Ionut Arghire

Data protection firm Cy4Data Labs has raised $10 million in a Series A funding round led by Pelion Venture Partners.

Ahold Delhaize has confirmed that data was stolen from its systems in November 2024 after a ransomware group claimed the attack.

A Windows NTLM vulnerability patched in March has been exploited in attacks targeting government and private institutions.

Minh Phuong Ngoc Vong pleaded guilty to defrauding US companies of roughly $1 million in a fake IT worker scheme.

Atlassian and Cisco have released patches for multiple high-severity vulnerabilities, including remote code execution bugs.

The Chinese state-sponsored group Mustang Panda has used new and updated malicious tools in a recent attack.

Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years.

In recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally.

A critical vulnerability in Apache Roller could be used to maintain persistent access by reusing older sessions even after password changes.

Chrome 135 and Firefox 137 updates have been rolled out with patches for critical- and high-severity vulnerabilities.

Oracle’s April 2025 Critical Patch Update contains 378 security patches that resolve approximately 180 unique CVEs.

Lemonade says the incident is not material and that its operations were not compromised, nor was its customer data targeted.