MUST READ

Microsoft mitigated the largest cloud DDoS ever recorded, 15.7 Tbps

 | 

Jaguar Land Rover confirms major disruption and ÂŁ196M cost from September cyberattack

 | 

North Korean threat actors use JSON sites to deliver malware via trojanized code

 | 

RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025

 | 

Five admit helping North Korea evade sanctions through IT worker schemes

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71

 | 

Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack

 | 

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely

 | 

Millions of sites at risk from Imunify360 critical flaw exploit

 | 

Critical FortiWeb flaw under attack, allowing complete compromise

 | 

Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs

 | 

Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

 | 

Chrome extension “Safery” steals Ethereum wallet seed phrases

 | 

A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet

 | 

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days

 | 

Google sues cybercriminal group Smishing Triad

 | 

New Danabot Windows version appears in the threat landscape after May disruption

 | 

Breaking News

Pierluigi Paganini March 14, 2017
Facebook and Instagram will not allow developers from scanning social media profiles for surveillance

Facebook company and Instagram will not allow developers scanning their social media profiles for surveillance activities. Facebook and it app Instagram have updated the terms and conditions to prevent developers from scanning social media profiles for surveillance activities. A report recently published revealed the US Department of Homeland Security used software to scan social media […]

Pierluigi Paganini March 13, 2017
New variant of the macOS Proton RAT advertised on Russian cybercrime underground

Experts from security firm Sixgill have discovered a new strain of the macOS Proton RAT that is offered for sale on Russian cybercrime underground. The Dark Web is the right place where to find any kind of illegal products and services, malware such as banking trojan and spyware are very popular in cyber criminal underground. Recently a […]

Pierluigi Paganini March 13, 2017
The CVE-2017-5638 Apache Struts 2 command execution flaw affects Cisco products

On Friday, Cisco confirmed that at least some of its products are affected by an Apache Struts 2 command execution vulnerability tracked as CVE-2017-5638. The CVE-2017-5638 remote code execution zero-day has been exploiting by attackers in the wild, it affects Struts 2.3.5 through 2.3.31 and Struts 2.5 through 2.5.10. According to the experts from Cisco Talos, the […]

Pierluigi Paganini March 13, 2017
Michael Hastings crash, incident or assassination? New doubts after Wikileaks Vault 7 leak

Was Michael Hastings a victim of the CIA hacking tools? Wikileaks Vault 7 data leak reveals the ability of the Agency of car hacking. This is the story of the mysterious death of Michael Hastings, an American journalist, who rose to prominence with his coverage of the Iraq War for Newsweek in the 2000s. But to better […]

Pierluigi Paganini March 13, 2017
CHIPSEC, Intel Security releases detection tool also for CIA EFI rootkits

After CIA leak, Intel Security releases CHIPSEC, a detection tool for EFI rootkits that detect rogue binaries inside the computer firmware. A few days ago, WikiLeaks announced it is working with software makers to fix the zero-day flaws in Vault7 dump that impacted their products and services. The organization is sharing information on the hacking tools […]

Pierluigi Paganini March 12, 2017
Security Affairs newsletter Round 103 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. First of all, let me inform you that at the #infosec16 SecurityAffairs was awarded as The Best European Personal Security Blog http://securityaffairs.co/wordpress/48202/breaking-news/securityaffairs-best-european-personal-security-blog.html ·        Metasploit team released Metasploit Vulnerable Services Emulator ·        Security Affairs newsletter Round 102 – News of […]

Pierluigi Paganini March 12, 2017
ELF_IMEIJ, a new Linux malware is spreading in the wild

Security experts from Trend Micro discovered a new family of Linux malware, tracked as ELF_IMEIJ, targeting AVTech surveillance devices. Security experts from Trend Micro discovered a new family of Linux malware that is targeting products from surveillance technology company AVTech exploiting a CGI vulnerability that was disclosed in 2016. According to Trend Micro, the flaw was […]

Pierluigi Paganini March 11, 2017
Danish-speaking users hit by malware spread via Dropbox links

Danish-speaking users were infected by malware spread through Dropbox, but the company quickly adopted the countermeasures to stop the attack. According to the experts from security firm AppRiver, Danish-speaking users were hit by an unusual malware-based attack. The attack hit Denmark, Germany, and several surrounding Scandinavian countries on Wednesday morning. Danish-speaking users were infected by malware spread through […]

Pierluigi Paganini March 11, 2017
Check Point experts spotted pre-Installed Android Malware on 38 Android devices

Experts discovered pre-installed malware on 38 high-end smartphone models belonging to popular manufacturing companies such as Samsung, LG, Xiaomi and Asus. In the past, security experts have already reported cases of pre-installed malware on mobile devices. In September 2015, security experts at G-Data security firm discovered new cases of Chinese Android mobile devices infected by […]

Pierluigi Paganini March 11, 2017
WikiLeaks is working with software makers on Zero-Days included in the Vault7 dump

WikiLeaks announced is working with software makers on Zero-Days by sharing information on the hacking tools included in the Vault7 dump with them. WikiLeaks announced on Tuesday that it has obtained thousands of files allegedly originating from a high-security network of the U.S. Central Intelligence Agency (CIA). The Wikileaks dump, called “Vault7,” exposed the hacking […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft mitigated the largest cloud DDoS ever recorded, 15.7 Tbps

Breaking News / November 17, 2025

Jaguar Land Rover confirms major disruption and ÂŁ196M cost from September cyberattack

Security / November 17, 2025

North Korean threat actors use JSON sites to deliver malware via trojanized code

Cyber warfare / November 17, 2025

RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025

Malware / November 17, 2025

Five admit helping North Korea evade sanctions through IT worker schemes

Cyber Crime / November 16, 2025