Ionut Arghire

The Mirai-based Aquabot botnet has been targeting a vulnerability in Mitel SIP phones for which a proof-of-concept (PoC) exploit exists.

Engineering firm Smiths Group has disclosed a cyberattack that forced it to take some systems offline and activate business continuity plans.

Threat actors have been exploiting SimpleHelp remote access software shortly after the disclosure of three vulnerabilities.

Hackers stole more than $85 million in crypto assets from hot wallets at cryptocurrency exchange Phemex.

The European Union has added three Russian nationals to its sanctions list for their involvement in cyberattacks against Estonia.

ENGlobal has informed the SEC that personal information was compromised in a November 2024 ransomware attack.

Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks.

UK telecoms firm TalkTalk has confirmed falling victim to a data breach after a threat actor boasted about hacking it.

Vulnerabilities in LTE/5G core infrastructure, some remotely exploitable, could lead to persistent denial-of-service to entire cities.

Vulnerabilities in Git’s credential retrieval protocol could have allowed attackers to compromise user credentials.

A vulnerability in Subaru’s Starlink connected vehicle service exposed US, Canada, and Japan vehicle and customer accounts.

North Korean fake IT workers are more aggressively extorting their employers in response to law enforcement actions.

The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to North Korea.

Four decades of student and educator information was stolen from PowerSchool – tens of millions are potentially affected.

Security data pipeline management startup Axoflow has raised $7 million in a seed funding round led by EBRD Venture Capital.

A malicious campaign has been redirecting macOS users to a fake Homebrew website, infecting them with information stealer malware.

Cisco has released patches for three vulnerabilities, including a critical privilege escalation bug and a DoS flaw for which exploit code exists.

The Mirai-based Murdoc botnet has been actively targeting Avtech and Huawei devices for roughly half a year.

Oracle has released 318 new security patches to address roughly 200 unique CVEs as part of its January 2025 Critical Patch Update.

Cloudflare saw a 53% increase in DDoS attack frequency last year, when it blocked a record-breaking 5.6 Tbps attack.