransomware-caused data breach has increased from 100 million to 190 million individuals.

CISA has added the JQuery flaw CVE-2020-11023, previously linked to APT1, to its Known Exploited Vulnerabilities (KEV) catalog.  

Pwn2Own Automotive 2025 has come to an end and participants have earned a total of $886,000 for exploits targeting EV chargers and infotainment systems.

Eclypsium warns that Palo Alto Networks firewalls are impacted by BIOS and bootloader flaws, but the vendor says users should not be concerned.

Conduent has confirmed suffering disruptions due to a cyberattack after government agencies reported service outages.

Hackers earned more than $700,000 on the first two days of Pwn2Own Automotive 2025 for EV charger and infotainment exploits.

SonicWall has credited Microsoft for reporting CVE-2025-23006, a critical remote command execution vulnerability possibly exploited in the wild.