Ionut Arghire

Iranian threat actors use a Windows kernel driver called ‘Wintapix’ in attacks against Middle East targets.

Google introduces Mobile VRP bug bounty program for vulnerabilities in its mobile applications.

GAO report underlines the need for federal agencies to fully implement key cloud security practices.

Food distributor Sysco Corporation says the personal information of over 126,000 individuals was compromised in a recent cyberattack.

BEC scammers use residential IP addresses in attacks to make them seem locally generated and evade detection.

Wisconsin teen Joseph Garrison is charged with launching a credential stuffing attack that affected roughly 60,000 user accounts.

Security researchers are warning that newly patched vulnerabilities in the Pimcore platform bring code execution risks.

Security researchers have identified the second developer of Golden Chickens, a malware suite used by financially-motivated hacking groups Cobalt Group and FIN6.

Cloudflare introduces Secrets Store, a new solution to help developers and organizations securely store and manage secrets.

Lineaje introduces SBOM360 Hub, an exchange allowing software producers, sellers, and consumers to publish, share and use SBOMs and related compliance artifacts.

Google is updating its vulnerability reports rating system to encourage researchers to provide more details on the reported bugs.

Researcher publishes PoC tool that exploits unpatched KeePass vulnerability to retrieve the master password from memory.

Cisco has released patches for critical vulnerabilities in small business switches for which public proof-of-concept (PoC) code exists.

Apple says it rejected 1.7 million applications from being published in the App Store in 2022.

CISA, FBI, and ACSC warn critical infrastructure organizations of the BianLian ransomware group’s attacks.

Technological equipment supplier Lacroix has closed three production sites after experiencing a ransomware attack.

Google has released a Chrome 113 update to patch 12 vulnerabilities, including a critical use-after-free flaw.

A threat actor tracked as Lancefly has been targeting government organizations in South and Southeast Asia for at least three years.

An emerging ransomware gang called RA Group is targeting organizations in the US and South Korea.

Crosspoint Capital Partners has agreed to acquire security solutions provider Absolute Software in an $870 million deal.