MUST READ

Cloudflare blocked a record 11.5 Tbps DDoS attack

 | 

Palo Alto Networks disclose a data breach linked to Salesloft Drift incident

 | 

Von der Leyen’s plane hit by suspected Russian GPS Jamming in Bulgaria, landed Safely

 | 

Supply-chain attack hits Zscaler via Salesloft Drift, leaking customer info

 | 

Crooks exploit Meta malvertising to target Android users with Brokewell

 | 

North Korea’s APT37 deploys RokRAT in new phishing campaign against academics

 | 

Fraudster stole over $1.5 million from city of Baltimore

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 60

 | 

Security Affairs newsletter Round 539 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Amazon blocks APT29 campaign targeting Microsoft device code authentication

 | 

Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships

 | 

New zero-click exploit allegedly used to hack WhatsApp users

 | 

US and Dutch Police dismantle VerifTools fake ID marketplace

 | 

Experts warn of actively exploited FreePBX zero-day

 | 

Google: Salesloft Drift breach hits all integrations

 | 

Dutch intelligence warn that China-linked APT Salt Typhoon targeted local critical infrastructure

 | 

200 Swedish municipalities impacted by a major cyberattack on IT provider

 | 

TransUnion discloses a data breach impacting over 4.4 million customers

 | 

NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs

 | 

UNC6395 targets Salesloft in Drift OAuth token theft campaign

 | 

LATEST NEWS

VIEW ALL
Malware
Duqu Trojan, Stuxnet-derived malware
Pierluigi Paganini November 02, 2011

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...

Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

ESET warns of PromptLock, the first AI-driven ransomware
August 27, 2025
NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs
August 28, 2025
Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships
August 30, 2025
New zero-click exploit allegedly used to hack WhatsApp users
August 29, 2025
Crooks exploit Meta malvertising to target Android users with Brokewell
September 01, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Cyber Crime

Cloudflare blocked a record 11.5 Tbps DDoS attack

September 02, 2025

Data Breach
Palo Alto Networks disclose a data breach linked to Salesloft Drift incident

September 02, 2025

Cyber warfare
Von der Leyen’s plane hit by suspected Russian GPS Jamming in Bulgaria, landed Safely

September 02, 2025

Data Breach
Supply-chain attack hits Zscaler via Salesloft Drift, leaking customer info

September 01, 2025

Malware
Crooks exploit Meta malvertising to target Android users with Brokewell

September 01, 2025

recent articles

Cyber Crime
Cloudflare blocked a record 11.5 Tbps DDoS attack

Cloudflare blocked a record 11.5 Tbps DDoS attack, a UDP flood from Google Cloud, part of weeks-long assault waves. Cloudflare announced on X that it had blocked the largest ever DDoS attack, peak ...

Pierluigi Paganini September 02, 2025
Data Breach
Palo Alto Networks disclose a data breach linked to Salesloft Drift incident

Palo Alto Networks hit by Drift-linked supply-chain attack, exposing Salesforce customer data and support cases via stolen OAuth tokens. Palo Alto Networks is another victim of the Salesloft Drift ...

Pierluigi Paganini September 02, 2025
Cyber warfare
Von der Leyen’s plane hit by suspected Russian GPS Jamming in Bulgaria, landed Safely

Von der Leyen’s plane faced suspected Russian GPS jamming in Bulgaria, but the EU chief landed safely, says European Commission. The EU confirmed that Ursula von der Leyen’s plane experienced ...

Pierluigi Paganini September 02, 2025
Data Breach
Supply-chain attack hits Zscaler via Salesloft Drift, leaking customer info

Zscaler breach tied to Salesloft Drift attack exposed Salesforce data, leaking customer info and support case details in a supply-chain compromise. Zscaler discloses a data breach that is linked t ...

Pierluigi Paganini September 01, 2025
Malware
Crooks exploit Meta malvertising to target Android users with Brokewell

Cybercriminals spread Brokewell via fake TradingView Premium ads on Meta, stealing crypto and data with remote control since July 2024. Bitdefender warns threat actors are abusing Meta ads to spre ...

