• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service

 | 

DoJ resentenced former BreachForums admin to three years in prison

 | 

Apple backports fix for actively exploited CVE-2025-43300

 | 

New supply chain attack hits npm registry, compromising 40+ packages

 | 

Cybercrime group accessed Google Law Enforcement Request System (LERS)

 | 

China-linked Mustang Panda deploys advanced SnakeDisk USB worm

 | 

Insider breach at FinWise Bank exposes data of 689,000 AFF customers

 | 

Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

 | 

Fairmont Federal Credit Union 2023 data breach impacted 187K people

 | 

UK ICO finds students behind majority of school data breaches

 | 

INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

 | 

Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ShinyHunters Attack National Credit Information Center of Vietnam

 | 

FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

 | 

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

 | 

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

 | 

Samsung fixed actively exploited zero-day

 | 

UK train operator LNER (London North Eastern Railway) discloses a data breach

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me

Hacking

Pierluigi Paganini March 11, 2024
Hackers exploited WordPress Popup Builder plugin flaw to compromise 3,300 sites

Threat actors are hacking WordPress sites by exploiting a vulnerability, tracked as CVE-2023-6000, in old versions of the Popup Builder plugin. In January, Sucuri researchers reported that Balada Injector malware infected over 7100 WordPress sites using a vulnerable version of the Popup Builder WordPress plugin. Sucurity reported that on December 13th, the Balada Injector campaign started infecting […]

Pierluigi Paganini March 09, 2024
Threat actors breached two crucial systems of the US CISA

Threat actors hacked the systems of the Cybersecurity and Infrastructure Security Agency (CISA) by exploiting Ivanti flaws. The US Cybersecurity and Infrastructure Security Agency (CISA) agency was hacked in February, the Recorded Future News first reported. In response to the security breach, the agency had to shut down two crucial systems, as reported by a […]

Pierluigi Paganini March 09, 2024
Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices

Researchers warn that the critical vulnerability CVE-2024-21762 in Fortinet FortiOS could potentially impact 150,000 exposed devices. In February, Fortinet warned that the critical remote code execution vulnerability CVE-2024-21762 (CVSS score 9.6) in FortiOS SSL VPN was actively exploited in attacks in the wild. The security firm did not provide details about the attacks exploiting this vulnerability. The issue […]

Pierluigi Paganini March 08, 2024
QNAP fixed three flaws in its NAS devices, including an authentication bypass

QNAP addressed three vulnerabilities in its NAS products that can be exploited to access devices. QNAP addressed three vulnerabilities in Network Attached Storage (NAS) devices that can be exploited to access the devices. The three flaws fixed are: The vulnerability CVE-2024-21899 (CVSS score 9.8) is the most severe of the above issues, it can be […]

Pierluigi Paganini March 08, 2024
Russia-linked Midnight Blizzard breached Microsoft systems again

Microsoft revealed that Russia-linked APT group Midnight Blizzard recently breached its internal systems and source code repositories. Microsoft published an update on the attack that hit the company on January 12, 2024, the IT giant revealed that the Russia-linked Midnight Blizzard recently breached again its internal systems and source code repositories. In January, Microsoft warned […]

Pierluigi Paganini March 07, 2024
CISA adds Apple iOS and iPadOS memory corruption bugs to its Known Exploited Vulnerabilities Catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS and iPadOS memory corruption vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: This week, Apple released emergency security updates to address two iOS zero-day vulnerabilities, respectively tracked as CVE-2024-23225 and […]

Pierluigi Paganini March 07, 2024
Linux Malware targets misconfigured misconfigured Apache Hadoop, Confluence, Docker, and Redis servers

A new Linux malware campaign campaign is targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. Researchers from Cado Security observed a new Linux malware campaign targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. The threat actors behind this campaign employed previously undetected payloads, including four Golang binaries that are used to automate the […]

Pierluigi Paganini March 05, 2024
Apple emergency security updates fix two new iOS zero-days

Apple released emergency security updates to address two new iOS zero-day vulnerabilities actively exploited in the wild against iPhone users. Apple released emergency security updates to address two iOS zero-day vulnerabilities, respectively tracked as CVE-2024-23225 and CVE-2024-23296, that were exploited in attacks against iPhone devices. CVE-2024-23225 is a Kernel memory corruption flaw, the company addressed it […]

Pierluigi Paganini March 05, 2024
CISA ADDS MICROSOFT WINDOWS KERNEL BUG USED BY LAZARUS APT TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Windows Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2024-21338 (CVSS Score 7.8) Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. An attacker can exploit this vulnerability to gain SYSTEM privileges. […]

Pierluigi Paganini March 05, 2024
Ukraine’s GUR hacked the Russian Ministry of Defense

The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims that it hacked the Russian Ministry of Defense. The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense announced it had breached the Russian Ministry of Defense servers as part of a special operation, and exfiltrated confidential documents. Stolen documents include: The stolen documents […]

  • 1
  • 2
  • ...
  • 104
  • 105
  • 106
  • 107
  • 108
  • ...
  • 965
  • 966
  • 967

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service

    Cyber Crime / September 17, 2025

    DoJ resentenced former BreachForums admin to three years in prison

    Cyber Crime / September 17, 2025

    Apple backports fix for actively exploited CVE-2025-43300

    Security / September 17, 2025

    New supply chain attack hits npm registry, compromising 40+ packages

    Malware / September 16, 2025

    Cybercrime group accessed Google Law Enforcement Request System (LERS)

    Security / September 16, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT