Security Affairs newsletter Round 399 by Pierluigi Paganini

Pierluigi Paganini December 25, 2022

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Raspberry Robin malware used in attacks against Telecom and Governments

TikTok parent company ByteDance revealed the use of TikTok data to track journalists

BetMGM discloses security breach impacting 1.5 Million customers

An Iranian group hacked Israeli CCTV cameras, defense was aware but didn’t block it

LastPass revealed that encrypted password vaults were stolen

Vice Society ransomware gang is using a custom locker

A new Zerobot variant spreads by exploiting Apache flaws

North Korea-linked hackers stole $626 million in virtual assets in 2022
Play ransomware attacks use a new exploit to bypass ProxyNotShell mitigations on Exchange servers

Okta revealed that its private GitHub repositories were hacked this month

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

German industrial giant ThyssenKrupp targeted in a new cyberattack

UAC-0142 APT targets Ukraine’s Delta military intelligence program

Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August

Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS

Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware

Old vulnerabilities in Cisco products actively exploited in the wild

Experts spotted a variant of the Agenda Ransomware written in Rust
Play ransomware attacks use a new exploit to bypass ProxyNotShell mitigations on Exchange servers

Okta revealed that its private GitHub repositories were hacked this month

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

German industrial giant ThyssenKrupp targeted in a new cyberattack

UAC-0142 APT targets Ukraine’s Delta military intelligence program

Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August

Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS

Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware

Old vulnerabilities in Cisco products actively exploited in the wild

Experts spotted a variant of the Agenda Ransomware written in Rust
US Gov warns of BEC attacks to hijack shipments of food products

Glupteba botnet is back after Google disrupted it in December 2021

Google announced end-to-end encryption for Gmail web

Fire and rescue service in Victoria, Australia, confirms cyber attack

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini June 26, 2025

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

Pierluigi Paganini June 25, 2025

Security Affairs newsletter Round 399 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

you might also like

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

Hackers deploy fake SonicWall VPN App to steal corporate credentials

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

Prometei botnet activity has surged since March 2025

QUICK LINKS

Security Affairs newsletter Round 399 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box.

you might also like

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

Hackers deploy fake SonicWall VPN App to steal corporate credentials

leave a comment

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

Prometei botnet activity has surged since March 2025

Subscribe to my email list and stay
up-to-date!