Eduard Kovacs

Hackers have leaked 15,000 Fortinet firewall configurations, which were apparently obtained as a result of exploitation of CVE-2022–40684.

In 2024 organizations informed the US government about 720 healthcare data breaches affecting a total of 186 million user records.

Fortinet patches critical vulnerabilities, including a zero-day that has been exploited in the wild since at least November 2024. 

Schneider Electric, Siemens, CISA, and Phoenix Contact have released January 2025 Patch Tuesday ICS security advisories.

BforeAI has raised $10 million in Series B funding, which brings the total raised by the security firm to more than $30 million.

Apparently malicious NPM packages linked to Snyk raised some concerns, but the security firm clarified that it’s part of a research project.

CISA and other Western security agencies have shared guidance for OT owners and operators when procuring products. 

Many Ivanti VPNs are still exposed to attacks exploiting a recent vulnerability tracked as CVE-2025-0282 and Nominet has been named as a victim.

The US Justice Department has announced charges against three Russians for operating the Blender and Sinbad cryptocurrency mixers.

Chinese cyberspies targeted offices dealing with foreign investments and sanctions in the recent US Treasury hack. 

A research project into vulnerabilities affecting Microsoft’s PlayReady DRM raises some questions on responsible disclosure.

Darktrace has announced the proposed acquisition of UK-based incident investigation firm Cado Security, reportedly for up to $100 million. 

Medical billing solutions provider Medusind has revealed that a data breach discovered in December 2023 impacts over 360,000 individuals.

Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.

After its CEO was arrested last summer, Telegram has been increasingly sharing user data at the request of authorities.

Casio has completed its investigation into the data breach caused by a recent ransomware attack and found that thousands of individuals are impacted.

Temple University’s Critical Infrastructure Ransomware Attacks (CIRA) database now contains over 2,000 entries.

Roundup of the thirty-seven cybersecurity-related merger and acquisition (M&A) deals announced in December 2024.

IT services giant Atos has responded to the data breach claims made by a ransomware group named Space Bears.

Richmond University Medical Center has been investigating a ransomware attack since May 2023 and it recently determined that it affects 670,000 people.