Ionut Arghire

FTC says reported losses to fraud exceeded $12.5 billion in 2024, with $5.7 billion lost to investment scams.

Microsoft on Tuesday patched a zero-day vulnerability in the Windows Win32 kernel that has been exploited since March 2023.

Hackers used compromised credentials to access PowerSchool’s PowerSource portal months before the December 2024 data breach.

The New York Attorney General sued National General and its parent company Allstate over two data breaches.

SAP released 21 new security notes and updated three security notes on March 2025 security patch day.

South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign.

CISA has added three critical-severity flaws in Ivanti EPM to its Known Exploited Vulnerabilities catalog.

Davis Lu was convicted of sabotaging his employer’s systems through malicious code, and deleting encrypted data.

In 2024, Google paid out nearly $12 million in bug bounties through its revamped vulnerability reward programs.

GreyNoise warns of mass exploitation of a critical vulnerability in PHP leading to remote code execution on vulnerable servers.

An extortion group has been sending physical mail to corporate executives, threatening to leak their data unless a ransom is paid.

Microsoft has uncovered a malvertising campaign that redirected users to information stealers hosted on GitHub.

National Presto Industries says a cyberattack has resulted in a system outage and operational disruptions.

NTT Communications Corporation has disclosed a data breach impacting the information of nearly 18,000 customer organizations.

The number of Medusa ransomware attacks observed in the first two months of 2025 doubled compared to the same period last year.

Matthew Akande was extradited to the US to face charges for his role in hacking into Massachusetts tax preparation firms’ networks.

A group of financial organizations is asking CISA to rescind and reissue its proposed implementation of CIRCIA.

A second iteration of the BadBox botnet that affected over one million Android devices has been partially disrupted.

An Iranian threat actor was seen targeting UAE organizations with polyglot files to deliver a new backdoor named Sosano.

North Korean fake IT workers are creating personas on GitHub to land blockchain developer jobs at US and Japanese firms.