MUST READ

Dutch court convicts hacker who exploited port networks for drug trafficking

 | 

U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog

 | 

Meta fixes Instagram password reset flaw, denies data breach

 | 

Europol and Spanish Police arrest 34 in crackdown on Black Axe criminal network

 | 

Credential-harvesting attacks by APT28 hit Turkish, European, and Central Asian organizations

 | 

The ideals of Aaron Swartz in an age of control

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 79

 | 

Security Affairs newsletter Round 558 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

A massive breach exposed data of 17.5M Instagram users

 | 

North Korea–linked APT Kimsuky behind quishing attacks, FBI warns

 | 

Illinois Department of Human Services (IDHS) suffered a data breach that impacted 700K individuals

 | 

Trend Micro fixed a remote code execution in Apex Central

 | 

Iran cuts Internet nationwide amid deadly protest crackdown

 | 

China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware

 | 

Chinese-speaking hackers exploited ESXi zero-days long before disclosure

 | 

Astaroth banking Trojan spreads in Brazil via WhatsApp worm

 | 

U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog

 | 

China-linked groups intensify attacks on Taiwan’s critical infrastructure, NSB warns

 | 

Ni8mare flaw gives unauthenticated control of n8n instances

 | 

Misconfigured email routing enables internal-spoofed phishing

 | 

Data Breach

Pierluigi Paganini October 30, 2022
BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. Asahi Group Holdings, Ltd. is a precision metal manufacturing and metal solution provider, for more than 40 years, the company has been delivering end-to-end services in the industries of precision metals and thin-film coatings with different teams […]

Pierluigi Paganini October 29, 2022
Twilio discloses another security incident that took place in June

Twilio suffered another brief security incident in June 2022, the attack was conducted by the same threat actor of the August hack. The Communications company Twilio announced that it suffered another “brief security incident” on June 29, 2022, the attack was conducted by the same threat actor that in August compromised the company and gained access to […]

Pierluigi Paganini October 27, 2022
Thomson Reuters collected and leaked at least 3TB of sensitive data

The multinational media conglomerate Thomson Reuters left a database with sensitive customer and corporate data exposed online Original post at https://cybernews.com/security/thomson-reuters-leaked-terabytes-sensitive-data/ Thomson Reuters, a multinational media conglomerate, left an open database with sensitive customer and corporate data, including third-party server passwords in plaintext format. Attackers could use the details for a supply-chain attack. The Cybernews […]

Pierluigi Paganini October 26, 2022
See Tickets discloses data breach, customers’ credit card data exposed

International ticketing services company See Tickets disclosed a data breach that exposed customers’ payment card details. Ticketing service company See Tickets disclosed a data breach, and threat actors might have accessed customers’ payment card details. Threat actors were able to steal payment card data by implanting a software skimmer on its website. The company discovered […]

Pierluigi Paganini October 25, 2022
Hive ransomware gang starts leaking data allegedly stolen from Tata Power

The Hive ransomware gang, which claimed the responsibility for the Tata Power data breach, started leaking data. On October 14, Tata Power, India’s largest power generation company, announced that was hit by a cyber attack. Threat actors hit the Information Technology (IT) infrastructure of the company. The company confirmed that the security breach impacted “some of […]

Pierluigi Paganini October 23, 2022
Hackers stole sensitive data from Iran’s atomic energy agency

Iran’s atomic energy agency claims that alleged state-sponsored hackers have compromised its email system. Iran’s atomic energy agency revealed on Sunday that a nation-state actor had access to a subsidiary’s network and free access to its email system, the Associated Press reports. The Iranian government has yet to attribute the attack to a specific The […]

Pierluigi Paganini October 21, 2022
EnergyAustralia Electricity company discloses security breach

Electricity company EnergyAustralia suffered a security breach, threat actors had access to information on 323 customers. Another Australian organization was hit by a severe cyber attack, this time the victim is the Electricity company EnergyAustralia. EnergyAustralia is the country’s third-largest energy retailer. The company confirmed that threat actors had access to information on 323 residential and […]

Pierluigi Paganini October 21, 2022
Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients

Healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The US-based hospital healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The company is notifying the impacted individuals. The healthcare system operates 26 hospitals in Wisconsin and […]

Pierluigi Paganini October 20, 2022
BlueBleed: Microsoft confirmed data leak exposing customers’ info

Microsoft disclosed a data leak, sensitive data of some of its customers were exposed by a misconfigured Microsoft server accessible online. Microsoft announced that sensitive data belonging to some of its customers were exposed on the Internet due to a misconfigured Microsoft server. The data leak was discovered by the security threat intelligence firm SOCRadar […]

Pierluigi Paganini October 17, 2022
Retail giant Woolworths discloses data breach of MyDeal online marketplace

Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 million MyDeal customers. Bad news for the customers of the MyDeal online marketplace, the Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 million of them. As soon the company became aware of the security breach it blocked access to […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Dutch court convicts hacker who exploited port networks for drug trafficking

Cyber Crime / January 13, 2026

U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog

Hacking / January 12, 2026

Meta fixes Instagram password reset flaw, denies data breach

Security / January 12, 2026

Europol and Spanish Police arrest 34 in crackdown on Black Axe criminal network

Security / January 12, 2026

Credential-harvesting attacks by APT28 hit Turkish, European, and Central Asian organizations

APT / January 12, 2026