MUST READ

Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release

 | 

Authorities released free decryptor for Phobos and 8base ransomware

 | 

Anne Arundel Dermatology data breach impacts 1.9 million people

 | 

LameHug: first AI-Powered malware linked to Russia’s APT28

 | 

5 Features Every AI-Powered SOC Platform Needs in 2025

 | 

Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025

 | 

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

 | 

United Natural Foods Expects $400M revenue impact from June cyber attack

 | 

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

 | 

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

 | 

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

 | 

Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard network

 | 

Former US Army member confesses to Telecom hack and extortion conspiracy

 | 

CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025

 | 

DDoS peaks hit new highs: Cloudflare mitigated massive 7.3 Tbps assault

 | 

U.S. CISA adds Wing FTP Server flaw to its Known Exploited Vulnerabilities catalog

 | 

Android Malware Konfety evolves with ZIP manipulation and dynamic loading

 | 

Belk hit by May cyberattack: DragonForce stole 150GB of data

 | 

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

 | 

FBI seized multiple piracy sites distributing pirated video games

 | 

Security Affairs newsletter Round 444 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini November 05, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Kinsing threat actors probed the Looney Tunables flaws in recent attacks
ZDI discloses four zero-day flaws in Microsoft Exchange
Okta customer support system breach impacted 134 customers
Multiple WhatsApp mods spotted containing the CanesSpy Spyware
Russian FSB arrested Russian hackers who supported Ukrainian cyber operations
MuddyWater has been spotted targeting two Israeli entities
Clop group obtained access to the email addresses of about 632,000 US federal employees
Okta discloses a new data breach after a third-party vendor was hacked
Suspected exploitation of Apache ActiveMQ flaw CVE-2023-46604 to install HelloKitty ransomware
Boeing confirmed its services division suffered a cyberattack
Resecurity: Insecurity of 3rd-parties leads to Aadhaar data leaks in India
Who is behind the Mozi Botnet kill switch?
CISA adds two F5 BIG-IP flaws to its Known Exploited Vulnerabilities catalog
Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748
Pro-Hamas hacktivist group targets Israel with BiBi-Linux wiper
British Library suffers major outage due to cyberattack
Critical Atlassian Confluence flaw can lead to significant data loss
WiHD leak exposes details of all torrent users
Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198
Canada bans WeChat and Kaspersky apps on government-issued mobile devices
Florida man sentenced to prison for SIM Swapping conspiracy that led to theft of $1M in cryptocurrency
Wiki-Slack attack allows redirecting business professionals to malicious websites
HackerOne awarded over $300 million bug hunters
StripedFly, a complex malware that infected one million devices without being noticed
IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Cybercrime

New Hunters International ransomware possible rebrand of Hive

Hacker Sentenced to 30 Months for SIM Swapping Conspiracy Resulting in Theft of Nearly $1 Million in Cryptocurrency

Boeing Says Its Services Division Was Hit by Cyberattack   

Hackers Accessed 632,000 Email Addresses at US Justice, Defense Departments   

Dutch hacker jailed for extortion, selling stolen data on RaidForums

US Harbors Prolific Malicious Link Shortening Service

‘Corrupt’ cop jailed for tipping off pal to EncroChat dragnet 

Malware

Ukrainian hackers disrupt internet providers in Russia-occupied territories 

BiBi-Linux: A New Wiper Dropped By Pro-Hamas Hacktivist Group  

Who killed Mozi? Finally putting the IoT zombie botnet in its grave  

AridViper, an intrusion set allegedly associated with Hamas  

WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users  

Elastic catches DPRK passing out KANDYKORN  

Hacking

The Wiki-Slack Attack  

Refresh: Compromising F5 BIG-IP With Request Smuggling | CVE-2023-46747  

Suspected Exploitation of Apache ActiveMQ CVE-2023-46604  

Unauthorized Access to Okta’s Support Case Management System: Root Cause and Remediation  

Looney Tunables Vulnerability Exploited by Kinsing  

A cascade of compromise: unveiling Lazarus’ new campaign  

Oldham Council facing 10,000 cyber attacks a day, report says

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Intelligence and Information Warfare

Fifth-Generation Warfare: AI in the Election Cycle

Minister Anand announces a ban on the use of WeChat and Kaspersky suite of applications on government mobile devices      

MuddyWater eN-Able spear-phishing with new TTPs

Russian TA499 Targets North American and European Countries     

Hackers are under investigation  

ISRAEL GAZA CONFLICT : THE CYBER PERSPECTIVE  

Cybersecurity

7th Annual Hacker Powered Security Report  

Your iPhone has a fatal security flaw — how to fix it immediately  

Internet access in Gaza partially restored after blackout

The Race to Save Our Secrets From the Computers of the Future

ODNI, Pentagon reveal FY23 intelligence budget at nearly $100 billion      

Is state intervention needed for cyber insurance?   

PSA: Your chat and call apps may leak your IP address  

German government reports risk of cyber threats higher than ever  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini July 19, 2025
Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release
Read more
Pierluigi Paganini July 18, 2025
Authorities released free decryptor for Phobos and 8base ransomware
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release

Hacking / July 19, 2025

Authorities released free decryptor for Phobos and 8base ransomware

Malware / July 18, 2025

Anne Arundel Dermatology data breach impacts 1.9 million people

Data Breach / July 18, 2025

LameHug: first AI-Powered malware linked to Russia’s APT28

APT / July 18, 2025

5 Features Every AI-Powered SOC Platform Needs in 2025

Security / July 18, 2025