Ionut Arghire

Cisco has resolved a high-severity vulnerability in Meraki MX and Meraki Z devices. Atlassian pushed patches for multiple third-party dependencies.

Misconfigured permissions in Google’s Gerrit code collaboration platform could have led to the compromise of ChromiumOS and other Google projects.

Citrix has released patches for critical- and high-severity vulnerabilities in NetScaler and Secure Access Client and Workspace for Windows.

Google has released a Chrome 137 update to resolve two memory bugs in the browser’s V8 and Profiler components.

Veeam and BeyondTrust have resolved several vulnerabilities that could be exploited for remote code execution.

GreyNoise warns of a spike in exploitation attempts targeting a two-year-old vulnerability in Zyxel firewalls.

Cloud security startup Circumvent has raised $6 million to develop a network of agents for autonomous prioritization and remediation.

CISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild.

A high-severity authorization bypass vulnerability in Asus Armoury Crate provides attackers with low-level system privileges.

Asheville Eye Associates says the personal information of 147,000 individuals was stolen in a November 2024 data breach.

The emerging Anubis ransomware becomes a major threat, permanently deleting user files and making recovery impossible.

Three high-severity Tenable Agent vulnerabilities could allow users to overwrite and delete files, or execute arbitrary code, with System privileges.

A cybersecurity incident at WestJet resulted in users experiencing interruptions when accessing the company’s application and website.

Threat actors have abused the TeamFiltration pentesting framework to target over 80,000 Entra ID user accounts.

CISA warns that vulnerable SimpleHelp RMM instances have been exploited against a utility billing software provider’s customers.

Multiple legitimate, unusual tools were used in a Fog ransomware attack, including one employed by Chinese hacking group APT41.

Trend Micro patches critical-severity Apex Central and Endpoint Encryption PolicyServer flaws leading to remote code execution.

Hirundo tackles AI hallucinations and bias by making trained models “forget” poisoned, malicious, and confidential data.

The new attack technique uses smartwatches to capture ultrasonic covert communication in air-gapped environments and exfiltrate data.

Between May 2024 and April 2025, Cloudflare blocked 109 billion malicious requests targeting organizations protected under Project Galileo.