Pierluigi Paganini
October 15, 2025
Resecurity’s new report details how the Qilin RaaS group relies on global bulletproof hosting networks to support its extortion operations. The following new report by Resecurity will explore the Qilin ransomware-as-a-service (RaaS) operation’s reliance on bullet-proof-hosting (BPH) infrastructures, with an emphasis on a network of rogue providers based in different parts of the world. Qilin […]
Pierluigi Paganini
October 15, 2025
F5 disclosed that a sophisticated nation-state actor breached its systems, stealing BIG-IP source code and data on undisclosed product vulnerabilities. Cybersecurity firm F5 disclosed that a highly sophisticated nation-state actor in August 2025 threat actors breached its systems and stole BIG-IP’s source code and information related to undisclosed vulnerabilities. The attackers accessed the company’s BIG-IP […]
Pierluigi Paganini
October 15, 2025
About 200K Linux systems from Framework shipped with signed UEFI components vulnerable to Secure Boot bypass, allowing bootkit installation and persistence. Firmware security company Eclypsium warns that about 200,000 Linux systems from Framework are shipped with signed UEFI components vulnerable to Secure Boot bypass, allowing bootkit installation and persistence. The experts pointed out that signed […]
Pierluigi Paganini
October 15, 2025
SAP addressed 13 new flaws, including a maximum severity vulnerability in SAP NetWeaver, which could lead to arbitrary command execution. SAP addressed 13 new vulnerabilities, including a maximum severity issue, tracked as CVE-2025-42944 (CVSS score of 10.0) in SAP NetWeaver. The vulnerability is an insecure deserialization that could lead to arbitrary command execution. “Due to a deserialization […]
Pierluigi Paganini
October 15, 2025
Researchers found nearly half of geostationary satellites leak unencrypted data, exposing consumer, corporate, and military communications. A group of researchers from UC San Diego and the University of Maryland found nearly half of geostationary satellites transmit unencrypted data, exposing sensitive consumer, corporate, and military communications to interception. The researchers used an $800 satellite receiver for […]
Pierluigi Paganini
October 15, 2025
China-linked cyberespionage group Flax Typhoon hijacked an ArcGIS system for over a year and used it as a backdoor. China-linked APT group Flax Typhoon (aka Ethereal Panda or RedJuliett) compromised an ArcGIS system for over a year, using it as a backdoor. ArcGIS, a key GIS platform for mapping and analysis, supports vital services like […]
Pierluigi Paganini
October 14, 2025
A botnet of 100K+ IPs from multiple countries is attacking U.S. RDP services in a campaign active since October 8. GreyNoise researchers uncovered a large-scale botnet that is targeting Remote Desktop Protocol (RDP) services in the United States starting on October 8. The company discovered the botnet after detecting an unusual spike in Brazilian IP […]
Pierluigi Paganini
October 14, 2025
Harvard University confirmed being targeted in the Oracle EBS campaign after the Cl0p ransomware group leaked 1.3 TB of data. Harvard University confirmed it was targeted in the Oracle E-Business Suite campaign after the Cl0p ransomware group listed it on its leak site. The cybercrime group claimed to have leaked 1.3 TB of data allegedly […]
Pierluigi Paganini
October 14, 2025
The UK’s NCSC handled 429 cyberattacks from Sept 2024–Aug 2025, including 204 nationally significant cases, over double the previous year’s total. The UK’s National Cyber Security Centre (NCSC) reported a record surge in major cyberattacks, responding to 429 incidents from September 2024 to August 2025, including 204 deemed “nationally significant”, more than double the previous […]
Pierluigi Paganini
October 14, 2025
SpyChain shows how unverified COTS hardware in small satellites can enable persistent, multi-component supply chain attacks using NASA’s NOS3 simulator. The rise of small satellites has transformed scientific, commercial, and defense operations. Using commercial off-the-shelf (COTS) parts makes them cheaper and faster to build but also introduces new, poorly understood security risks unique to space […]
Hacking / October 30, 2025
