MUST READ

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

 | 

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

 | 

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

 | 

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

 | 

Oracle EBS zero-day used by Clop to breach Barts Health NHS

 | 

AWS: China-linked threat actors weaponized React2Shell hours after disclosure

 | 

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

 | 

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

 | 

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

 | 

King Addons flaw lets anyone become WordPress admin

 | 

University of Pennsylvania and University of Phoenix disclose data breaches

 | 

Cyber Crime

Pierluigi Paganini October 01, 2025
WestJet confirms cyberattack exposed IDs, passports in June incident

WestJet confirms June cyberattack that disrupted certain internal systems, exposed customer passports and IDs. WestJet airline confirmed the June security breach exposed customer passports and IDs. WestJet is a Canadian airline that operates both domestic and international flights. Founded in 1996, it started as a low-cost carrier and has grown to become Canada’s second-largest airline, […]

Pierluigi Paganini September 30, 2025
UK convicts Chinese national in £5.5B crypto fraud, marks world’s largest Bitcoin seizure

A Chinese national was convicted in the UK for crypto fraud as police seized £5.5B (61,000 Bitcoin), the world’s largest cryptocurrency seizure. UK authorities raided the London home of Chinese national Zhimin Qian (47), also known as Yadi Zhang, and confiscated £5.5 billion (about $7.39 billion) in cryptocurrency, totaling 61,000 Bitcoin. Police described it as […]

Pierluigi Paganini September 30, 2025
Scattered Spider, ShinyHunters Restructure – New Attacks Underway 

Resecurity warns the “Trinity of Chaos” (LAPSUS$, ShinyHunters, Scattered Spider) is driving a global cybercrime wave, with major breaches undisclosed. A new Resecurity report has uncovered a rapidly unfolding—and potentially much larger—global cybercrime campaign led by the notorious alliance of LAPSUS$, ShinyHunters, and Scattered Spider. Contrary to recent claims of “retirement,” the so-called “Trinity of […]

Pierluigi Paganini September 29, 2025
Harrods alerts customers to new data breach linked to third-party provider

British Department Store Harrods warns customers of a data breach via a third-party provider, exposing some names and contact details. Harrods, the luxury British department store, warned customers of a data breach affecting its online systems. The company confirmed that names and contact details of some e-commerce customers were exposed after one of its third-party […]

Pierluigi Paganini September 29, 2025
Akira Ransomware bypasses MFA on SonicWall VPNs

Akira ransomware is targeting SonicWall SSL VPNs, bypassing OTP MFA on accounts, likely using stolen OTP seeds. Since July 2025, Akira ransomware has exploited SonicWall SSL VPNs, likely using credentials obtained from the exploitation of the CVE-2024-40766 vulnerability, bypassing OTP MFA. Attacks spread quickly across sectors, with rapid post-login activity and short dwell times, making […]

Pierluigi Paganini September 27, 2025
Ohio’s Union County suffers ransomware attack impacting 45,000 people

A ransomware attack resulted in the theft of Social Security and financial data from Union County, Ohio, impacting 45,487 people. A ransomware attack hit Union County, Ohio, and crooks stole Social Security and financial data. Officials notified 45,487 residents and staff after the security breach that occurred on May 18, 2025. After discovering the security […]

Pierluigi Paganini September 25, 2025
Operation HAECHI VI seized $439M from global cybercrime rings

Interpol announced that Operation HAECHI VI seized $439M from global cybercrime rings, with 40 countries joining the five-month crackdown. Interpol announced that an international law enforcement operation, codenamed Operation HAECHI VI, resulted in the seizure of $439M in cash and crypto from cybercrime rings between April and August 2025. Authorities from 40 countries joint to […]

Pierluigi Paganini September 25, 2025
Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

Volvo North America disclosed a data breach that exposed the personal data of its employees after a ransomware attack hit third-party supplier Miljödata. Volvo NA disclosed a data breach that exposed the personal data of its employees after a ransomware attack hit the third-party supplier Miljödata. The ransomware attack occurred in August and impacted at […]

Pierluigi Paganini September 23, 2025
A suspected Scattered Spider member suspect detained for casino network attacks

A suspected Scattered Spider member linked to cyber attacks on Las Vegas casinos was arrested on September 17. The Las Vegas Metropolitan Police Department arrested on September 17 a suspected Scattered Spider member linked to attacks on Las Vegas casinos for computer intrusion, extortion, and identity theft. Between August and October 2023, multiple Las Vegas […]

Pierluigi Paganini September 23, 2025
Canada’s RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

RCMP shuts down TradeOgre, seizing $40M from crime, the first crypto exchange closure and largest asset seizure in Canada’s history. The Royal Canadian Mounted Police shut down the crypto exchange TradeOgre and seized $40M worth of crypto assets. This is the first crypto exchange shut down by the Canadian authorities. “RCMP Federal Policing – Eastern […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

Malware / December 09, 2025

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

Cyber Crime / December 09, 2025

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

Cyber Crime / December 09, 2025

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

Cyber Crime / December 08, 2025

Oracle EBS zero-day used by Clop to breach Barts Health NHS

Data Breach / December 08, 2025