MUST READ

7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild

 | 

Operation WrtHug hijacks 50,000+ ASUS routers to build a global botnet

 | 

U.S. CISA adds a new Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

 | 

Eurofiber confirms November 13 hack, data theft, and extortion attempt

 | 

New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet

 | 

Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack

 | 

DoorDash data breach exposes personal info after social engineering attack

 | 

Google fixed the seventh Chrome zero-day in 2025

 | 

Dutch police takes down bulletproof hosting hub linked to 80+ cybercrime cases

 | 

Microsoft mitigated the largest cloud DDoS ever recorded, 15.7 Tbps

 | 

Jaguar Land Rover confirms major disruption and ÂŁ196M cost from September cyberattack

 | 

North Korean threat actors use JSON sites to deliver malware via trojanized code

 | 

RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025

 | 

Five admit helping North Korea evade sanctions through IT worker schemes

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71

 | 

Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack

 | 

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely

 | 

Millions of sites at risk from Imunify360 critical flaw exploit

 | 

Cyber warfare

Pierluigi Paganini February 18, 2013
Government networks totally vulnerable to cyber attacks

In this days it is circulating persistently the news that The Cyber Intelligence Sharing and Protection act (CISPA) will be reintroduced by House Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking member Rep. Dutch Ruppersberger (D-Md.) before the US House next week. The controversial cyber bill raised an heated debate, the act will force any company to […]

Pierluigi Paganini February 15, 2013
From CISPA to Obama’s executive order on national cybersecurity

During the last days worldwide internet community expressed great concern on the possibility of a reintroduction of The Cyber Intelligence Sharing and Protection act (CISPA)  before the US House by House Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking member Rep. Dutch Ruppersberger (D-Md.). The controversial cyber bill raised an heated debate, supporters believe it […]

Pierluigi Paganini February 08, 2013
Is US really thinking to preemptive cyber attacks as deterrent?

Cyberspace is abuzz with activity. Governments are secretly conducting cyber operations. Everyday, we read about malicous code used to steal information; or about cyber attacks that target critical infrastructure. The principal question raised by these fervent activities are rules of engagement and proportionality of defense – the operative limit of country that discovers an attack […]

Pierluigi Paganini January 29, 2013
How the US are preparing to cyber warfare?

Every government conscious of strategic importance of cyber security and of the investments of other countries in cyber warfare capability is improving its effort. Last week I wrote about Russian government and the Putin’s request to reinforce the garrison of the fifth domain, the cyber space, through a series of investment to secure national critical infrastructures […]

Pierluigi Paganini January 24, 2013
DARPA on Cyber Targeted-Attack Analyzer program & micro-satellites

Protect the country, population and assets from cyber threats, this is a must for every government, a challenge for  every state, new processes, large investment and innovative researches are the topics most debated in this period. Yesterday I wrote about the Russian government and its commitment to strengthen cyber defense, today I desire to introduce […]

Pierluigi Paganini January 22, 2013
Panetta is critical on the security level for NATO networks

Today on Atlantic Council web site it has been published an excerpts from remarks by Secretary of Defense Leon Panetta at King’s College in London that remarks the inadequacy of NATO networks to reject cyber threats, according the officials the situation appears really critic in both private and public sectors, and it is very concerning also […]

Pierluigi Paganini January 21, 2013
Use of electromagnetic waves to infiltrate sealed networks

In the last months I had the opportunity many times to read about the possible use, in cyber warfare context,  of electromagnetic waves to interfere with defense systems of the adversaries. I wrote about a project dubbed CHAMP  (Counter-electronics High-powered Microwave Advanced Missile Project) related to the use of microwaves to permanently knock out computers […]

Pierluigi Paganini January 18, 2013
Cyber warfare between Koreas, a warning for any cyber power

Earlier this month is has been spread the news that South Korea is investing to improve the cyber capabilities of the country recruiting and training hackers to involve in the cyber defense due the increasing number of attacks suffered. A cyber attack hit recently the presidential transition team, in particular the press rooms server, but […]

Pierluigi Paganini January 17, 2013
Red October, RBN and too many questions still unresolved

The recently discovered cyber espionage campaign “Red October” has shocked world wide security community, the principal questions raised are: Who is behind the attacks? How is possible that for so long time the campaign went undetected? Which is the role of AV company in these operations? To try to understand who is behind the attacks […]

Pierluigi Paganini January 15, 2013
Kaspersky Lab discovered the cyber espionage campaign “Red October”

Last October Kaspersky Lab’s Global Research & Analysis Team started a new investigation after several attacks hit computer networks of various international diplomatic service agencies. The attacks appeared very suspect, a new large scale cyber-espionage operation has been discovered, the operation is dubbed «Red October», a name inspired by famous novel «The Hunt For The Red […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild

Security / November 19, 2025

Operation WrtHug hijacks 50,000+ ASUS routers to build a global botnet

Cyber Crime / November 19, 2025

U.S. CISA adds a new Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

Hacking / November 19, 2025

Eurofiber confirms November 13 hack, data theft, and extortion attempt

Data Breach / November 19, 2025

New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet

Hacking / November 19, 2025