Eduard Kovacs

Security and compliance automation firm Drata has acquired trust center platform SafeBase in a quarter billion dollar deal.

Chipmakers Intel, AMD and Nvidia on Tuesday published new security advisories to inform customers about vulnerabilities found in their products. 

Industrial giants Schneider Electric and Siemens have released February 2025 Patch Tuesday ICS security advisories.

OpenSSL has patched CVE-2024-12797, a high-severity vulnerability found by Apple that can allow man-in-the-middle attacks.

Dozens of local newspapers owned by media company Lee Enterprises experienced disruptions as a result of a cyberattack. 

A hacker recently offered to sell 20 million OpenAI credentials, but the data likely comes from information stealers, not the AI firm’s systems.

A critical vulnerability found in Orthanc servers can pose a serious risk to medical data and healthcare operations.

SolarWinds will become a privately held company following its acquisition by Turn/River Capital for $4.4 billion in cash. 

An analysis by Chainalysis shows that ransomware payments dropped to $813 million in 2024, from $1.25 billion in 2023. 

Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of malware.

Spanish authorities have arrested an individual who allegedly hacked several high-profile organizations, including NATO and the US army.

Researchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams.

7AI has launched an agentic security platform, which uses AI agents to handle repetitive tasks.

A significant number of cybersecurity-related merger and acquisition (M&A) deals announced in January 2025. 

150 abandoned Amazon S3 buckets could have been leveraged to deliver malware or backdoors to governments and Fortune companies.

CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog.

Nearly two dozen new macOS malware families were observed in 2024, including stealers, backdoors, downloaders and ransomware. 

Food delivery firm GrubHub has disclosed a data breach impacting the personal information of drivers and customers.

Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI.

DeepSeek’s susceptibility to jailbreaks has been compared by Cisco to other popular AI models, including from Meta, OpenAI and Google.