MUST READ

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

 | 

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

 | 

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

 | 

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

 | 

Oracle EBS zero-day used by Clop to breach Barts Health NHS

 | 

AWS: China-linked threat actors weaponized React2Shell hours after disclosure

 | 

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

 | 

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

 | 

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

 | 

King Addons flaw lets anyone become WordPress admin

 | 

University of Pennsylvania and University of Phoenix disclose data breaches

 | 

Cyber Crime

Pierluigi Paganini September 15, 2025
INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

Panama’s Ministry of Economy and Finance disclosed a security breach impacting a computer in its infrastructure. Panama’s Ministry of Economy and Finance (MEF) announced that threat actors likely compromised one of its computers. The Ministry immediately activated its security protocols to contain the threat. Panama’s Ministry pointed out that critical systems vital to operations remain […]

Pierluigi Paganini September 14, 2025
ShinyHunters Attack National Credit Information Center of Vietnam

Vietnam’s National Credit Information Center (CIC) was hit by a ShinyHunters cyberattack, with VNCERT confirming signs of unauthorized access to steal personal data. Authorities are investigating a cyber-attack against National Credit Information Center (CIC) of Vietnam by ShinyHunters. As confirmed by the Vietnam Cyber Emergency Response Team (VNCERT), signs of unauthorised access aimed at stealing […]

Pierluigi Paganini September 13, 2025
FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

The U.S. FBI issued a flash alert to warn of malicious activities carried out by two cybercriminal groups tracked as UNC6040 and UNC6395. The FBI issued a FLASH alert with IOCs for cybercriminal groups UNC6040 and UNC6395, which are increasingly targeting Salesforce platforms for data theft and extortion. “The Federal Bureau of Investigation (FBI) is […]

Pierluigi Paganini September 12, 2025
UK train operator LNER (London North Eastern Railway) discloses a data breach

LNER warns of a data breach via a third-party supplier, exposing customer contact details and other personal information. UK train operator LNER (London North Eastern Railway) reported a data breach through a third-party supplier, compromising customer contact details and other personal information. LNER (London North Eastern Railway) is a British train operator running passenger services […]

Pierluigi Paganini September 11, 2025
Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

Researchers warn that Akira ransomware group is exploiting a year-old SonicWall firewall flaw, likely using three attack vectors for initial access. The Akira ransomware group is exploiting a year-old SonicWall firewall vulnerability, tracked as CVE-2024-40766 (CVSS score of 9.3), likely using three attack vectors for initial access, according to Rapid7. “Evidence collected during Rapid7’s investigations […]

Pierluigi Paganini September 11, 2025
Kosovo man pleads guilty to running online criminal marketplace BlackDB

Kosovo man Liridon Masurica pleaded guilty to running the cybercrime marketplace BlackDB. He was arrested in 2024. Kosovo citizen Liridon Masurica (33) of Gjilan, aka @blackdb, pleaded guilty to running the BlackDB cybercrime market. Kosovo police arrested Masurica on December 12, 2024 and he was extradited to the US. The online criminal marketplace BlackDB.cc has […]

Pierluigi Paganini September 11, 2025
Jaguar Land Rover discloses a data breach after recent cyberattack

Jaguar Land Rover confirms a cyberattack caused factory disruptions and led to a data breach, compromising sensitive information. In early September, Jaguar Land Rover shut down systems to mitigate a cyberattack that disrupted production and retail operations. The attack also impacted systems at the Solihull production plant. UK dealers reported JLR disruptions blocking car registrations […]

Pierluigi Paganini September 10, 2025
KillSec Ransomware is Attacking Healthcare Institutions in Brazil

KillSec Ransomware claimed responsibility for a cyberattack on MedicSolution, a software solutions provider for the healthcare industry in Brazil. The KillSec Ransomware group has threatened to leak sensitive data unless negotiations are initiated promptly. According to threat intelligence reporting by Resecurity, the root cause of the incident – data exfiltration from insecure AWS S3 bucket. […]

Pierluigi Paganini September 09, 2025
Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

Multiple popular npm packages were compromised in a supply chain attack after a maintainer fell for a phishing email targeting 2FA credentials. A supply chain attack compromised multiple popular npm packages with 2B weekly downloads after a maintainer fell for a phishing email mimicking npm, targeting 2FA credentials. Threat actors targeted Josh Junon’s (Qix) to […]

Pierluigi Paganini September 09, 2025
LunaLock Ransomware threatens victims by feeding stolen data to AI models

LunaLock, a new ransomware gang, introduced a unique cyber extortion technique, threatening to turn stolen art into AI training data. A new ransomware group, named LunaLock, appeared in the threat landscape with a unique cyber extortion technique, threatening to turn stolen art into AI training data. Recently, the LunaLock group targeted the website Artists&Clients and […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

Malware / December 09, 2025

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

Cyber Crime / December 09, 2025

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

Cyber Crime / December 09, 2025

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

Cyber Crime / December 08, 2025

Oracle EBS zero-day used by Clop to breach Barts Health NHS

Data Breach / December 08, 2025