Ionut Arghire

PoC exploit targeting an XSS vulnerability in the Advanced Custom Fields WordPress plugin started being used in malicious attacks two days after patch.

The personal information of more than 5.8 million was compromised in a data breach at national pharmacy network PharMerica.

Spanish authorities have announced the arrest of 40 individuals for their roles in a group involved in bank fraud, identity theft, and money laundering.

SentinelOne sees multiple threat groups adopting the leaked Babuk source code to build their own VMware ESXi lockers.

CISA and FBI have observed a ransomware gang exploiting a recent PaperCut vulnerability in attacks targeting the education facilities subsector.

Exploitation of a critical vulnerability in the Essential Addons for Elementor WordPress plugin started immediately after a patch was released.

Claroty has disclosed the details of 5 vulnerabilities that can be chained in an exploit allowing unauthenticated attackers to hack Netgear routers.

OpenSSF has added four new members and is receiving $5 million in funding for its Alpha-Omega open source software security project.

A new phishing-as-a-service (PaaS) tool has been observed targeting businesses, mainly in the manufacturing, healthcare, technology, and real estate sectors.

Google is improving Android security with new Safe Browsing real-time API, credential manager jetpack API, and new SDK API for developers.

Microsoft has rolled out patches for a vulnerability allowing attackers to bypass mitigations for a critical Outlook zero-day leading to credentials theft.

Google is now letting Gmail users in the US run scans to learn whether their Gmail ID appears on the dark web.

SquareX emerges from stealth mode with $6 million in seed funding for the development of its security-focused browser extension.

Blockchain company Webb Technologies has raised $7 million in seed funding for its privacy tools and protocol.

SAP released 18 new security notes on May 2023 Security Patch Day, including two that resolve critical vulnerabilities in 3D Visual Enterprise License Manager...

Microsoft’s May 2023 security updates address a total of 40 newly documented vulnerabilities, including two flaws already exploited in attacks.

GitHub makes push protection generally available to warn developers whenever they include a secret in a commit.

Data protection startup Optery has raised $2.7 million in a seed funding round led by Bayhouse Capital.

Microsoft warns that two Iranian state-sponsored groups have adopted exploits targeting a recently patched PaperCut vulnerability.

US authorities have seized 13 internet domains associated with DDoS-for-hire services.