Ionut Arghire

A critical-severity flaw in GitHub Enterprise Server could lead to unauthorized access to the vulnerable instances.

Splunk has released patches for multiple vulnerabilities in Splunk Enterprise, including two high-severity remote code execution flaws.

Automattic has rolled out updates for 101 Jetpack versions released over the past eight years to resolve a critical vulnerability.

Entry points in packages across multiple programming languages are susceptible to exploitation in supply chain attacks.

Gryphon Healthcare and Tri-City Medical Center have disclosed data breaches collectively impacting over 500,000 individuals.

The Iran-linked APT OilRig has intensified cyber operations against the United Arab Emirates and the broader Gulf region.

Juniper Networks has announced patches for dozens of vulnerabilities in Junos OS, Junos OS Evolved, and third-party components.

Tor browser version 13.5.7 is rolling out with patches for an exploited zero-day vulnerability recently addressed in Firefox.

HiddenLayer details ShadowLogic, a new method of creating codeless backdoors in AI models by manipulating their graphs.

Relyance AI has raised $32 million in Series B funding to develop its data governance platform and scale operations.

Sophos warns of ransomware operators exploiting a critical code execution vulnerability in Veeam Backup & Replication.

The latest GitLab update resolves eight vulnerabilities, including critical- and high-severity pipeline execution flaws.

Doctor Web says no development or user data was compromised after pro-Ukraine hacktivists claimed the theft of 10 Tb of files.

Risk management startup Cyrisma has raised $7 million in a Series A funding round led by Blueprint Equity.

CISA has added a FortinetFortiOS vulnerability tracked as CVE-2024-23113 to its Known Exploited Vulnerabilities (KEV) catalog.

Mozilla has released a Firefox 131 update to resolve CVE-2024-9680, a code execution vulnerability exploited in the wild as a zero-day.

Google launches Global Signal Exchange (GSE), an initiative aimed at fostering the sharing of online fraud and scam intelligence.

CISA and the FBI have issued a warning on Iranian phishing attacks targeting national political organizations and campaigns.

The iPhone Mirroring feature in macOS Sequoia and iOS 18 may expose employees’ private applications to corporate IT environments.

Cyberespionage APT GoldenJackal has been targeting air-gapped systems at government organizations and embassies.