Ionut Arghire

Pakistani Threat Actors Caught Targeting Indian Gov Entities

Security researchers at Cisco Talos and Volexity flag two Pakistani espionage campaigns targeting Indian government entities.

June 14, 2024

Ascension Says Personal, Health Information Stolen in Ransomware Attack

Ascension says patient information was stolen in an early-May ransomware attack that involved an employee downloading malware.

June 14, 2024

CISA Warns of Progress Telerik Vulnerability Exploitation

CISA urges federal agencies to apply mitigations for an exploited Progress Telerik vulnerability as soon as possible.

June 14, 2024

French Bug Bounty Platform YesWeHack Raises $28 Million

YesWeHack has raised more than $52 million to date to build and market a crowdsourced vulnerability reporting platform.

June 13, 2024

Easily Exploitable Critical Vulnerabilities Found in Open Source AI/ML Tools

Protect AI warns of a dozen critical vulnerabilities in open source AI/ML tools reported via its bug bounty program.

June 13, 2024

Life360 Says Personal Information Stolen From Tile Customer Support Platform

Life360 says hackers attempted to extort it after stealing personal information from a Tile customer support platform.

June 13, 2024

City of Cleveland Scrambling to Restore Systems Following Cyberattack

The City of Cleveland says emergency services, utilities, and airport are unaffected by a recent cyberattack.

June 13, 2024

Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited

Microsoft’s June 2024 Patch Tuesday updates resolve a zero-click Outlook vulnerability leading to remote code execution.

June 12, 2024

Fortinet Patches Code Execution Vulnerability in FortiOS

Fortinet has patched multiple vulnerabilities in FortiOS, including a high-severity code execution security flaw.

June 12, 2024

Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities

Google and Mozilla have released patches for 21 and 15 vulnerabilities in Chrome and Firefox, respectively.

June 12, 2024

Ransomware Group Exploits PHP Vulnerability Days After Disclosure

The TellYouThePass ransomware gang started exploiting a recent code execution flaw in PHP days after public disclosure.

June 12, 2024

Two Arrested in UK for Smishing Campaign Powered by Homemade SMS Blaster

UK authorities have arrested two individuals for allegedly using a homemade mobile antenna to send mass text messages.

June 11, 2024

Multiple Vulnerabilities Plague Discontinued Netgear WNR614 Routers

Redfox Security warns of multiple vulnerabilities in Netgear WNR614 routers discontinued three years ago.

June 11, 2024

SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver

SAP has released 10 new security notes on June 2024 Security Patch Day, including two addressing high-severity vulnerabilities.

June 11, 2024

Arm Warns of Exploited Kernel Driver Vulnerability

Arm warns that CVE-2024-4610, a Mali GPU kernel driver vulnerability addressed two years ago, is exploited in attacks.

June 11, 2024

Snowflake Attacks: Mandiant Links Data Breaches to Infostealer Infections

Mandiant says a financially motivated threat actor has compromised hundreds of Snowflake instances using customer credentials stolen via infostealer malware that infected non-Snowflake owned...

June 10, 2024

Critical PyTorch Vulnerability Can Lead to Sensitive AI Data Theft

A critical vulnerability in the PyTorch distributed RPC framework could be exploited for remote code execution.

June 10, 2024

PHP Patches Critical Remote Code Execution Vulnerability

PHP has released patches for CVE-2024-4577, a critical vulnerability that could lead to arbitrary code execution on remote servers.

June 10, 2024

Nvidia Patches High-Severity GPU Driver Vulnerabilities

Nvidia patches multiple high-severity vulnerabilities in GPU display drivers and virtual GPU software.

June 10, 2024

FCC Proposes BGP Security Reporting for Broadband Providers

The FCC proposes that broadband providers plan for BGP security and provide quarterly reports on implemented risk mitigations.

June 7, 2024

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

Pakistani Threat Actors Caught Targeting Indian Gov Entities

Ascension Says Personal, Health Information Stolen in Ransomware Attack

CISA Warns of Progress Telerik Vulnerability Exploitation

French Bug Bounty Platform YesWeHack Raises $28 Million

Easily Exploitable Critical Vulnerabilities Found in Open Source AI/ML Tools

Life360 Says Personal Information Stolen From Tile Customer Support Platform

City of Cleveland Scrambling to Restore Systems Following Cyberattack

Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited

Fortinet Patches Code Execution Vulnerability in FortiOS

Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities

Ransomware Group Exploits PHP Vulnerability Days After Disclosure

Two Arrested in UK for Smishing Campaign Powered by Homemade SMS Blaster

Multiple Vulnerabilities Plague Discontinued Netgear WNR614 Routers

SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver

Arm Warns of Exploited Kernel Driver Vulnerability

Snowflake Attacks: Mandiant Links Data Breaches to Infostealer Infections

Critical PyTorch Vulnerability Can Lead to Sensitive AI Data Theft

PHP Patches Critical Remote Code Execution Vulnerability

Nvidia Patches High-Severity GPU Driver Vulnerabilities

FCC Proposes BGP Security Reporting for Broadband Providers

Featured

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Artificial Intelligence

AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask

ICS/OT

Cal Water Investigating Iranian Hackers’ Claims

Network Security

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Ransomware

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Latest News

Identity & Access

Webinar Today: How Modern Breaches Bypass MFA and Evade Detection

Funding/M&A

1Password Acquires Apono in Reported $250M-$300M Deal

Artificial Intelligence

Tenet Security Emerges From Stealth With $6 Million Seed Funding

ICS/OT

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

Vulnerabilities

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Daily Briefing Newsletter