Breaking News

Security Affairs newsletter Round 351

newsletternewsletter

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

QNAP force-installs update against the recent wave of DeadBolt ransomware infections
US FCC bans China Unicom Americas telecom over national security risks
NCSC warns UK entities of potential destructive cyberattacks from Russia
Finnish diplomats’ devices infected with Pegasus spyware
Zerodium offers $400,000 for Microsoft Outlook RCE zero-day exploits
Delta Electronics, a tech giants’ contractor, hit by Conti ransomware
Experts devise a technique to bypass Microsoft Outlook Security feature
Puerto Rico was hit by a major cyberattack
North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks
Popular apps left biometric data, IDs of millions of users in danger
Microsoft mitigated a 3.47 Tbps DDoS attack, the largest one to date
Lockbit ransomware gang claims to have hacked Ministry of Justice of France
A new highly evasive technique used to deliver the AsyncRAT Malware
Experts analyze first LockBit ransomware for Linux and VMware ESXi
Apple fixed the first two zero-day vulnerabilities of 2022
German intelligence agency warns of China-linked APT27 targeting commercial organizations
New DeadBolt ransomware targets QNAP NAS devices
VMware urges customers to patch VMware Horizon servers against Log4j attacks
PwnKit: Local Privilege Escalation bug affects major Linux distros
PrinterLogic fixes high severity flaws in Printer Management Suite
Segway e-store compromised in a Magecart attack to steal credit cards
UK NCSC is going to release Nmap scripts to find unpatched vulnerabilities
Sophisticated attackers used DazzleSpy macOS backdoor in watering hole attacks
Attackers are actively targeting critical RCE bug in SonicWall Secure Mobile Access
Latest version of Android RAT BRATA wipes devices after stealing data
A flaw in Rust Programming language could allow to delete files and directories
Tens of AccessPress WordPress themes compromised as part of a supply chain attack
Russian authorities arrested the kingpin of cybercrime Infraud Organization
Emotet spam uses unconventional IP address formats to evade detection
Crooks tampering with QR Codes to steal victim money and info, FBI warns
F5 fixes 25 flaws in BIG-IP, BIG-IQ, and NGINX products
OpenSubtitles data breach impacted 7 million subscribers
US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog
Molerats cyberespionage group uses public cloud services as attack infrastructure

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Published by
Pierluigi Paganini
Tags: Cybercrimedata breachHackinghacking newsinformation security newsIT Information SecuritymalwareNewsletterSecurity AffairsSecurity News
3 years ago

Recent Posts

Texas Department of Transportation (TxDOT) data breach exposes 300,000 crash reports

Hackers breached Texas DOT (TxDOT), stealing 300,000 crash reports with personal data from its Crash…

3 hours ago

SAP June 2025 Security Patch Day fixed critical NetWeaver bug

SAP fixed a critical NetWeaver flaw that let attackers bypass authorization and escalate privileges. Patch…

6 hours ago

U.S. CISA adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws…

10 hours ago

Mirai botnets exploit Wazuh RCE, Akamai warned

Mirai botnets are exploiting CVE-2025-24016, a critical remote code execution flaw in Wazuh servers, Akamai…

13 hours ago

China-linked threat actor targeted +70 orgs worldwide, SentinelOne warns

China-linked threat actor targeted over 70 global organizations, including governments and media, in cyber-espionage attacks…

16 hours ago

DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam

US seeks to seize $7.74M in crypto linked to North Korean fake IT worker schemes,…

1 day ago