• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

 | 

Interlock ransomware group deploys new PHP-based RAT via FileFix

 | 

Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

 | 

Experts uncover critical flaws in Kigen eSIM technology affecting billions

 | 

Spain awarded €12.3 million in contracts to Huawei

 | 

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

 | 

Wing FTP Server flaw actively exploited shortly after technical details were made public

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 53

 | 

Security Affairs newsletter Round 532 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

McDonald’s job app exposes data of 64 Million applicants

 | 

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

 | 

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

 | 

UK NCA arrested four people over M&S, Co-op cyberattacks

 | 

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

 | 

Qantas data breach impacted 5.7 million individuals

 | 

DoNot APT is expanding scope targeting European foreign ministries

 | 

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Pierluigi Paganini May 14, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

We are in the final!

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini

Please nominate Security Affairs as your favorite blog.

Nominate Pierluigi Paganini and Security Affairs here here: https://docs.google.com/forms/d/e/1FAIpQLSepvnj8b7QzMdLh7vWEDQDqohjBUsHyn3x3xRdYGCetwVy2DA/viewform

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Personal info of 90k hikers leaked by French tourism company La Malle Postale
Data of more than 2M Toyota customers exposed in ten years-long data breach
Discord suffered a data after third-party support agent was hacked
Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocol
Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE
Leaked source code of Babuk ransomware used by 10 different ransomware families targeting VMware ESXi
What the Email Security Landscape Looks Like in 2023
The Black Basta ransomware gang hit multinational company ABB
A flaw in the Essential ‘Addons for Elementor’ WordPress plugin poses 1M sites at risk of hacking
Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers 
We are in the final! Please vote for Security Affairs and Pierluigi Paganini
Google will provide dark web monitoring to all US Gmail users and more
North Korea-linked APT breached the Seoul National University Hospital
Twitter now supports Encrypted Direct Messages, with some limitations
A zero-click vulnerability in Windows allows stealing NTLM credentials
Cybersecurity firm Dragos shared details about a failed extortion attempt it suffered
DownEx cyberespionage operation targets Central Asia
Smashing Pumpkins frontman paid ransom to a hacker who threatened to leak the band’s songs
US disrupts Russia-linked Snake implant’s network
Microsoft Patch Tuesday for May 2023 fixed 2 actively exploited zero-day flaws
The global food distribution giant Sysco discloses a data breach
A Linux NetFilter kernel flaw allows escalating privileges to ‘root’
Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet
FBI seized 13 domains linked to DDoS-for-hire platforms
New CACTUS ransomware appeared in the threat landscape
Iran-linked APT groups started exploiting Papercut flaw
Money Message gang leaked private code signing keys from MSI data breach
NextGen Healthcare suffered a data breach that impacted +1 Million individuals
Western Digital notifies customers of data breach after March cyberattack
CERT-UA warns of an ongoing SmokeLoader campaign
SEC issued a record award of $279 million to a whistleblower
San Bernardino County Sheriff’s Department paid a $1.1M ransom
Dragon Breath APT uses double-dip DLL sideloading strategy

International Press

Cybercrime

San Bernardino County pays $1.1-million ransom over Sheriff’s Department hack  

Reverting UAC-0006: Mass distribution of SmokeLoader using the “accounts” theme (CERT-UA#6613)

Western Digital to bring services back online soon after security breach       

MSI’s leaked firmware keys endanger hundreds of devices    

Federal Authorities Seize 13 Internet Domains Associated with ‘Booter’ Websites that Offered DDoS Computer Attack Services  

$10M Is Yours If You Can Get This Guy to Leave Russia   

TSB sees huge fraud spikes from Meta-owned companies, as the Bank issues warning on scale of social media scams       

Dragos – Deconstructing a Cybersecurity Event   

Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG  

Silk Road scammer charged with narcotics trafficking and money laundering  

Hacking

A doubled “Dragon Breath” adds new air to DLL sideloading attacks     

CVE-2023-32233 – Linux Kernel Privilege Escalation: A Critical Security Vulnerability Uncovered

From One Vulnerability to Another: Outlook Patch Analysis Reveals Important Flaw in Windows API  

Cracked password analytics with Kraken  

Chaining Five Vulnerabilities to Exploit Netgear Nighthawk RAX30 Routers at Pwn2Own Toronto 2022   

Malware

BlackBit Ransomware: A Threat from the Shadows of LokiLocker

Hunting Russian Intelligence “Snake” Malware       

AndoryuBot – New Botnet Campaign Targets Ruckus Wireless Admin Remote Code Execution Vulnerability

Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers   

Intelligence and Information Warfare

Attack on Security Titans: Earth Longzhi Returns With New Tricks    

Justice Department Announces Court-Authorized Disruption of Snake Malware Network Controlled by Russia’s Federal Security Service

Deep Dive Into DownEx Espionage Operation in Central Asia   

Cybersecurity

SEC Issues Largest-Ever Whistleblower Award    

The MAY 2023 security update review

TikTok Tracked Users Who Watched Gay Content, Prompting Employee Complaints   

About Encrypted Direct Messages

New features and updates to improve online safety 

Critical Privilege Escalation in Essential Addons for Elementor Plugin Affecting 1+ Million Sites    

Toyota: Data on more than 2 million vehicles in Japan were at risk in decade-long breach    

Global Surveillance: The Secretive Swiss Dealer Enabling Israeli Spy Firms    

Henry Kissinger on a potential artificial intelligence arms race  tive Fired From TikTok’s Chinese Owner Says Beijing Australia remains most hacked nation globally despite pleas to lift security standardscess to App Data in Termination Suit

Follow me on Twitter: @securityaffairs and Facebook and Mastodon



Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)


facebook linkedin twitter

Cybercrime data breach hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini July 15, 2025
An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance
Read more
Pierluigi Paganini July 14, 2025
Interlock ransomware group deploys new PHP-based RAT via FileFix
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

    Hacking / July 15, 2025

    Interlock ransomware group deploys new PHP-based RAT via FileFix

    Cyber Crime / July 14, 2025

    Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

    Data Breach / July 14, 2025

    Experts uncover critical flaws in Kigen eSIM technology affecting billions

    Security / July 14, 2025

    Spain awarded €12.3 million in contracts to Huawei

    Intelligence / July 14, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT