Ionut Arghire

SAP has released 16 new security notes on its May 2025 Security Patch Day, including a note dealing with another critical NetWeaver vulnerability exploited...

Marks & Spencer has confirmed that personal information was stolen in a recent cyberattack claimed by a ransomware group.

A Turkey-affiliated espionage group has exploited a zero-day vulnerability in Output Messenger since April 2024.

A 45-year-old individual was arrested in Moldova for his suspected involvement in DoppelPaymer ransomware attacks.

Google has agreed to a $1.375 billion settlement with Texas in lawsuits over location and private browsing tracking, and biometric data collection.

Ascension Health has notified the HHS that more than 437,000 people were affected by a recently disclosed data breach.

Two vulnerabilities in ASUS’s pre-installed software DriverHub can be exploited for remote code execution.

German authorities seized the servers of crypto-swapping service eXch for laundering approximately $1.9 billion in fraudulent assets.

Supply chain attack compromises the popular rand-user-agent NPM package to deploy and activate a backdoor.

VMS firm Valsoft Corporation says the personal information of over 160,000 people was compromised in a February 2025 data breach.

Three NPM packages posing as developer tools for Cursor AI code editor’s macOS version contain a backdoor.

Hundreds of SAP NetWeaver instances hacked via a zero-day that allows remote code execution, not only arbitrary file uploads, as initially believed.

SonicWall patches three SMA 100 vulnerabilities, including a potential zero-day, that could be chained to execute arbitrary code remotely.

Russia-linked APT Star Blizzard is using the ClickFix technique in recent attacks distributing the LostKeys malware.

The patches for an exploited Samsung MagicINFO vulnerability are ineffective and a Mirai botnet has started targeting it.

Cisco releases patches for 26 vulnerabilities in IOS and IOS XE software, including 17 critical- and high-severity bugs.

The US has sanctioned Myanmar warlord Saw Chit Thu and his militia for their roles in cyber scams causing billions in losses to American...

Application performance monitoring provider AppSignal has raised $22 million in a Series A funding round led by Elsewhere Partners.

Threat actors are targeting a critical-severity vulnerability in the OttoKit WordPress plugin to gain administrative privileges.

Agencies say the attacks leverage basic intrusion techniques, but poor cyber hygiene within critical infrastructure organizations could lead to disruptions and damage.