Ionut Arghire

Google and Mozilla have released patches for a combined total of four high-severity memory bugs in Chrome and Firefox.

The Texas Department of Transportation has disclosed a data breach impacting the personal information included in 300,000 crash reports.

Swimlane has raised $45 million in a growth funding round to fuel its global channel expansion and product innovation.

SAP has fixed a critical NetWeaver vulnerability allowing attackers to bypass authorization checks and escalate their privileges.

Exploitation of a critical-severity RCE vulnerability in Roundcube started only days after a patch was released.

A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack.

Two malicious NPM packages contain code that would delete production systems when triggered with the right credentials.

iVerify links iPhone crashes to sophisticated zero-click attacks via iMessage targeting individuals involved in politics in the EU and US.

The US is seeking the forfeiture of $7.74 million in cryptocurrency in frozen wallets tied to North Korean fake IT workers schemes.

Data security firm MIND has raised $30 million in Series A funding to expand its R&D and go-to-market teams.

A Russia-linked threat actor has used the destructive malware dubbed PathWiper against a critical infrastructure organization in Ukraine.

Cisco has released patches for a critical vulnerability impacting cloud deployments of Identity Services Engine (ISE).

An HPE StoreOnce vulnerability allows attackers to bypass authentication, potentially leading to remote code execution.

A threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters.

Play ransomware attacks have hit roughly 900 organizations and recently involved the exploitation of SimpleHelp vulnerabilities.

Authorities seized 145 domains associated with BidenCash, a marketplace for stolen credit cards and personal information.

The Interlock ransomware group has leaked data allegedly stolen from Kettering Health in a recent cyberattack.

Germany fined Vodafone $51 million for failing to protect user data from partners and unauthorized third-parties.

A financially motivated threat actor employing vishing to compromise Salesforce customers, and extort them.

ThreatSpike will use the fresh funding to expand its engineering, go-to-market, and security operations teams.