Ionut Arghire

MITRE and CISA introduce Caldera for OT, a new extension to help security teams emulate attacks targeting operational technology systems.

Freecycle.org is prompting millions of users to reset their passwords after their credentials were compromised in a data breach.

Malicious packages uploaded to PyPI, NPM, and Ruby repositories are targeting macOS users with information stealing malware.

British mesh fencing systems maker Zaun discloses LockBit ransomware attack potentially impacting data related to UK military and intelligence sites.

EclecticIQ has released a free decryption tool to help victims of the Key Group ransomware recover their data without paying a ransom.

Cisco has observed multiple threat actors adopting the SapphireStealer information stealer after its source code was released on GitHub.

Sourcegraph says customer information was breached after an engineer accidentally leaked an admin access token.

ZDI is offering more than $1 million at the Pwn2Own Automotive hacking contest, hosted in January at the Automotive World conference in Tokyo.

A vulnerability in the All-in-One WP Migration plugin’s extensions exposes WordPress websites to attacks leading to sensitive information disclosure.

Apple is inviting security researchers to apply for the 2024 iPhone Security Research Device Program (SRDP) to receive hackable iPhones.

Splunk has released patches for multiple high-severity vulnerabilities impacting Splunk Enterprise and IT Service Intelligence.

Fashion retailer Forever 21 says that the personal information of more than 500,000 individuals was compromised in a data breach.

Roughly 78% of the healthcare organizations in North America, South America, the APAC region, and Europe experienced a cyberattack over the past year, according...

Four recent vulnerabilities in the J-Web component of Junos OS have started being chained in malicious attacks after PoC exploit code was published.

GitHub Enterprise Server 3.10 released with additional security capabilities, including support for custom deployment rules.

Mozilla and Google have released stable updates for the Firefox and Chrome browsers to address several memory corruption vulnerabilities.

The newly identified MMRat Android trojan has been targeting users in Southeast Asia to remotely control devices and perform bank fraud.

Chinese threat actor exploiting Barracuda ESG appliances deployed persistence mechanisms in preparation for remediation efforts.

PurFoods says the personal and protected health information of over 1.2 million individuals was stolen in a February 2023 ransomware attack.

The personal information of roughly 10 million individuals might have been compromised in a data breach at French unemployment agency Pole Emploi.