MUST READ

Cyber attacks fuel surge in cargo theft across logistics industry

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93

 | 

Security Affairs newsletter Round 573 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware

 | 

Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks

 | 

Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access

 | 

Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western Intelligence

 | 

DraftKings hacker sentenced to prison, ordered to pay $1.4 Million

 | 

Operation PowerOFF: 53 DDoS domains seized and 3 Million criminal accounts uncovered

 | 

Inside ZionSiphon: politically driven malware aims at Israeli water systems

 | 

U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog

 | 

Cisco fixed four critical flaws in Identity Services and Webex

 | 

Cookeville Regional Medical Center hospital data breach impacts 337,917 people

 | 

AI platform n8n abused for stealthy phishing and malware delivery

 | 

From clinics to government: UAC-0247 expands cyber campaign across Ukraine

 | 

Sweden reports cyberattack attempt on heating plant amid rising energy threats

 | 

CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access

 | 

U.S. CISA adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog

 | 

Mirax malware campaign hits 220K accounts, enables full remote control

 | 

PHP Composer flaws enable remote command execution via Perforce VCS

 | 

Breaking News

Pierluigi Paganini March 06, 2025
The U.S. DoJ charges 12 Chinese nationals for state-linked cyber operations

The U.S. Department of Justice (DoJ) charges 12 Chinese nationals for their alleged involvement in state-linked cyber operations. The U.S. DoJ charged 12 Chinese nationals, including PRC security officers, employees of the hacking firm i-Soon, and members of the APT27 group (aka Emissary Panda, TG-3390, Bronze Union, and Lucky Mouse), for data theft and suppressing dissent worldwide. “The Justice […]

Pierluigi Paganini March 05, 2025
Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 TB of stolen data. The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. The group claims the theft of 1.4 terabytes of data and is threatening to leak it. The […]

Pierluigi Paganini March 05, 2025
New Eleven11bot botnet infected +86K IoT devices

The Eleven11bot botnet has infected over 86,000 IoT devices, mainly security cameras and network video recorders (NVRs). Researchers from Nokia Deepfield Emergency Response Team (ERT) discovered a new botnet named Eleven11bot that has already infected over 86,000 IoT devices. Most infected devices are security cameras and network video recorders (NVRs), which are used to launch […]

Pierluigi Paganini March 05, 2025
Polish Space Agency POLSA disconnected its network following a cyberattack

The Polish space agency POLSA announced it has disconnected its network from the internet following a cyberattack. The Polish space agency POLSA was forced to disconnect its network from the internet in response to a cyberattack. The agency revealed that it has disconnected its infrastructure to contain the attack and secure data, a circumstance that […]

Pierluigi Paganini March 05, 2025
U.S. CISA adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The first issue, tracked as CVE-2024-50302, was addressed by Google with the release of the Android […]

Pierluigi Paganini March 04, 2025
VMware fixed three actively exploited zero-days in ESX products

Broadcom has addressed three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. Broadcom released security updates to address three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. The flaws, respectively tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, impact multiple VMware ESX products, including VMware ESXi, vSphere, […]

Pierluigi Paganini March 04, 2025
Digital nomads and risk associated with the threat of infiltred employees

Companies face the risk of insider threats, worsened by remote work. North Korean hackers infiltrate firms via fake IT hires, stealing data. Stronger vetting is key. In an increasingly connected and digitalized world, companies are facing new security challenges. The insider threat, or the risk that an employee could harm the company, is a growing […]

Pierluigi Paganini March 04, 2025
Google fixed two actively exploited Android flaws

Android March 2025 security update addresses over 40 vulnerabilities, including two flaws actively exploited in attacks in the wild. Android March 2025 security update addressed over 40 vulnerabilities, including two flaws, respectively tracked as CVE-2024-43093 and CVE-2024-50302, which are actively exploited in attacks in the wild. “There are indications that the following may be under […]

Pierluigi Paganini March 04, 2025
Mass exploitation campaign hit 4,000+ ISP networks to deploy info stealers and crypto miners

A massive attack targets ISPs in China and the U.S. West Coast to deploy info stealers and crypto miners on compromised systems. The Splunk Threat Research Team discovered a mass exploitation campaign from Eastern Europe targeting ISPs in China and the U.S. West Coast to deploy info stealers and crypto miners. Threat actors use weak […]

Pierluigi Paganini March 04, 2025
CISA maintains stance on Russian cyber threats despite policy shift

US CISA confirms no change in defense against Russian cyber threats despite the Trump administration’s pause on offensive operations. US CISA stated there is no change in defending against Russian cyber threats, despite the Trump administration’s temporary pause on offensive cyber operations. US Defense Secretary Pete Hegseth has recently ordered US Cyber Command to pause […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Cyber attacks fuel surge in cargo theft across logistics industry

Security / April 19, 2026

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93

Security / April 19, 2026

Security Affairs newsletter Round 573 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / April 19, 2026

Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware

Security / April 18, 2026

Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks

Malware / April 18, 2026