Security Affairs newsletter Round 185 – News of the week

newsletter

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal

20% discount

Kindle Edition

Once again thank you!

· Ex-NASA contractor pleaded guilty for cyberstalking crimes

· Expert released PoC Code Microsoft Edge Remote Code Execution flaw

· Microsoft fixed the Zero-Day for JET flaw, but the fix is incomplete

· A Russian cyber vigilante is patching outdated MikroTik routers exposed online

· Branch.io Flaws may have affected as many as 685 million individuals

· Online market for counterfeit goods in Russia has reached $1,5 billion

· Russia-linked BlackEnergy backed new cyber attacks on Ukraines state bodies

· 35 million US voter records available for sale in a hacking forum

· A simple message containing certain symbols could crash the Sony PlayStation 4

· Expert disclosed a new passcode bypass to access photos and contacts on a locked iPhone

· How Cybercriminals are Targeting free Wi-Fi Users?

· Russia-linked APT group DustSquad targets diplomatic entities in Central Asia

· A crippling ransomware attack hit a water utility in the aftermath of Hurricane Florence

· Brazil expert discovers Oracle flaw that allows massive DDoS attacks

· MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

· Thousands of servers easy to hack due to a LibSSH Flaw

· VMware addressed Code Execution Flaw in its ESXi, Workstation, and Fusion products

· Chaining three critical vulnerabilities allows takeover of D-Link routers

· GreyEnergy cyberespionage group targets Poland and Ukraine

· Group-IB: 14 cyber attacks on crypto exchanges resulted in a loss of $882 million

· The author of the LuminosityLink RAT sentenced to 30 Months in Prison

· Attackers behind Operation Oceansalt reuse code from Chinese Comment Crew

· Drupal dev team fixed Remote Code Execution flaws in the popular CMS

· Splunk addressed several vulnerabilities in Enterprise and Light products

· Syrian victims of the GandCrab ransomware can decrypt their files for free

· Thousands of applications affected by a zero-day issue in jQuery File Upload plugin

[adrotate banner=”9″]	[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Next Hackers breached into system that interacts with HealthCare.gov »

Previous « WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Published by

Pierluigi Paganini

Tags: CybercrimeHackingmalwareNewsletterPierluigi PaganiniSecurityAffairs

7 years ago

Recent Posts

Data Breach

Texas Department of Transportation (TxDOT) data breach exposes 300,000 crash reports

Hackers breached Texas DOT (TxDOT), stealing 300,000 crash reports with personal data from its Crash…

5 hours ago

Security

SAP June 2025 Security Patch Day fixed critical NetWeaver bug

SAP fixed a critical NetWeaver flaw that let attackers bypass authorization and escalate privileges. Patch…

8 hours ago

Hacking

U.S. CISA adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws…

12 hours ago

Malware

Mirai botnets exploit Wazuh RCE, Akamai warned

Mirai botnets are exploiting CVE-2025-24016, a critical remote code execution flaw in Wazuh servers, Akamai…

15 hours ago

APT

China-linked threat actor targeted +70 orgs worldwide, SentinelOne warns

China-linked threat actor targeted over 70 global organizations, including governments and media, in cyber-espionage attacks…

18 hours ago

Cyber Crime

DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam

US seeks to seize $7.74M in crypto linked to North Korean fake IT worker schemes,…

1 day ago