Ionut Arghire

Attackers are exploiting a recent remote code execution flaw in the Bricks Builder WordPress plugin to deploy malware.

Cactus ransomware has added Schneider Electric to its leak site, claiming to have stolen 1.5 terabytes of data.

Recent Anatsa Android banking trojan attacks have become more targeted, showing an evolution in tactics.

Alleged Raccoon Infostealer operator Mark Sokolovsky is awaiting trial in the US, after being extradited from the Netherlands.

Russian cyberespionage group targets European government, military, and critical infrastructure entities via Roundcube vulnerabilities.

Google’s new AI Cyber Defense Initiative focuses on boosting cybersecurity through artificial intelligence.

Tel Aviv startup raises $8 million in Series A funding to help developers add secure access approval flows to applications.

A threat actor employed the administrative credentials of a former employee to hack a US government organization.

Three vulnerabilities in CU Solutions Group CMS exposed 275 credit unions to credential theft, account takeover.

The US announces a $10 million reward for information on key members of the Alphv/BlackCat ransomware group.

ESET has released patches for a high-severity elevation of privilege vulnerability in its Windows security products.

Only 54% of major code changes go through a full security review, a new CrowdStrike State of Application Security report reveals.

Microsoft says a newly patched Exchange Server vulnerability (CVE-2024-21410) has been exploited in attacks.

Prudential Financial says administrative and user data was compromised in a cyberattack earlier this month.

Zoom patches seven vulnerabilities in its products, including a critical-severity bug in its Windows applications.

AMD and Intel patch dozens of vulnerabilities on February 2024 Patch Tuesday, including multiple high-severity bugs.

SAP patches a critical code-injection vulnerability in the SAP ABA (Application Basis) cross-application component.

Aircraft parts dealer Willis Lease Finance Corporation (WLFC) notified the SEC that it fell victim to a cyberattack.

Bank of America is notifying some customers that their personal information was stolen in a data breach at third-party services provider.

Backdoor deployed using recent Ivanti VPN vulnerability enables command execution, web request and system log theft.