MUST READ

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini ā€“ INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragonā€™s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

 | 

U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

 | 

Nine arrested in ā‚¬600M crypto laundering bust across Europe

 | 

Google fixed a critical remote code execution in Android

 | 

SesameOp: New backdoor exploits OpenAI API for covert C2

 | 

Google Big Sleep found five vulnerabilities in Safari

 | 

Jabber Zeus developer ā€˜MrICQā€™ extradited to US from Italy

 | 

Hacking

Pierluigi Paganini November 08, 2021
Healthcare – Patient or Perpetrator? ā€“ The Cybercriminals Within

The healthcare industry might be known for the work it does to treat patients. But it is also a prime target for malicious cyber actors. With copious amounts of data collected by healthcare facilities, cybercriminals often target such entities. Moreover, the healthcare industry collects unique data, known as Protected Health Information (PHI), which is extremely […]

Pierluigi Paganini November 08, 2021
Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Experts warn of an ongoing hacking campaign that already compromised at least nine organizations worldwide from critical sectors by exploiting CVE-2021-40539. Cybersecurity experts from Palo Alto Networks warn of an ongoing cyberespionage campaign that has already compromised at least nine organizations worldwide from critical sectors, including defense, healthcare, and energy. Threat actors exploited a critical […]

Pierluigi Paganini November 07, 2021
Experts spotted a phishing campaign impersonating security firm Proofpoint

Threat actors are impersonating cybersecurity firm Proofpoint to trick victims into providing Microsoft Office 365 and Gmail credentials. Cybercriminals are impersonating the cybersecurity firm Proofpoint to trick victims into providing Microsoft Office 365 and Google Gmail credentials. The phishing messages use mortgage payments as a lure, they have the subject ā€œRe: Payoff Request.ā€ “The email […]

Pierluigi Paganini November 07, 2021
New Magecart group uses an e-Skimmer that avoids VMs and sandboxes

A new Magecart group leverages a browser script to evade virtualized environments and sandboxes used by researchers. Malwarebytes researchers have spotted a new Magecart group that uses a browser script to evade detection and the execution in virtualized environments used by security researchers for threat analysis. Hacker groups under theĀ MagecartĀ umbrella continue to target e-stores to […]

Pierluigi Paganini November 06, 2021
Threat actors stole $55 million worth of cryptocurrency from bZx DeFi platform

DeFi platforms are a privileged target for crooks, threat actors have stolen $55 million from bZx DeFi platform. Threat actors have stolen $55 million worth of cryptocurrency from the bZx decentralized finance (DeFi) platform. The decentralized finance (DeFi) platforms allow users to borrow/loan and speculate on cryptocurrency price variations. Attackers obtained two private keys for […]

Pierluigi Paganini November 06, 2021
Philips Tasy EMR healthcare infomatics solution vulnerable to SQL injection

The Philips Tasy EMR comprehensive healthcare informatics solution is affected by two critical SQL injection vulnerabilities. The Philips Tasy EMR is a comprehensive healthcare informatics solution that is used by thousands of hospitals and healthcare infrastructures, mainly in South America. The product is affected by two critical SQL injection vulnerabilities, tracked asĀ CVE-2021-39375Ā andĀ CVE-2021-39376 respectively. Both issues […]

Pierluigi Paganini November 06, 2021
White hat hackers earn over $1 Million at Pwn2Own Austin 2021

The Zero Day Initiativeā€™s Pwn2Own Austin 2021 hacking contest has ended, and participants earned $1,081,250 for 61 zero-day flaws. Trend Micro’sĀ Zero Day Initiativeā€™s Pwn2Own Austin 2021 hacking contest has ended, the participants earned a total of $1,081,250 for 61 zero-day exploits. The participants compromisedĀ NAS devices, mobile phones, printers, routers, and speakersĀ from Canon, Cisco, HP, NETGEAR, […]

Pierluigi Paganini November 05, 2021
US defense contractor Electronic Warfare Associates discloses data breach

US defense contractor Electronic Warfare Associates (EWA) was hit by a cyber attack, threat actors stole personal information from its email system. US defense contractor Electronic Warfare Associates (EWA) has disclosed a data breach after threat actors hacked their email system. The company confirmed that attackers exfiltrated files containing sensitive information. Electronic Warfare Associates providesĀ electronic […]

Pierluigi Paganini November 05, 2021
Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Ukraine’s premier law enforcement and counterintelligence revealed the real identities of five FSB members behind the Gamaredon cyberespionage group. Ukraine’s premier law enforcement and counterintelligence disclosed the real identities of five alleged members of the Russia-linked APT group Gamaredon (aka Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) that are suspected to be components of the […]

Pierluigi Paganini November 05, 2021
npm libraries coaĀ andĀ rc. have been hijacked to deliver password-stealing malware

Two popular npm libraries, coaĀ andĀ rc., have been hijacked, threat actors replaced them with versions laced with password-stealing malware. The security team of theĀ npmĀ JavaScript package warns that two popular npm libraries, coaĀ andĀ rc., have been hijacked, threat actors replaced them versions laced with password-stealing malware. CoaĀ is a command-line argument parser with approximately 9 million weekly downloads, while […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

Hacking / November 10, 2025

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

Hacking / November 09, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

Malware / November 09, 2025

Security Affairs newsletter Round 549 by Pierluigi Paganini ā€“ INTERNATIONAL EDITION

Breaking News / November 09, 2025

China-linked hackers target U.S. non-profit in long-term espionage campaign

APT / November 08, 2025