Ionut Arghire

The European Union has added three Russian nationals to its sanctions list for their involvement in cyberattacks against Estonia.

ENGlobal has informed the SEC that personal information was compromised in a November 2024 ransomware attack.

Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks.

UK telecoms firm TalkTalk has confirmed falling victim to a data breach after a threat actor boasted about hacking it.

Vulnerabilities in LTE/5G core infrastructure, some remotely exploitable, could lead to persistent denial-of-service to entire cities.

Vulnerabilities in Git’s credential retrieval protocol could have allowed attackers to compromise user credentials.

A vulnerability in Subaru’s Starlink connected vehicle service exposed US, Canada, and Japan vehicle and customer accounts.

North Korean fake IT workers are more aggressively extorting their employers in response to law enforcement actions.

The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to North Korea.

Four decades of student and educator information was stolen from PowerSchool – tens of millions are potentially affected.

Security data pipeline management startup Axoflow has raised $7 million in a seed funding round led by EBRD Venture Capital.

A malicious campaign has been redirecting macOS users to a fake Homebrew website, infecting them with information stealer malware.

Cisco has released patches for three vulnerabilities, including a critical privilege escalation bug and a DoS flaw for which exploit code exists.

The Mirai-based Murdoc botnet has been actively targeting Avtech and Huawei devices for roughly half a year.

Oracle has released 318 new security patches to address roughly 200 unique CVEs as part of its January 2025 Critical Patch Update.

Cloudflare saw a 53% increase in DDoS attack frequency last year, when it blocked a record-breaking 5.6 Tbps attack.

Sophos warns of two ransomware groups abusing Microsoft 365 services and default configurations to contact internal enterprise users.

PowerSchool says the personal information of students and educators was stolen in a December 2024 data breach.

Marco Raquan Honesty has pleaded guilty to his roles in several fraud schemes, including smishing, identity theft, and bank account takeover.

The FCC adopts declaratory ruling requiring telecommunications providers to secure their networks against nation-states and other threats.