Ionut Arghire

Romania

Security News Reporter at SecurityWeek

News Reporter

Featured in: Favicon

securityweek.com Favicon

softpedia.com Favicon

thestkittsnevisobserver.com Favicon

news.softpedia.com

Articles

Google Agrees to $1.3 Billion Settlement in Texas Privacy Lawsuits

2 days ago | securityweek.com | Ionut Arghire

Google has agreed to pay $1.375 billion to Texas to settle allegations that it was tracking users’ location even when the feature was disabled, tracking their internet activity in private browsing, and using their biometric data without consent, Attorney General Ken Paxton announced.
437,000 Impacted by Ascension Health Data Breach

2 days ago | securityweek.com | Ionut Arghire

More than 437,000 patients were impacted by a recently disclosed data breach, non-profit healthcare system Ascension Health told the US Department of Health and Human Services (HHS). The incident did not involve Ascension Health’s systems, but a business partner to which Ascension inadvertently exposed patient data, the organization said roughly two weeks ago. The data, Ascension said, was stolen after hackers targeted a vulnerability in third-party software the business partner was using.
Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks

2 days ago | securityweek.com | Ionut Arghire

Two vulnerabilities in DriverHub, a driver software that comes pre-installed on Asus motherboards, can be exploited remotely for arbitrary code execution, New Zealand researcher ‘MrBruh’ says. The issues, tracked as CVE-2025-3462 (CVSS score of 8.4) and CVE-2025-3463 (CVSS score of 9.4) could be exploited via crafted HTTP requeststo interact with DriverHub.
German Authorities Take Down Crypto Swapping Service eXch

3 days ago | securityweek.com | Ionut Arghire

German authorities have announced the takedown of eXch, a cryptocurrency exchange allegedly involved in money laundering and in supporting criminal operations. Established since 2014, eXch provided cryptocurrency swapping services and was advertised on underground platforms as lacking anti-money laundering measures, Germany’s Federal Criminal Police Office (BKA) says.
Popular Scraping Tool's NPM Package Compromised in Supply Chain Attack

5 days ago | securityweek.com | Ionut Arghire

A threat actor published three malicious versions of the popular NPM package ‘rand-user-agent’ to deploy and activate a remote access trojan (RAT) on users’ systems. A Node.js package that has been deprecated, rand-user-agent generates randomized user-agent strings based on occurrence. It was originally built as a functionality tool for Romanian software development firm WebScrapingAPI, but can be integrated into any node.js project for web scraping.
160,000 Impacted by Valsoft Data Breach

5 days ago | securityweek.com | Ionut Arghire

Canada-based vertical market software (VMS) firm Valsoft Corporation (dba AllTrust) is notifying over 160,000 people that their personal information was compromised in a data breach. The incident, discovered on February 14, involved unauthorized access to a non-production network of AllTrust subsidiary Aspire USA.
Malicious NPM Packages Target Cursor AI's macOS Users

5 days ago | securityweek.com | Ionut Arghire

Three malicious NPM packages posing as developer tools for the popular Cursor AI code editor were caught deploying a backdoor on macOS systems, vulnerability detection firm Socket reports. Cursor is a proprietary integrated development environment (IDE) that integrates AI features directly within the coding environment. It offers tiered access to LLMs, with premium language models priced per request.
SAP Zero-Day Targeted Since January, Many Sectors Impacted

5 days ago | securityweek.com | Ionut Arghire

Hundreds of SAP NetWeaver instances have been compromised through the exploitation of a recently disclosed zero-day vulnerability that can lead to remote code execution (RCE). The issue, tracked as CVE-2025-31324 (CVSS score of 10/10), was flagged as exploited on April 22, two days before SAP released patches for it, warning that it allows attackers to upload malicious executables to vulnerable servers.
Possible Zero-Day Patched in SonicWall SMA Appliances

6 days ago | securityweek.com | Ionut Arghire

SonicWall on Wednesday announced patches for three vulnerabilities in its Secure Mobile Access (SMA) 100 series appliances that could lead to remote code execution (RCE). The first of the bugs, tracked as CVE-2025-32819 (CVSS score of 8.8), is an arbitrary file delete issue that can be exploited by authenticated attackers with user privileges.
Google Finds Data Theft Malware Used by Russian APT in Select Cases

6 days ago | securityweek.com | Ionut Arghire

Russian state-sponsored APT group Star Blizzard has been using the ClickFix technique to distribute new information stealer malware, Google warns. Also known as UNC4057, Callisto, Coldriver, and Seaborgium, and active since at least 2019, Star Blizzard was publicly linked to Russia’s Federal Security Service (FSB) by the US in December 2023. In October 2024, over 100 domains the APT used for spear-phishing were seized.