Eduard Kovacs

Hackers earned more than $700,000 on the first two days of Pwn2Own Automotive 2025 for EV charger and infotainment exploits.

SonicWall has credited Microsoft for reporting CVE-2025-23006, a critical remote command execution vulnerability possibly exploited in the wild.

NCC Group saw over 570 ransomware attacks in December 2024, the highest number since it started monitoring them in 2021. 

DryRun Security has raised $8.7 million in a seed funding round for its AI-powered application security solutions. 

$380,000 paid out on the first day of Pwn2Own Automotive 2025 for exploits targeting car infotainment units, operating systems, and chargers. 

ABB has patched building control product vulnerabilities that can expose many facilities to remote attacks.

Social media security startup Spikerz has raised $7 million in a seed funding round led by Disruptive AI.

Kaspersky has disclosed the details of over a dozen vulnerabilities discovered in a Mercedes-Benz MBUX infotainment system. 

HPE is investigating claims by the hacker IntelBroker, who is offering to sell source code and other data allegedly stolen from the tech giant.

Industry professionals comment on the Biden administration’s new executive order on cybersecurity. 

Cisco has unveiled AI Defense, a solution designed to help organizations protect development and use of AI applications. 

New research shows that over 4 million systems on the internet, including VPN servers and home routers, are vulnerable to attacks due to tunneling...

Hackers have leaked 15,000 Fortinet firewall configurations, which were apparently obtained as a result of exploitation of CVE-2022–40684.

In 2024 organizations informed the US government about 720 healthcare data breaches affecting a total of 186 million user records.

Fortinet patches critical vulnerabilities, including a zero-day that has been exploited in the wild since at least November 2024. 

Schneider Electric, Siemens, CISA, and Phoenix Contact have released January 2025 Patch Tuesday ICS security advisories.

BforeAI has raised $10 million in Series B funding, which brings the total raised by the security firm to more than $30 million.

Apparently malicious NPM packages linked to Snyk raised some concerns, but the security firm clarified that it’s part of a research project.

CISA and other Western security agencies have shared guidance for OT owners and operators when procuring products. 

Many Ivanti VPNs are still exposed to attacks exploiting a recent vulnerability tracked as CVE-2025-0282 and Nominet has been named as a victim.