Breaking News

Pierluigi Paganini May 28, 2025
Iranian Man pleaded guilty to role in Robbinhood Ransomware attacks

Iranian man pleads guilty to role in Baltimore ransomware attack tied to Robbinhood, admitting to computer and wire fraud conspiracy. Iranian national Sina Gholinejad pleaded guilty to his role in a Robbinhood ransomware scheme that hit U.S. cities, including Baltimore and Greenville. The attacks caused major disruptions and over $19 million in damages to Baltimore […]

Pierluigi Paganini May 27, 2025
DragonForce operator chained SimpleHelp flaws to target an MSP and its customers

Sophos warns that a DragonForce ransomware operator chained three vulnerabilities in SimpleHelp to target a managed service provider. Sophos researchers reported that a DragonForce ransomware operator exploited three chained vulnerabilities in SimpleHelp software to attack a managed service provider. SimpleHelp is a remote support and access software designed for IT professionals and support teams. It […]

Pierluigi Paganini May 27, 2025
Russia-linked APT Laundry Bear linked to 2024 Dutch Police attack

A new Russia-linked APT group, tracked as Laundry Bear, has been linked to a Dutch police security breach in September 2024. Netherlands General Intelligence and Security Service (AIVD) and the Netherlands Defence Intelligence and Security Service (MIVD) have linked a previously undetected Russia-linked group, tracked Laundry Bear (aka Void Blizzard), to a 2024 police breach. […]

Pierluigi Paganini May 27, 2025
Nova Scotia Power confirms it was hit by ransomware attack but hasn’t paid the ransom

Nova Scotia Power confirms it was hit by a ransomware attack but hasn’t paid the ransom, nearly a month after first disclosing the cyberattack. Nova Scotia Power confirmed it was hit by a ransomware attack nearly a month after disclosing a cyber incident. The company revealed it hasn’t paid the ransom. Nova Scotia Power Inc. is […]

Pierluigi Paganini May 27, 2025
Crooks stole over $200 million from crypto exchange Cetus Protocol

Cetus Protocol reported a $223 million crypto theft and is offering to drop legal action if the stolen funds are returned. Last week, threat actors stole about $223 million from decentralized crypto exchange Cetus. The platform was paused during the investigation and later confirmed the cyber heist. The company confirmed that it has successfully paused […]

Pierluigi Paganini May 26, 2025
Marlboro-Chesterfield Pathology data breach impacted 235,911 individuals

SafePay ransomware hit Marlboro-Chesterfield Pathology, stealing personal data of 235,000 people in a major breach. SafePay ransomware hit Marlboro-Chesterfield Pathology, stealing personal data of 235,000 people in a major breach at the North Carolina-based lab. Marlboro-Chesterfield Pathology (MCP), founded in 1990 in Pinehurst, NC, is a full-service lab offering molecular, cytology, and pathology testing. Known […]

Pierluigi Paganini May 26, 2025
China-linked APT UNC5221 started exploiting Ivanti EPMM flaws shortly after their disclosure

China-linked APT exploit Ivanti EPMM flaws to target critical sectors across Europe, North America, and Asia-Pacific, according to EclecticIQ. Researchers from EclecticIQ observed a China-linked APT group that chained two Ivanti EPMM flaws, tracked as CVE-2025-4427 and CVE-2025-4428, in attacks against organizations in Europe, North America, and Asia-Pacific. Below is the description of the flaws: […]

Pierluigi Paganini May 26, 2025
Fake software activation videos on TikTok spread Vidar, StealC

Crooks use TikTok videos with fake tips to trick users into running commands that install Vidar and StealC malware in ClickFix attacks. Cybercriminals leverage AI-generated TikTok videos in ClickFix attacks to spread Vidar and StealC malware, reports Trend Micro. These videos trick users into running PowerShell commands disguised as software activation steps for tools like […]

Pierluigi Paganini May 25, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 46

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang RVTools Bumblebee Malware Attack – How a Trusted IT Tool Became a Malware Delivery Vector   Malicious ‘Checker’ Packages on PyPI Probe TikTok and Instagram for Valid Accounts […]

Pierluigi Paganini May 25, 2025
Security Affairs newsletter Round 525 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Silent Ransom Group targeting law firms, the FBI warns Leader of Qakbot cybercrime network indicted in U.S. […]