Pierluigi Paganini
July 31, 2025
Russia-linked Secret Blizzard targets foreign embassies in Moscow via ISP-level AitM attacks, deploying custom ApolloShadow malware. Microsoft researchers uncovered a cyberespionage campaign by the Russia-linked APT group Secret Blizzard (aka Turla, Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) targeting foreign embassies in Moscow. The threat actor uses an adversary-in-the-middle (AiTM) method at the ISP level to deploy custom malware called ApolloShadow. This […]
Pierluigi Paganini
July 31, 2025
Hackers exploit a critical vulnerability, tracked as CVE-2025-5394 (CVSS score of 9.8), in the Alone WordPress theme to hijack sites. Threat actors are actively exploiting a critical flaw, tracked as CVE-2025-5394 (CVSS score of 9.8), in the “Alone – Charity Multipurpose Non-profit WordPress Theme” to compromise websites. On May 30th, 2025, security researcher Thái An […]
Pierluigi Paganini
July 31, 2025
Critical flaws in Dahua cameras let hackers take control remotely. The vendor has released patches, users should update firmware asap. Bitdefender cybersecurity experts discovered serious vulnerabilities in Dahua smart cameras that could have allowed hackers to take full control of the devices remotely. Fortunately, the vulnerabilities have been patched, but users are urged to update […]
Pierluigi Paganini
July 30, 2025
Apple addressed a high-severity vulnerability that has been exploited in zero-day attacks targeting Google Chrome users. Apple released security updates to address a high-severity vulnerability, tracked as CVE-2025-6558 (CVSS score of 8.8), that has been exploited in zero-day attacks targeting Google Chrome users. The vulnerability is an insufficient validation of untrusted input in ANGLE and […]
Pierluigi Paganini
July 30, 2025
PyPI warns of phishing emails from noreply@pypj[.]org posing as “[PyPI] Email verification” to redirect users to fake package sites. PyPI warns of an active phishing attack using fake “[PyPI] Email verification” messages from noreply@pypj[.]org, aiming to lure users to spoofed PyPI sites. PyPI, short for the Python Package Index, is the official repository for Python […]
Pierluigi Paganini
July 30, 2025
Hackers exploited a SAP NetWeaver bug to deploy upgraded Auto-Color Linux malware in an attack on U.S. chemicals firm. Cybersecurity firm Darktrace reported that threat actors exploited a SAP NetWeaver flaw, tracked as CVE-2025-31324, to deploy Auto-Color Linux malware in a U.S. chemicals firm attack. “In April 2025, Darktrace identified an Auto-Color backdoor malware attack […]
Pierluigi Paganini
July 29, 2025
Orange, France’s largest telecom provider, reported a cyberattack on one of its internal systems, impacting its operations in Europe and Africa. Orange is a leading French multinational telecommunications operator providing services to individuals, businesses, and governments across Europe, Africa, and the Middle East. Formerly known as France TĂ©lĂ©com until rebranding in 2013, the company now […]
Pierluigi Paganini
July 29, 2025
The dating safety app Tea was hacked, leaking images, posts, and comments of thousands of users who shared anonymous “red flag” reports on men. Tea is a women-only dating safety app launched in 2023 that lets users assess and review potential partners using real-time safety tools, not matchmaking. The app has over 1.6 million members […]
Pierluigi Paganini
July 29, 2025
A cyberattack claimed by Ukrainian group Silent Crow and Belarusian Cyber-Partisans crippled Aeroflot ’s systems, canceling over 100 flights. On July 28, 2025, a cyberattack claimed by Ukrainian group Silent Crow and Belarusian Cyber-Partisans crippled the systems of Russian state-owned carrier Aeroflot. Over 100 flights were cancelled following the attack, which also caused delays. The […]
Pierluigi Paganini
July 29, 2025
Seychelles Commercial Bank on Friday said it had recently identified and contained a cybersecurity incident. A hacker claims to have stolen and sold the personal data of clients of Seychelles Commercial Bank. The bank, which provides personal and corporate services on Seychelles, one of the world’s smallest countries, notified customers of a hack, but said […]
