MUST READ

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

 | 

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

 | 

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

 | 

Oracle EBS zero-day used by Clop to breach Barts Health NHS

 | 

AWS: China-linked threat actors weaponized React2Shell hours after disclosure

 | 

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

 | 

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

 | 

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

 | 

King Addons flaw lets anyone become WordPress admin

 | 

University of Pennsylvania and University of Phoenix disclose data breaches

 | 

Researchers spotted Lazarus’s remote IT workers in action

 | 

Data Breach

Pierluigi Paganini January 07, 2020
Medical info of 49,351 patients exposed in Alomere Health hospital breach

Minnesota-based Alomere Health discloses a data leak that exposed personal and medical information of 49,351 patients. Personal and medical information of 49,351 patients of Minnesota-based Alomere Health might have been exposed following the compromise of two employees’ email accounts. Alomere Health is a general medical and surgical hospital in Alexandria, MN, with 127 beds. It is accredited […]

Pierluigi Paganini January 06, 2020
School software provider Active Network discloses data breach

The US-based School management software provider Active Network disclosed a severe security breach last week. Active Network provides web-based school management software for K-12 schools and districts, last week it announced to have suffered a major security breach. The hackers gained access to Blue Bear, a cloud school accounting software customized especially for K-12 schools and […]

Pierluigi Paganini January 02, 2020
US restaurant chain Landry’s discloses payment card breach

The popular US restaurant chain Landry’s announced that it was the victim of a cyber-attack, malware has infected its point of sale (POS) systems. The popular US restaurant chain Landry’s disclosed a security incident, its point of sale (POS) systems have been infected with malware specifically developed to steal customers’ payment card information (i.e. credit […]

Pierluigi Paganini January 02, 2020
Poloniex forces password reset following a data leak

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak.  Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak.  The measure was necessary to prevent spear-phishing attacks against the users aimed at […]

Pierluigi Paganini December 31, 2019
Nonprofit organization Special Olympics New York hacked and its server used to send phishing emails

Special Olympics of New York, a nonprofit organization focused on competitive athletes with intellectual disabilities was hacked. Special Olympics New York provides inclusive opportunities for people with intellectual disabilities to compete in Olympic-style, coached sports.  Unfortunately, the nonprofit organization was hacked during the Christmas holiday and the attackers later used its email server to launch […]

Pierluigi Paganini December 30, 2019
Wawa faces several lawsuits following a massive payment card breach

Recently the Wawa convenience store chain disclosed a payment card breach, news of the day is that Wawa is facing lawsuits over the incident. The Wawa convenience store chain is facing a wave of lawsuits over a recent security breach that affected its 850 locations in the US. Wawa convenience store chain disclosed a payment card breach, its security […]

Pierluigi Paganini December 29, 2019
Security experts disclosed Wyze data leak

IoT vendor Wyze announced that one of its servers exposed the details of roughly 2.4 million customers. IoT vendor Wyze announced that details of roughly 2.4 million customers were accidentally exposed online. The company produces inexpensive smart home products and wireless cameras.  The leak was reported to Wyze on December 26th at around 10:00 AM […]

Pierluigi Paganini December 28, 2019
173 Million Zynga accounts were impacted in the September hack

In September Zynga, the American social game developer running social video game services suffered a data breach that 173 Million accounts. Zynga Inc is an American social game developer running social video game services founded in April 2007, it primarily focuses on mobile and social networking platforms. Among the online games developed by the company, […]

Pierluigi Paganini December 23, 2019
Champagne Bakery Cafe and Islands burger chain disclose payment card breaches

The news of two new payment card breaches made the headlines, the victims are the Islands restaurant chain and Champagne French Bakery Cafe. The new restaurant chains with locations across the U.S. disclosed payment card breaches, in both cases, attackers used PoS malware to capture card data stored in the magnetic stripe. Exposed data includes […]

Pierluigi Paganini December 22, 2019
Security Affairs newsletter Round 245

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs From iPhone to NT AUTHORITYSYSTEM – exploit ‘Printconfig dll with a real-world example Iran announced to have foiled a second cyber-attack in a week Largest hospital system in New Jersey was hit by ransomware attack A thief stole […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

Cyber Crime / December 09, 2025

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

Cyber Crime / December 09, 2025

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

Cyber Crime / December 08, 2025

Oracle EBS zero-day used by Clop to breach Barts Health NHS

Data Breach / December 08, 2025

AWS: China-linked threat actors weaponized React2Shell hours after disclosure

Security / December 08, 2025