Ionut Arghire

Hardcoded SSH credentials in Cisco Unified CM and Unified CM SME could allow attackers to execute commands as root.

SentinelOne says the fake Zoom update scam delivers ‘NimDoor’, a rare Nim-compiled backdoor.

A vulnerability in the Forminator WordPress plugin allows attackers to delete arbitrary files and take over impacted websites.

CISA says two more vulnerabilities in the messaging application TeleMessage TM SGNL have been exploited in the wild.

The International Criminal Court (ICC) has detected and contained a sophisticated and targeted cyberattack.

Australian airline Qantas says personal information stolen from systems hosting the service records of 6 million customers.

Esse Health says the personal information of over 263,000 individuals was stolen in an April 2025 cyberattack.

Many Citrix NetScaler systems are exposed to attacks exploiting the vulnerabilities tracked as CVE-2025-5777 and CVE-2025-6543.

The US has made 29 searches of known or suspected laptop farms supporting North Korean individuals posing as US IT workers.

Google has released a Chrome 138 update that patches a high-severity vulnerability with an exploit in the wild.

NASA needs to perform an agency-wide cybersecurity risk assessment and to complete important cybersecurity tasks for each of its projects.

Vulnerabilities in Airoha Bluetooth SoCs expose headphone and earbud products from multiple vendors to takeover attacks.

Canada has ordered Hikvision to cease all operations in the country and prohibited the purchase and use of Hikvision products within government entities.

RevEng.ai has raised $4.15 million in seed funding for an AI platform that automatically detects malicious code and vulnerabilities in software.

China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit.

A vulnerability in the extension publishing mechanism of Open VSX could have allowed attackers to tamper with any repository.

Hackers are abusing the Microsoft 365 Direct Send feature to deliver phishing emails that bypass email security controls.

CISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17.

The personal information of 167,000 individuals was compromised in an October 2024 data breach at Central Kentucky Radiology.

Two critical vulnerabilities in Cisco ISE could allow remote attackers to execute arbitrary code with root privileges.