Ionut Arghire

Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase.

Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack.

With IPOs taking longer than ever, the venture firm’s fund aims to keep startup veterans motivated while staying private.

Two vulnerabilities in an internal API allowed unauthorized access to contacts and chats, exposing the information of 64 million McDonald’s applicants.

Wing FTP Server vulnerability CVE-2025-47812 can be exploited for arbitrary command execution with root or system privileges.

Since August 2015, Google has delivered a constant stream of monthly security patches for Android. Until July 2025.

Ingram Micro has restored operations across all countries and regions after disconnecting systems to contain a ransomware attack.

Hackers compromised names, addresses, email address, phone numbers, and other information pertaining to Qantas customers.

AI-powered MDR provider AirMDR has raised $15.5 million in funding (seed and infusion investment) to support its R&D efforts.

New Samsung Galaxy features include protections for on-device AI, expanded cross-device threat detection, and quantum-resistant encryption for network security.

Multiple vulnerabilities in Ruckus Wireless management products could be exploited to fully compromise the managed environments.

Ivanti, Fortinet, and Splunk have released patches for critical- and high-severity vulnerabilities in their products.

Adobe patches were also released for medium-severity flaws in After Effects, Audition, Dimension, Experience Manager Screens, FrameMaker, Illustrator, Substance 3D Stager, and Substance 3D...

Patch Tuesday July 2025: Microsoft rolled out fixes for 130 vulnerabilities, including a zero-day in SQL Server.

A stolen copy of Shellter Elite shows how easily legitimate security tools can be repurposed by threat actors when vetting and oversight fail.

SAP has released patches for multiple insecure deserialization vulnerabilities in NetWeaver that could lead to full system compromise.

Researchers released technical information and exploit code targeting a critical vulnerability (CVE-2025-5777) in Citrix NetScaler.

The Australian airline says a cybercriminal attempted to extort it after customer data was stolen from a contact center.

CVE-2025-6554 and three other Chromium vulnerabilities could allow attackers to execute code and corrupt memory remotely.

The notorious Hive successor ceases ransomware operations but pivots to pure data extortion under the new World Leaks brand.