Ionut Arghire

Chrome 128 was released in the stable channel with patches for 38 vulnerabilities, including a V8 JavaScript engine flaw exploited in the wild.

New phishing attacks target iOS and Android users with Progressive Web Applications and WebAPKs to steal banking information.

Personal information for about 139,000 individuals was stolen in October 2023 from class action settlement administrator Arden Claims Service.

A vulnerability in Microsoft Copilot Studio exposed information on internal services shared among tenants, potentially impacting multiple customers.

A vulnerability in Azure Kubernetes Services could have allowed attackers to escalate privileges and access sensitive information on the clusters.

A critical vulnerability in the GiveWP WordPress plugin could be exploited for remote code execution and arbitrary file deletion.

Fabric Cryptography has raised $33 million in Series A funding to create the Verifiable Processing Unit (VPU), a new chip for cryptography.

Multiple vulnerabilities in Microsoft applications for macOS could be exploited to send emails, leak sensitive information, and escalate privileges.

F5’s latest quarterly security notification includes nine advisories, including four for high-severity vulnerabilities in BIG-IP and NGINX Plus.

Data includes names, dates of birth, physical addresses, Social Security Numbers, medical and diagnosis information, and health insurance details.

The City of Flint, Michigan, has been struggling with network and online service disruptions after being hit by ransomware last week.

Microsoft is implementing automatic enforcement of multi-factor authentication (MFA) for all Azure users starting October.

A web skimmer was likely used to steal names and payment card data from the Oregon Zoo’s online ticketing service.

Security researchers at Palo Alto Networks discover a threat actor extorting organizations after compromising their cloud environments using inadvertently exposed environment variables.

Multiple Russian, Belarusian, and Western entities perceived as Russia’s enemies have been targeted in two recent spear-phishing campaigns.

The US cybersecurity agency CISA warns that a recent SolarWinds Web Help Desk vulnerability has been exploited in the wild.

Misconfigurations and security bugs lead to GitHub Actions artifacts exposing tokens for third party cloud services and GitHub repositories.

SolarWinds has released a hotfix for a critical Java deserialization remote code execution vulnerability in Web Help Desk.

Google says it blocked Iranian APT42 hackers from accessing the personal email accounts of individuals affiliated with the US elections.

Georgy Kavzharadze was sentenced to prison in the US for selling stolen financial, login, and personal information on an online cybercriminal marketplace.