Pierluigi Paganini
June 25, 2025
Hackers spread a trojanized version of SonicWall VPN app to steal login credentials from users accessing corporate networks. Unknown threat actors are distributing a trojanized version of SonicWall NetExtender SSL VPN app to steal user credentials. The legitimate NetExtender app lets remote users securely access and use company network resources as if they were on-site. […]
Pierluigi Paganini
June 25, 2025
Mainline Health Systems disclosed a data breach that impacted over 100,000 individuals. Mainline Health Systems is a nonprofit Federally Qualified Health Center founded in 1978 in Portland, Arkansas, serving Southeast Arkansas . With over 30 locations across multiple counties—including in-school clinics and community centers—it provides comprehensive primary medical, dental, and behavioral health services. The healthcare […]
Pierluigi Paganini
June 25, 2025
Prometei botnet activity has surged since March 2025, with a new malware variant spreading rapidly, Palo Alto Networks reports. Palo Alto Networks warns of a spike in Prometei botnet activity since March 2025, the researchers observed a new variant spreading rapidly. Since March 2025, Prometei botnet is targeting Linux systems for Monero mining and credential […]
Pierluigi Paganini
June 23, 2025
The ransomware attack that hit McLaren Health Care in 2024 exposed the personal data of 743,000 individuals. McLaren Health Care is notifying over 743,000 people of a data breach discovered on August 5, 2024. McLaren discovered suspicious activity on its and Karmanos Cancer Institute’s systems on August 5, 2024, revealing a data breach incident. McLaren […]
Pierluigi Paganini
June 23, 2025
American steel giant Nucor confirms hackers stole data in a May cyberattack, following its earlier disclosure of the incident. Nucor, North America’s largest steel maker, confirmed hackers stole some data in a May cyberattack, following its earlier disclosure of the incident. Nucor Corporation (NYSE: NUE) is a major American steel company headquartered in Charlotte, North Carolina. […]
Pierluigi Paganini
June 23, 2025
UK’s Cyber Monitoring Centre (CMC) labels Marks & Spencer and Co-op cyberattacks a Category 2 event, estimating financial impact at ÂŁ270M–£440M. The Cyber Monitoring Centre (CMC) has labeled the recent cyberattacks on Marks & Spencer and Co-op as a Category 2 systemic event, estimating losses between ÂŁ270M and ÂŁ440M. In early May, the attackers behind […]
Pierluigi Paganini
June 22, 2025
Qilin ransomware gang now offers a “Call Lawyer” feature to help affiliates pressure victims into paying, per Cybereason. The Qilin ransomware group is now offering legal support to its affiliates through a “Call Lawyer” feature to pressure victims into paying. This move, reported by cybersecurity firm Cybereason, shows Qilin stepping up its operations and trying […]
Pierluigi Paganini
June 22, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet Predator Still Active, with New Client and Corporate Links Identified Threat Group Targets Companies in Taiwan Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion Anubis: A […]
Pierluigi Paganini
June 21, 2025
Godfather Android trojan uses virtualization to hijack banking and crypto apps, stealing user funds, warns mobile security firm Zimperium. Zimperium zLabs has uncovered a major evolution of the GodFather Android trojan, which uses on-device virtualization to hijack real banking and crypto apps. Instead of using fake overlays, the malware creates a sandbox on the victim’s […]
Pierluigi Paganini
June 19, 2025
Researchers discovered the largest data breach ever, exposing 16 billion login credentials, likely due to multiple infostealers. Researchers announced the discovery of what appears to be the largest data breach ever recorded, with an astonishing 16 billion login credentials exposed. The ongoing investigation, which began earlier this year, suggests that the credentials were collected through […]
