Ionut Arghire

Russia-linked APT Star Blizzard is using the ClickFix technique in recent attacks distributing the LostKeys malware.

The patches for an exploited Samsung MagicINFO vulnerability are ineffective and a Mirai botnet has started targeting it.

Cisco releases patches for 26 vulnerabilities in IOS and IOS XE software, including 17 critical- and high-severity bugs.

The US has sanctioned Myanmar warlord Saw Chit Thu and his militia for their roles in cyber scams causing billions in losses to American...

Application performance monitoring provider AppSignal has raised $22 million in a Series A funding round led by Elsewhere Partners.

Threat actors are targeting a critical-severity vulnerability in the OttoKit WordPress plugin to gain administrative privileges.

Agencies say the attacks leverage basic intrusion techniques, but poor cyber hygiene within critical infrastructure organizations could lead to disruptions and damage.

Threat actors are revisiting SAP NetWeaver instances to leverage webshells deployed via a recent zero-day vulnerability.

Threat actors started exploiting a vulnerability in Samsung MagicINFO only days after a PoC exploit was published.

CISA warns organizations that threat actors are exploiting a critical-severity vulnerability in low-code AI builder Langflow.

Android’s May 2025 security update includes patches for an exploited vulnerability in the FreeType open source rendering engine.

CISA has flagged a critical-severity Commvault vulnerability as exploited one week after technical details were released.

The DragonForce ransomware group has claimed responsibility for the recent cyberattacks on UK retailers Co-op, Harrods, and M&S.

PoC code targeting two exploited SonicWall flaws was published just CISA added them to the KEV catalog.

The US government says defense contractor Raytheon and Nightwing agreed to pay $8.4 million to settle False Claims Act allegations.

Major UK retailers Co-op, Harrods, and M&S are scrambling to restore services that were affected by cyberattacks.

Microsoft is prioritizing passwordless sign-in and sign-up methods, and is making new accounts passwordless by default.

Ukrainian national Artem Stryzhak was extradited to the US and charged with using Nefilim ransomware in attacks on large businesses.

Commvault provides indicators of compromise and mitigation guidance after a zero-day exploit targeting its Azure environment lands in CISA’s KEV catalog.

ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor.