MUST READ

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

 | 

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

 | 

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

 | 

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

 | 

U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

 | 

Nine arrested in €600M crypto laundering bust across Europe

 | 

Google fixed a critical remote code execution in Android

 | 

Hacking

Pierluigi Paganini December 23, 2021
Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware

Crooks discovered how to bypass the patch for a recent Microsoft Office vulnerability (CVE-2021-40444) and are using it to distribute Formbook malware. Cybercriminals have found a way to bypass the patch for a recent Microsoft Office vulnerability tracked as CVE-2021-40444 (CVSS score of 8.8). The bad news is that threat actors are using it to […]

Pierluigi Paganini December 23, 2021
Three trivial bugs in Microsoft Teams Software remain unpatched

Researchers disclosed four vulnerabilities in the Teams business communication software, but Microsoft will not address three of them. Researchers from cybersecurity firm Positive Security discovered four vulnerabilities in the Teams business communication software that could allow accessing internal Microsoft services, spoofing the link preview, and, for Android users, leaking their IP address, and triggering a […]

Pierluigi Paganini December 23, 2021
HackDHS bug bounty program accepts reports of Log4j-related flaws in DHS systems

The DHS has announced that it is expanding the ‘Hack DHS’ bug bounty program to report for Log4J impacting its systems. The Department of Homeland Security (DHS) announced that white hat hackers can now report the impact of the Log4J on its systems as part of the ‘Hack DHS‘ bug bounty program. Below is the […]

Pierluigi Paganini December 23, 2021
A flaw in Microsoft Azure App Service exposes customer source code

A vulnerability in the Microsoft Azure App Service led to the exposure of customer source code for at least four years. Early this month, Microsoft has notified a small group of Azure customers that have been impacted by a recently discovered bug, dubbed NotLegit, that exposed the source code of their Azure web apps since at […]

Pierluigi Paganini December 21, 2021
Russian national extradited to US for trading on stolen Information

A Russian national was extradited to the US from Switzerland after he was charged for trading information stolen from hacked U.S. companies. The Russian national Vladislav Klyushin (41) was extradited to the United States from Switzerland to face charges for his alleged role in a scheme whose participants traded on information stolen from U.S. companies. […]

Pierluigi Paganini December 21, 2021
Patch these 2 Active Directory flaws to prevent the takeover of Windows domains

Microsoft warns of a couple of Active Directory flaws fixed with the November 2021 Patch Tuesday updates that could allow takeover of Windows domains. Microsoft released an alert on a couple of Active Directory vulnerabilities, that have been fixed with the November 2021 Patch Tuesday security updates, that could allow threat actors to takeover Windows domains. The flaws, tracked […]

Pierluigi Paganini December 21, 2021
Log4j Vulnerability Aftermath

Uptycs researchers have observed attacks related to miners, DDOS malware and some variants of ransomware actively leveraging LogforShell flaw in log4j. Last week the Log4j vulnerability turned the internet upside down. The impact of the vulnerability is massive and attackers have started taking advantage of the flaw. So far we have observed attacks related to […]

Pierluigi Paganini December 20, 2021
Nation-state actors are exploiting Zoho zero-day CVE-2021-44515 since October, FBI warns

The FBI warns that zero-day flaw in Zoho’s ManageEngine Desktop Central has been under active exploitation by nation-state actors since October. The Federal Bureau of Investigation (FBI) revealed that the critical CVE-2021-44515 zero-day vulnerability in Zoho’s ManageEngine Desktop Central has been under active exploitation by nation-state actors since at least October. The CVE-2021-44515 flaw is an authentication bypass vulnerability in ManageEngine Desktop […]

Pierluigi Paganini December 20, 2021
Belgian defense ministry hit by cyberattack exploiting Log4Shell bug

The Belgian defense ministry was hit by a cyber attack, it seems that threat actors exploited the Log4Shell vulnerability. The Belgian defense ministry confirmed it was hit by a cyberattack, it seems that threat actors exploited the Log4Shell vulnerability. The attack was uncovered on Thursday and today the government disclosed it, but according to local […]

Pierluigi Paganini December 20, 2021
A new attack vector exploits the Log4Shell vulnerability on servers locally

Security researchers devised a new attack vector exploiting the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection. Researchers from cybersecurity firm Blumira devised a new attack vector that relies on a Javascript WebSocket connection to exploit the Log4Shell vulnerability on internal and locally exposed unpatched Log4j applications. Experts pointed out that this […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

Security / November 10, 2025

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

Uncategorized / November 10, 2025

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

Malware / November 10, 2025

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

Hacking / November 10, 2025

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

Hacking / November 09, 2025