MUST READ

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

 | 

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

 | 

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

 | 

U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

 | 

Nine arrested in €600M crypto laundering bust across Europe

 | 

Google fixed a critical remote code execution in Android

 | 

SesameOp: New backdoor exploits OpenAI API for covert C2

 | 

Hacking

Pierluigi Paganini March 05, 2019
Hundreds of Docker Hosts compromised in cryptojacking campaigns

Poorly protected Docker hosts exposed online continue to be a privileged target of crooks that abuse their computational resources in cryptojacking campaigns. Security experts have recently discovered hundreds of exposed Docker hosts that have been compromised by hackers exploiting the CVE-2019-5736 runc vulnerability in February. The flaw was discovered by the security researchers Adam Iwaniuk […]

Pierluigi Paganini March 04, 2019
Annual RSA Conference Exclusive 2019 Edition of Cyber Defense Magazine is arrived

We’re honored to bring you our 7th Annual edition of Cyber Defense Magazine (CDM), exclusively in print at the RSA Conference (RSAC) 2019. Cyber Defense eMagazine – Annual RSA Conference 2019 Edition. Sponsored by: Regent University’s Institute for Cybersecurity Setting the Standard in Cyber Training & Education and by the RSA Conference 2019 Team! RSA […]

Pierluigi Paganini March 04, 2019
Google Project Zero discloses zero-day in Apple macOS Kernel

Cybersecurity expert at Google Project Zero has publicly disclosed details and proof-of-concept exploit for a high-severity security vulnerability in macOS operating system. Google Project Zero white hat hacker Jann Horn disclosed the flaw according to the 90-days disclosure policy of the company because Apple failed to address the issue within 90 days of being notified. […]

Pierluigi Paganini March 04, 2019
German police storing bodycam footage on Amazon servers

Privacy advocates and cyber security experts raised concerns on the choice of German police to store bodycam footage, which may be used as evidence, on Amazon servers. The choice of the German police of storing bodycam footage on Amazon cloud storage has raised privacy and security concerns. The news was first reported by the Neue […]

Pierluigi Paganini March 04, 2019
Experts collect more evidence that link Op ‘Sharpshooter’ to North Korea

Security researchers at McAfee have linked the Op. Sharpshooter with the North Korea-linked Lazarus APT group after analyzing code from a command and control (C2) server. Security experts at McAfee analyzed the code of a C2 server involved in the cyber espionage campaign tracked as Op. Sharpshooter and linked it with the North Korea-linked APT […]

Pierluigi Paganini March 04, 2019
Threat actors using FrameworkPOS malware in POS attacks

Security experts at Morphisec observed a wave of attacks against point-of-sale (PoS) thin clients using card data scraping malware and the Cobalt Strike beacon. Over the past 8-10 weeks, security experts at Morphisec observed multiple sophisticated attacks targeting PoS thin clients worldwide.  Most of the indicators collected by the experts point to the FIN6 hacking […]

Pierluigi Paganini March 03, 2019
The Wireshark Foundation released Wireshark 3.0.0

The Wireshark Foundation released Wireshark 3.0.0, the latest release of the popular open-source packet analyzer. The Wireshark Foundation announced the release of Wireshark 3.0.0, the latest release of the popular open-source packet analyzer. The new version addresses several bugs and introduces tens of new features, it also improved existing features. The most important changes is […]

Pierluigi Paganini March 03, 2019
A Cobalt Strike flaw exposed attackers’ infrastructure

According to security experts at Fox-IT, a recently addressed flaw in the Cobalt Strike penetration testing platform could be exploited to identify attacker servers. Security experts at Fox-IT discovered that a recently addressed vulnerability in the Cobalt Strike penetration testing platform could be exploited to identify attacker servers. The vulnerability was addressed in Cobalt Strike […]

Pierluigi Paganini March 03, 2019
The operator of DDoS-for-hire service pleads guilty

Sergiy P. Usatyuk (20), from Orland Park, Illinois pleaded guilty for owning, administrating, and supporting an illegal DDo-for-hire service. According to the U.S. Department of Justice, the booting service operated by Sergiy P. Usatyuk (20) was used to carry out millions of distributed denial of service attacks. Usatyuk developed and operated other DDoS-for-hire services with […]

Pierluigi Paganini March 02, 2019
[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

SI-LAB captured a piece of the FlawedAmmyy malware that leverages undetected XLM macros as an Infection Vehicle to compromise user’s devices. In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0 macro, also known as XLM macro, and used to download and execute a final […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

Uncategorized / November 10, 2025

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

Malware / November 10, 2025

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

Hacking / November 10, 2025

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

Hacking / November 09, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

Malware / November 09, 2025