Pierluigi Paganini
April 20, 2025
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers exploited SonicWall SMA appliances since January 2025 ASUS routers with AiCloud vulnerable to auth bypass exploit U.S. […]
Pierluigi Paganini
April 13, 2025
China admitted in a secret meeting with U.S. officials that it conducted Volt Typhoon cyberattacks on U.S. infrastructure, WSJ reports. China reportedly admitted in a secret meeting with U.S. officials that it carried out cyberattacks on U.S. infrastructure, linked to the Volt Typhoon campaign. According to the Wall Street Journal, at a December Geneva summit, […]
Pierluigi Paganini
April 11, 2025
Gamaredon targeted a foreign military mission in Ukraine with updated GammaSteel malware on Feb 26, 2025, per Symantec. Symantec Threat Hunter researchers reported that the Russia-linked APT group Gamaredon (a.k.a. Shuckworm, Armageddon, Primitive Bear, ACTINIUM, Callisto) targeted a foreign military mission based in Ukraine with an updated version of the GamaSteel infostealer. Shuckworm is known for targeting government, […]
Pierluigi Paganini
April 04, 2025
CERT-UA reported three cyberattacks targeting Ukraine’s state agencies and critical infrastructure to steal sensitive data. The Computer Emergency Response Team of Ukraine (CERT-UA) reported three cyberattacks in March 2025 targeting Ukrainian agencies and infrastructure to steal sensitive data. This activity is tracked under the identifier UAC-0219. “The Ukrainian government’s computer emergency response team, CERT-UA, is […]
Pierluigi Paganini
April 03, 2025
Ivanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025. Ivanti released security updates to address a critical Connect Secure remote code execution vulnerability tracked as CVE-2025-22457. The vulnerability has been exploited by a China-linked threat actor since at least mid-March 2025. Ivanti did not disclose […]
Pierluigi Paganini
March 31, 2025
Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, ACTINIUM, Callisto) targets Ukraine with a phishing campaign. The cyberespionage group is behind a long series of spear-phishing attacks targeting Ukrainian entities, and organizations related […]
Pierluigi Paganini
March 20, 2025
CERT-UA warns of a cyber campaign using Dark Crystal RAT to target Ukraine’s defense sector, including defense industry employees and Defense Forces members. The Computer Emergency Response Team of Ukraine (CERT-UA) uncovered a new cyber espionage campaign targeting employees of defense-industrial complex enterprises and representatives of the Defense Forces of Ukraine with Dark Crystal RAT. […]
Pierluigi Paganini
March 06, 2025
The U.S. Department of Justice (DoJ) charges 12 Chinese nationals for their alleged involvement in state-linked cyber operations. The U.S. DoJ charged 12 Chinese nationals, including PRC security officers, employees of the hacking firm i-Soon, and members of the APT27 group (aka Emissary Panda, TG-3390, Bronze Union, and Lucky Mouse), for data theft and suppressing dissent worldwide. “The Justice […]
Pierluigi Paganini
March 04, 2025
US CISA confirms no change in defense against Russian cyber threats despite the Trump administration’s pause on offensive operations. US CISA stated there is no change in defending against Russian cyber threats, despite the Trump administration’s temporary pause on offensive cyber operations. US Defense Secretary Pete Hegseth has recently ordered US Cyber Command to pause […]
Pierluigi Paganini
February 28, 2025
Belgian authorities are investigating Chinese hackers for breaching its State Security Service (VSSE), stealing 10% of emails from 2021 to May 2023. The Belgian federal prosecutor’s office is probing a possible security breach on its State Security Service (VSSE) by China-linked threat actors. Chinese hackers gained access to the VSSE’s email server between 2021 and […]
Data Breach / November 19, 2025
