Pierluigi Paganini
December 09, 2025
Mirai-based Broadside botnet targets vulnerable TBK Vision DVRs, posing a potential threat to the maritime logistics sector, Cydome warns. Cydome researchers have identified a new Mirai botnet variant dubbed Broadside that is targeting the maritime logistics sector by exploiting the command injection vulnerability CVE-2024-3721 in TBK DVR devices used on vessels. “Cydome’s Cybersecurity Research Team has identified […]
Pierluigi Paganini
December 09, 2025
Poland arrested three Ukrainian nationals accused of using hacking devices to target IT systems and obtain sensitive defense-related data. Polish police arrested three Ukrainian nationals for allegedly trying to damage IT systems and obtaining sensitive defense-related data using advanced hacking equipment. The police arrested three Ukrainian men after finding Flipper hacking gear, spy-device detectors, SIM […]
Pierluigi Paganini
December 09, 2025
Ransomware payments reported to FinCEN exceeded $4.5B by 2024, with 2023 marking a record year at $1.1B across 1,512 incidents. FinCEN analyzed ransomware trends using Bank Secrecy Act (BSA) reports filed from January 2022 to February 2025. During this period, organizations reported 4,194 ransomware incidents and more than $2.1 billion in payments. For comparison, from […]
Pierluigi Paganini
December 08, 2025
The FBI warns of criminals altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom scams. The FBI warns that criminals are altering publicly available photos to create fake “proof-of-life” images used in virtual kidnapping scams, posing as kidnappers and demanding ransom. “The Federal Bureau of […]
Pierluigi Paganini
December 08, 2025
Clop ransomware stole data from Barts Health NHS after exploiting a zero-day in its Oracle E-Business Suite. Barts Health NHS confirmed that Clop ransomware group stole data by exploiting zero-day CVE-2025-61882 in its Oracle E-Business Suite. The cybercrime group added the organization to its dark web data leak site and leaked the stolen information. The […]
Pierluigi Paganini
December 07, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287) Shai-Hulud 2.0 Supply Chain Attack: 25K+ npm Repos Exposed Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications Morphisec Thwarts Russian-Linked […]
Pierluigi Paganini
December 04, 2025
Hackers breached fintech firm Marquis, stealing personal and financial data, the security breach impacted over 780,000 people. Hackers breached fintech firm Marquis and stole personal and financial data, including names, addresses, SSNs, and card numbers, impacting over 780,000 people. Marquis is a Texas-based fintech and software firm that provides data-driven marketing, customer data platforms, analytics, […]
Pierluigi Paganini
December 04, 2025
ASUS confirms a third-party breach after Everest leaks sample data. Hackers also claim ArcSoft and Qualcomm. ASUS says a third-party breach exposed data after Everest ransomware leaked samples, claiming they have hacked ASUS, ArcSoft, and Qualcomm. ASUS says a supplier breach exposed some phone camera source code but did not affect products, internal systems, or […]
Pierluigi Paganini
December 04, 2025
Cloudflare blocked a record 29.7 Tbps DDoS attack from the AISURU botnet. The 69-second attack set a new high, though the target remains undisclosed. Cloudflare stopped a record 29.7 Tbps DDoS attack from the AISURU botnet, a 69-second barrage that set a new volume record. The cybersecurity firm did not disclose the name of the […]
Pierluigi Paganini
December 03, 2025
The University of Pennsylvania and the University of Phoenix confirm they were hit in the Oracle E-Business Suite hacking campaign. The University of Pennsylvania (Penn) and the University of Phoenix confirmed they were hit in the recent cyberattack targeting Oracle E-Business Suite customers. Penn explained that it uses Oracle’s E-Business Suite (EBS) platform for supplier […]
