Ionut Arghire

Russia-linked APT29 was seen abusing the legitimate information exchange systems used by European countries in attacks aimed at governments.

Dero cryptojacking operation infecting Kubernetes infrastructure is being targeted by Monero criptojackers for control over the same clusters.

SAP has released 19 new notes on March 2023 Security Patch Day, including five notes rated hot news.

The Hawaii DOH says roughly 3,400 death records were accessed via the compromised account of a former employee.

A new CISA pilot program to warn critical infrastructure organizations if their systems are unpatched against vulnerabilities exploited in ransomware attacks.

Ring says it has no indications it has fallen victim to a ransomware attack after cybergang threatens to publish supposedly stolen data.

Fortinet says recently patched FortiOS vulnerability was exploited in sophisticated attacks targeting government entities.

CISA has added vulnerabilities in Plex Media Server and VMware NSX-V to its Known Exploited Vulnerabilities catalog.

The recently identified Golang-based GoBruteforcer botnet is targeting web servers running FTP, MySQL, phpMyAdmin, and Postgres services.

Zoll Medical is notifying one million individuals that their personal information was compromised in a data breach earlier this year.

Authorities seized a domain distributing the NetWire RAT and arrested a Croatian individual who administered the website.

AT&T is notifying millions of wireless customers that their CPNI was compromised in a data breach at a third-party vendor.

A serious vulnerability in Veeam Backup & Replication may allow attackers to obtain encrypted credentials from the configuration database.

Cerebral is informing 3.1 million individuals that their PHI was inadvertently exposed via third-party tracking technologies.

Cisco has released patches for a high-severity DoS vulnerability in IOS XR software for several enterprise-grade routers.

Two vulnerabilities recently addressed in Jenkins server can be chained to achieve arbitrary code execution.

Fortinet has patched a critical buffer underflow vulnerability in FortiOS and FortiProxy that could lead to remote code execution without authentication.

Google has announced the discontinuation of the Chrome Cleanup Tool, an application for identifying and removing unwanted software.

Revelstoke Security has raised $20 million in a Series B funding round co-led by ClearSky Security and SYN Ventures.

The Sys01 Stealer has been observed targeting the Facebook accounts of critical government infrastructure employees.