Hacking Archives - Security Affairs

Pierluigi Paganini August 25, 2025

Docker fixes critical Desktop flaw allowing container escapes

Docker fixed a critical flaw in the Docker Desktop app for Windows and macOS that could potentially allow an attacker to escape the confines of a container. Docker fixed a critical vulnerability, tracked as CVE-2025-9074 (CVSS score of 9.3), impacting Docker Desktop app for Windows and macOS. An attacker can exploit the flaw to potentially escape […]

Pierluigi Paganini August 25, 2025

Android.Backdoor.916.origin malware targets Russian business executives

New Android spyware Android.Backdoor.916.origin is disguised as an antivirus linked to Russia’s intelligence agency FSB, and targets business executives. Doctor Web researchers observed a multifunctional backdoor Android.Backdoor.916.origin targeting Android devices belonging to representatives of Russian businesses. The malware executes attacker commands, enabling surveillance, keylogging, and theft of chats, browser data, and even live camera/audio streams. […]

Pierluigi Paganini August 23, 2025

China-linked Silk Typhoon APT targets North America

China-linked Silk Typhoon APT group ramp up North America attacks, exploiting n-day and zero-day flaws for system access, CrowdStrike warns. China-linked Silk Typhoon APT group (aka Murky Panda) targets organizations in North America exploiting n-day and zero-day flaws for system access, CrowdStrike warns. This Chinese APT has one of the widest targeting scopes. In March, […]

Pierluigi Paganini August 22, 2025

After SharePoint attacks, Microsoft stops sharing PoC exploit code with China

Microsoft halts PoC exploit sharing with Chinese firms after SharePoint zero-day leaks, giving only written bug details to curb future abuse. Microsoft has reportedly stopped giving Chinese firms proof-of-concept exploit code through its Microsoft Active Protections Program (MAPP) program after July’s mass exploitation of SharePoint flaws, believed linked to a leak of early bug disclosures. […]

Pierluigi Paganini August 22, 2025

U.S. CISA adds Apple iOS, iPadOS, and macOS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS, iPadOS, and macOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple iOS, iPadOS, and macOS flaw, tracked as CVE-2025-43300, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Apple addressed the actively exploited zero-day CVE-2025-43300 in iOS, iPadOS, and […]

Pierluigi Paganini August 22, 2025

Orange Belgium July data breach impacted 850,000 customers

Orange Belgium revealed that a July attack resulted in the exposure of the information of 850,000 customer accounts. Orange Belgium announced that 850,000 customer accounts were impacted by a July data breach. Threat actors had access to one of the IT systems containing customers data, including surname, first name, telephone number, SIM card number, PUK […]

Pierluigi Paganini August 21, 2025

Apple addressed the seventh actively exploited zero-day

Apple addressed a vulnerability impacting iOS, iPadOS, and macOS that it is under active exploitation in the wild. Apple addressed an actively exploited zero-day, tracked as CVE-2025-43300, in iOS, iPadOS, and macOS. The vulnerability is zero-day out-of-bounds write issue that resides in the ImageIO framework, an attacker could exploit it to cause memory corruption when processing […]

Pierluigi Paganini August 21, 2025

Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection

Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud Linux systems and deploy DripDropper malware. Uniquely, they patch the flaw post-exploit […]

Pierluigi Paganini August 21, 2025

A Scattered Spider member gets 10 years in prison

A 20-year-old Scattered Spider member gets 10 years in prison and $13M restitution for SIM-swapping crypto thefts. Scattered Spider hacker, Noah Michael Urban (20), was sentenced to 10 years in U.S. prison and ordered to pay $13M restitution for SIM-swapping crypto thefts. “A 20-year-old Palm Coast man linked to a massive cybercriminal gang was sentenced […]

Pierluigi Paganini August 21, 2025

FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage

FBI warns FSB-linked group Static Tundra is exploiting a 7-year-old Cisco IOS/IOS XE flaw to gain persistent access for cyber espionage. The FBI warns that Russia-linked threat actor Static Tundra exploits Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI) to target organizations in the […]

Hacking

Docker fixes critical Desktop flaw allowing container escapes

Android.Backdoor.916.origin malware targets Russian business executives

China-linked Silk Typhoon APT targets North America

After SharePoint attacks, Microsoft stops sharing PoC exploit code with China

U.S. CISA adds Apple iOS, iPadOS, and macOS flaw to its Known Exploited Vulnerabilities catalog

Orange Belgium July data breach impacted 850,000 customers

Apple addressed the seventh actively exploited zero-day

Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection

A Scattered Spider member gets 10 years in prison

FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Auchan discloses data breach: data of hundreds of thousands of customers exposed

U.S. CISA adds Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities catalog

Docker fixes critical Desktop flaw allowing container escapes

Malicious apps with +19M installs removed from Google Play because spreading Anatsa banking trojan and other malware

Pakistan-linked APT36 abuses Linux .desktop files to drop custom malware in new campaign

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!