Breaking News Archives - Security Affairs

Pierluigi Paganini August 13, 2025

Charon Ransomware targets Middle East with APT attack methods

New Charon ransomware targets Middle East public sector and aviation, using APT-style tactics, EDR evasion, and victim-specific ransom notes. Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East’s public sector and aviation industry. The threat actor behind the activity, according to Trend Micro, […]

Pierluigi Paganini August 13, 2025

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

Hackers leaked 2.8M sensitive records from Allianz Life, exposing data on business partners and customers in ongoing Salesforce data theft attacks. Hackers leaked 2.8 million sensitive records of US insurance giant Allianz Life, exposing data on business partners and customers as part of ongoing Salesforce data theft attacks. At the end of July, Allianz Life […]

Pierluigi Paganini August 12, 2025

August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day

Microsoft Patch Tuesday security updates for August 2025 fixed 107 flaws, including a publicly disclosed Windows Kerberos zero-day. Microsoft Patch Tuesday security updates for August 2025 fixed 107 vulnerabilities in Windows and Windows Components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, GitHub Copilot, Dynamics 365, SQL Server, and Hyper-V Server. 12 vulnerabilities are rated […]

Pierluigi Paganini August 12, 2025

Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs

Dutch NCSC warns CVE-2025-6543 Citrix bug, a memory overflow flaw, is being exploited to breach critical organizations in the Netherlands. The Dutch NCSC warns that the critical Citrix NetScaler flaw CVE-2025-6543 has been exploited to breach critical organizations in the Netherlands. Dutch NCSC experts pointed out that CVE-2025-6543 was exploited for remote code execution. Threat […]

Pierluigi Paganini August 12, 2025

Researchers cracked the encryption used by DarkBit ransomware

Researchers at cybersecurity firm Profero cracked DarkBit ransomware encryption, allowing victims to recover files for free. Good news for the victims of the DarkBit ransomware, researchers at cybersecurity firm Profero cracked the encryption process, allowing victims to recover files for free without paying the ransom. However, at this time, the company has yet to release […]

Pierluigi Paganini August 11, 2025

Chrome sandbox escape nets security researcher $250,000 reward

Researcher earns Google Chrome ’s top $250K bounty for a sandbox escape vulnerability enabling remote code execution. A researcher who goes online with the moniker ‘Micky’ earned $250,000 from Google for reporting a high-severity Chrome vulnerability. The flaw, tracked as CVE-2025-4609, resides in the Mojo IPC system, an attacker can exploit the flaw to escape […]

Pierluigi Paganini August 11, 2025

Smart Buses flaws expose vehicles to tracking, control, and spying

Researchers showed how hackers can exploit flaws in a bus’ onboard and remote systems for tracking, control and spying. Researchers Chiao-Lin ‘Steven Meow’ Yu of Trend Micro Taiwan and Kai-Ching ‘Keniver’ Wang of CHT Security, found that vulnerabilities in smart bus systems could let hackers remotely track, control, or spy on vehicles, exposing risks from […]

Pierluigi Paganini August 11, 2025

MedusaLocker ransomware group is looking for pentesters

MedusaLocker ransomware gang announced on its Tor data leak site that it is looking for new pentesters. MedusaLocker is a ransomware strain that was first observed in late 2019, it encrypts files on infected systems and demands a ransom, usually in cryptocurrency, for their decryption. The group operates as Ransomware-as-a-Service (RaaS), meaning affiliates can rent […]

Pierluigi Paganini August 10, 2025

Google confirms Salesforce CRM breach, faces extortion threat

Google disclosed a Salesforce Customer Relationship Management (CRM) breach exposing data of some prospective Google Ads customers. Google confirmed a breach in a Salesforce CRM instance affecting the data of prospective Google Ads customers. The website Databreaches.net reported that the attackers have sent an extortion demand to the Tech giant. Google Threat Intelligence Group confirmed that […]

Pierluigi Paganini August 10, 2025

BadCam: Linux-based Lenovo webcam bugs enable BadUSB attacks

Lenovo webcam flaws, dubbed BadCam, let attackers turn them into BadUSB devices to inject keystrokes and launch OS-independent attacks. Eclypsium researchers found vulnerabilities in some Lenovo webcams, collectively dubbed BadCam, that could let attackers turn them into BadUSB devices to inject keystrokes and launch OS-independent attacks. Principal security researchers Jesse Michael and Mickey Shkatov demonstrated […]

Breaking News

Charon Ransomware targets Middle East with APT attack methods

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day

Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs

Researchers cracked the encryption used by DarkBit ransomware

Chrome sandbox escape nets security researcher $250,000 reward

Smart Buses flaws expose vehicles to tracking, control, and spying

MedusaLocker ransomware group is looking for pentesters

Google confirms Salesforce CRM breach, faces extortion threat

BadCam: Linux-based Lenovo webcam bugs enable BadUSB attacks

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Charon Ransomware targets Middle East with APT attack methods

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

SAP fixed 26 flaws in August 2025 Update, including 4 Critical

August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day

Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs

QUICK LINKS

Breaking News

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!