Security Affairs newsletter Round 390 by Pierluigi Paganini

Security Affairs newsletter Round 390

Pierluigi Paganini October 23, 2022

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Daixin Team targets health organizations with ransomware, US agencies warn

Threat actors exploit critical flaw in VMware Workspace ONE Access to drop ransomware, miners

EnergyAustralia Electricity company discloses security breach

Experts warn of CVE-2022-42889 Text4Shell exploit attempts

CISA adds Linux kernel flaw CVE-2021-3493 to its Known Exploited Vulnerabilities Catalog

GUAC – A Google Open Source Project to secure software supply chain

News URSNIF variant doesn’t support banking features

Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients

Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update
BlueBleed: Microsoft confirmed data leak exposing customers’ info

Internet disruptions observed as Russia targets critical infrastructure in Ukraine

Brazilian police arrested a man suspected of being a member of LAPSUS$ gang

Experts discovered millions of .git folders exposed to public

Text4Shell, a remote code execution bug in Apache Commons Text library

Researchers share of FabriXss bug impacting Azure Fabric Explorer

The missed link between Ransom Cartel and REvil ransomware gangs

Microsoft Office 365 Message Encryption (OME) doesn’t ensure confidentiality

Law enforcement arrested 31 suspects for stealing cars by hacking key fobs

China-linked APT41 group targets Hong Kong with Spyder Loader
Critical Remote Code Execution issue impacts popular post-exploitation toolkit Cobalt Strike

Over 17000 Fortinet devices exposed online are very likely vulnerable to CVE-2022-40684

CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration

Retail giant Woolworths discloses data breach of MyDeal online marketplace

New UEFI rootkit Black Lotus offered for sale at $5,000

Japanese tech firm Oomiya hit by LockBit 3.0. Multiple supply chains potentially impacted

Bulgaria hit by a cyber attack originating from Russia

Interpol arrested 75 members of the cybercrime ring Black Axe

45,654 VMware ESXi servers reached End of Life on Oct. 15

Mysterious Prestige ransomware targets organizations in Ukraine and Poland

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini June 25, 2025

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Pierluigi Paganini June 25, 2025

Security Affairs newsletter Round 390

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

you might also like

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

Prometei botnet activity has surged since March 2025

The U.S. House banned WhatsApp on government devices due to security concerns

QUICK LINKS

Security Affairs newsletter Round 390

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

you might also like

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

Prometei botnet activity has surged since March 2025

The U.S. House banned WhatsApp on government devices due to security concerns

Subscribe to my email list and stay
up-to-date!