Pierluigi Paganini September 01, 2025
APT
North Korea’s APT37 deploys RokRAT in new phishing campaign against academics

ScarCruft (APT37) launches Operation HanKook Phantom, a phishing campaign using RokRAT to target academics, ex-officials, and researchers. Cybersecurity firm Seqrite Labs uncovered a phishing camp ...

Pierluigi Paganini September 01, 2025
Cyber Crime
Fraudster stole over $1.5 million from city of Baltimore

Scammer stole $1.5M from Baltimore by posing as a vendor and tricking staff into changing bank account details. A scammer stole over $1.5M from Baltimore city by spoofing a vendor and convincing s ...

Pierluigi Paganini September 01, 2025
Uncategorized
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 60

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter The Resurgence of IoT Malware: Inside th ...

Pierluigi Paganini August 31, 2025
Breaking News
Security Affairs newsletter Round 539 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini August 31, 2025
APT
Amazon blocks APT29 campaign targeting Microsoft device code authentication

Amazon stopped a Russia-linked APT29 watering hole attack that hijacked Microsoft device code authentication via compromised sites. Amazon announced that it had disrupted an opportunistic watering ...

Pierluigi Paganini August 31, 2025
Hacking
Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships

Lab Dookhtegan hacking group allegedly disrupted communications of 60 Iranian ships run by sanctioned firms NITC and IRISL. The hacking group Lab Dookhtegan allegedly disrupted the communication ...

Pierluigi Paganini August 30, 2025
Intelligence
New zero-click exploit allegedly used to hack WhatsApp users

WhatsApp warns users targeted by advanced spyware, sending threat notifications to affected individuals from the past 90 days. A new zero-click exploit used to hack WhatsApp users, reported Donnch ...

Pierluigi Paganini August 29, 2025
Cyber Crime
US and Dutch Police dismantle VerifTools fake ID marketplace

US and Dutch authorities shut down VerifTools, a major fake ID marketplace selling documents to bypass KYC checks and access accounts. Law enforcement in the US and the Netherlands dismantled Veri ...

Pierluigi Paganini August 29, 2025
Hacking
Experts warn of actively exploited FreePBX zero-day

Sangoma warns of an actively exploited FreePBX zero-day affecting systems with publicly exposed admin control panels. The Sangoma FreePBX Security Team addressed an actively exploited FreePBX zero ...

Pierluigi Paganini August 29, 2025
Cyber Crime
Google: Salesloft Drift breach hits all integrations

Google warns that Salesloft Drift OAuth breach affects all integrations, not just Salesforce. All tokens should be treated as compromised. Google disclosed that the Salesloft Drift OAuth breach is ...

Pierluigi Paganini August 29, 2025
APT
Dutch intelligence warn that China-linked APT Salt Typhoon targeted local critical infrastructure

Dutch intelligence reports Chinese cyber spies (Salt Typhoon, RedMike) targeted the Netherlands, hitting critical infrastructure. The Dutch intelligence and security services MIVD and AIVD say Chi ...

Pierluigi Paganini August 29, 2025
Security
200 Swedish municipalities impacted by a major cyberattack on IT provider

Cyberattack on Miljödata disrupted services in over 200 Swedish municipalities, with concerns over stolen sensitive data. A cyberattack on Miljödata, an IT supplier serving 80% of Swedish munici ...

Pierluigi Paganini August 28, 2025
Data Breach
TransUnion discloses a data breach impacting over 4.4 million customers

TransUnion reported a data breach in which threat actors accessed personal information of over 4.4 million customers. TransUnion disclosed a data breach that impacted more than 4,461,511 customers ...

Pierluigi Paganini August 28, 2025
Intelligence
NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs

NSA and allies warn that Chinese APT actors, including Salt Typhoon, are targeting critical infrastructure worldwide. The U.S. National Security Agency (NSA), the UK's National Cyber Security Cent ...

Pierluigi Paganini August 28, 2025
Hacking
UNC6395 targets Salesloft in Drift OAuth token theft campaign

Hackers breached Salesloft to steal OAuth/refresh tokens for Drift AI chat; GTIG and Mandiant link the campaign to threat actor UNC6395. Google Threat Intelligence Group and Mandiant researchers i ...

Pierluigi Paganini August 28, 2025