• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Critical FortiSIEM flaw under active exploitation, Fortinet warns

 | 

Charon Ransomware targets Middle East with APT attack methods

 | 

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

 | 

SAP fixed 26 flaws in August 2025 Update, including 4 Critical

 | 

August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day

 | 

Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs

 | 

Chrome sandbox escape nets security researcher $250,000 reward

 | 

Smart Buses flaws expose vehicles to tracking, control, and spying

 | 

MedusaLocker ransomware group is looking for pentesters

 | 

Google confirms Salesforce CRM breach, faces extortion threat

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 57

 | 

Security Affairs newsletter Round 536 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Embargo Ransomware nets $34.2M in crypto since April 2024

 | 

Germany limits police spyware use to serious crimes

 | 

Phishing attacks exploit WinRAR flaw CVE-2025-8088 to install RomCom

 | 

French firm Bouygues Telecom suffered a data breach impacting 6.4M customers

 | 

Columbia University data breach impacted 868,969 people

 | 

SonicWall dismisses zero-day fears after Ransomware probe

 | 

Air France and KLM disclosed data breaches following the hack of a third-party platform

 | 

CISA, Microsoft warn of critical Exchange hybrid flaw CVE-2025-53786

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Security
  • Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini February 16, 2025

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog
Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug
U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog
China-linked APT Salt Typhoon breached telecoms by exploiting Cisco router flaws
Experts discovered PostgreSQL flaw chained with BeyondTrust zeroday in targeted attacks
Valve removed the game PirateFi from the Steam video game platform because contained a malware
The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets
China-linked APTs’ tool employed in RA World Ransomware attack
Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign
Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron
Cyber Crime
Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel
North Korea-linked APT Emerald Sleet is using a new tactic
U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog
Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs
Hacking
Attackers exploit a new zero-day to hijack Fortinet firewalls
Security
OpenSSL patched high-severity flaw CVE-2024-12797
Progress Software fixed multiple high-severity LoadMaster flaws
Security
Artificial intelligence (AI) as an Enabler for Enhanced Data Security
Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores
Operation Phobos Aetor: Police dismantled 8Base ransomware gang
Apple fixes iPhone and iPad bug exploited in ‘extremely sophisticated attacks’
HPE is notifying individuals affected by a December 2023 attack
XE Group shifts from credit card skimming to exploiting zero-days
UK Gov demands backdoor to access Apple iCloud backups worldwide

International Press – Newsletter

Cybercrime

XE Group: From Credit Card Skimming to Exploiting Zero-Days  

Four alleged hackers arrested in Phuket for hacking 17 Swiss firms  

The Untold Story of a Crypto Crimefighter’s Descent Into Nigerian Prison Security

Amsterdam police dismantle digital criminal network; 127 servers taken offline

AFP joins global crackdown on cybercriminal infrastructure provider      

Did You Download This Steam Game? Sorry, It’s Windows Malware  

Malware

Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach

Google Tag Manager Skimmer Steals Credit Card Info From Magento Site 

From South America to Southeast Asia: The Fragile Web of REF7707 

Deep Learning-Driven Malware Classification with API Call Sequence Analysis and Concept Drift Handling

Hacking

Chinese-Speaking Group Manipulates SEO with BadIIS  

Apple fixes iPhone and iPad bug used in an ‘extremely sophisticated attack’

Fault Injection – Looking for a Unicorn   

Massive brute force attack uses 2.8 million IPs to target VPN devices 

Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls 

Android Deep Dive: Implicit Intents Introduction  

How Wiz found a Critical NVIDIA AI vulnerability:  Deep Dive into a container escape (CVE-2024-0132) 

Surge in attacks exploiting old ThinkPHP and ownCloud flaws

CVE-2025-1094: PostgreSQL psql SQL injection (FIXED)  

whoAMI: A cloud image name confusion attack   

GreyNoise Observes Active Exploitation of PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108)  

Intelligence and Information Warfare

Another person targeted by Paragon spyware comes forward  

Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns

The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation

The Risk of a Taiwan Invasion Is Rising Fast     

China-linked Espionage Tools Used in Ransomware Attacks  

Analyzing DEEP#DRIVE: North Korean Threat Actors Observed Exploiting Trusted Platforms for Targeted Attacks    

The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets  

RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers

Spyware maker caught distributing malicious Android apps for years  

Operation Marstech Mayhem Lazarus Group’s Open-Source Trap: North Korea’s New Malware Tactic Targeting Developers and Crypto Wallets

Storm-2372 conducts device code phishing campaign 

Cybersecurity

DOGE Teen Owns ‘Tesla.Sexy LLC’ and Worked at Startup That Has Hired Convicted Hackers  

Meta staff torrented nearly 82TB of pirated books for AI training — court records reveal copyright violations 

Fortinet warns of new zero-day exploited to hijack firewalls

The February 2025 Security Update Review 

Barcelona-based spyware startup Variston shuts down, per filing  

Tackling AI security risks to unleash growth and deliver Plan for Change  

Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108)  

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)


facebook linkedin twitter

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Newsletter Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini August 13, 2025
Critical FortiSIEM flaw under active exploitation, Fortinet warns
Read more
Pierluigi Paganini August 13, 2025
Charon Ransomware targets Middle East with APT attack methods
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Critical FortiSIEM flaw under active exploitation, Fortinet warns

    Hacking / August 13, 2025

    Charon Ransomware targets Middle East with APT attack methods

    Malware / August 13, 2025

    Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

    Data Breach / August 13, 2025

    SAP fixed 26 flaws in August 2025 Update, including 4 Critical

    Uncategorized / August 13, 2025

    August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day

    Hacking / August 12, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT