MUST READ

ShinyHunters Attack National Credit Information Center of Vietnam

 | 

FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

 | 

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

 | 

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

 | 

Samsung fixed actively exploited zero-day

 | 

UK train operator LNER (London North Eastern Railway) discloses a data breach

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

 | 

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

 | 

Google fixes critical Chrome flaw, researcher earns $43K

 | 

Kosovo man pleads guilty to running online criminal marketplace BlackDB

 | 

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

 | 

Jaguar Land Rover discloses a data breach after recent cyberattack

 | 

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

 | 

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

 | 

KillSec Ransomware is Attacking Healthcare Institutions in Brazil

 | 

Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

 | 

SAP September 2025 Patch Day fixed 4 critical flaws

 | 

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

 | 

LunaLock Ransomware threatens victims by feeding stolen data to AI models

 | 

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 59

Pierluigi Paganini August 24, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

Hunt.io Exposes and Analyzes ERMAC V3.0 Banking Trojan Full Source Code Leak  

Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824

Supply Chain Risk in Python: Termncolor and Colorinal Explained      

Noodlophile Stealer Evolves: Targeted Copyright Phishing Hits Enterprises with Social Media Footprints  

Dissecting PipeMagic: Inside the architecture of a modular backdoor framework  

GodRAT – New RAT targeting financial institutions 

Preventing Domain Resurrection Attacks  

Patching for persistence: How DripDropper Linux malware moves through the cloud 

Finding Malware: DIRTYBULK and Friends – USB Infections To Fuel Cybercriminal Coinmining Operations  

Falcon Platform Prevents COOKIE SPIDER’s SHAMOS Delivery on macOS 

SaMOSA: Sandbox for Malware Orchestration and Side-Channel Analysis

Evasive Ransomware Attacks Using Low-level Behavioral Adversarial Examples

Demystifying the Role of Rule-based Detection in AI Systems for Windows Malware

Automated Malware Source Code Generation via Uncensored LLMs and Adversarial Evasion of Censored Model

Cyber-Attacks on Energy Infrastructure—A Literature Overview and Perspectives on the Current Situation

APT36: Targets Indian BOSS Linux Systems with Weaponized AutoStart Files

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, NEWSLETTER)

Cybercrime data breach Hacking hacking news information security news IT Information Security malware Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini September 14, 2025
ShinyHunters Attack National Credit Information Center of Vietnam
Read more
Pierluigi Paganini September 13, 2025
FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

ShinyHunters Attack National Credit Information Center of Vietnam

Cyber Crime / September 14, 2025

FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

Cyber Crime / September 13, 2025

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

Malware / September 13, 2025

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

Security / September 12, 2025

Samsung fixed actively exploited zero-day

Hacking / September 12, 2025