MUST READ

Critical Triofox bug exploited to run malicious payloads via AV configuration

 | 

GlassWorm malware has resurfaced on the Open VSX registry

 | 

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

 | 

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

 | 

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

 | 

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

 | 

U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacking

Pierluigi Paganini January 04, 2019
Hackers leak data on hundreds of German Politicians, including Chancellor Merkel

German politicians were impacted by a massive data leak that exposed their personal data online, German Chancellor Angela Merkel was affected too. Data belonging to hundreds of German politicians, including Chancellor Angela Merkel, were exposed online due to a massive leak that is the biggest data dump of its kind in the country. According to […]

Pierluigi Paganini January 04, 2019
Town of Salem RP Game hacked, more than 7.6M Players affected

BlankMediaGames disclosed a data breach that affects millions of players of the popular role-playing game Town of Salem. The BlankMediaGames suffered a data breach that impacted more than 7.6 million players of the browser-based role-playing game Town of Salem Exposed data includes usernames, emails, passwords, IP addresses, game and forum activity. The bad news for […]

Pierluigi Paganini January 03, 2019
Hackers defaced Dublin Luas website and demand ransom

The website of the tram system in Dublin, the Luas, was hacked on Thursday, attackers claim to have the access to information stored on the organization’s systems. Attackers defaced the website of the Luas, the home page displayed a message demanding the payment of 1 bitcoin. The hackers asked the payment within 5 days threatening to “publish all data and send emails […]

Pierluigi Paganini January 03, 2019
After 3 years, Google partially fixes a bug in Android Google Chrome

Three years after its disclosure, Google has patched an information disclosure flaw in the Android version of the popular Chrome web browser. The issue exposes devices information, including device model and firmware version, an attacker could exploit this info to remotely identify unpatched devices and target them. The flaw ties the way the Android version […]

Pierluigi Paganini January 03, 2019
New unCaptcha automated system bypasses Google reCAPTCHA once again

The unCaptcha automated system can once again bypass Google’s reCAPTCHA challenges, despite major updates to the security service. It has happened again, the unCaptcha automated system is able to bypass the Google reCAPTCHA mechanism even if it was improved over the years. The unCaptcha system was created in 2017 to bypass the reCAPTCHA mechanism used to protect websites […]

Pierluigi Paganini January 02, 2019
Cloud Hosting Provider DataResolution.net hit by the Ryuk ransomware

The Cloud hosting provider Dataresolution.net was hit by a ransomware-based attack on Christmas Eve that took down its systems. Data Resolution LLC provides software hosting, business continuity systems, cloud computing, and data center services to more serves than 30,000 businesses worldwide, The news was first reported by the popular investigator Brian Krebs on KrebsOnSecurity, the company believe […]

Pierluigi Paganini January 02, 2019
Hackers stole $750,000 worth Bitcoin from Electrum wallets

The latest attack of 2018 against cryptocurrency wallets and organizations in the cryptocurrency industry hit the popular Electrum wallets. Hackers hit Electrum Bitcoin wallet and stole over 200 bitcoin, more than $750,000. The attack started on December 21th, 2018, and hackers leveraged a critical vulnerability that was addressed in early 2018. The vulnerability could be […]

Pierluigi Paganini January 01, 2019
Experts show that is easy to hack Hardware-based Cryptocurrency Wallets

A team of researchers demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks. During the 35c3 conference held in Leipzig, Germany, the researchers Dmitry Nedospasov, Thomas Roth, ad Josh Datko demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks. The group of researchers presented called “wattet.fail” firmware, […]

Pierluigi Paganini December 31, 2018
SandboxEscaper released PoC code for a new Windows zero-day

Security expert SandboxEscaper published a proof-of-concept (PoC) code for a new Windows zero-day, it is the fourth she released this year. The proof-of-concept (PoC) code published by SandboxEscaper overwrites ‘pci.sys’ with information about software and hardware problems, collected through the Windows Error Reporting (WER) event-based feedback infrastructure. SandboxEscaper initially announced the release of the PoC code […]

Pierluigi Paganini December 31, 2018
Malware-based attack hit delivery chain of the major US newspapers

The LA Times revealed that a malware-based attack hits the delivery chain of the major US newspapers delaying the hardcopy distribution. A malware-based attack originated outside the US hit US major US newspapers delaying their hardcopy distribution. According to the LA Times, the attack was carried out on Saturday, it hita computer network at Tribune […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Critical Triofox bug exploited to run malicious payloads via AV configuration

Hacking / November 11, 2025

GlassWorm malware has resurfaced on the Open VSX registry

Malware / November 10, 2025

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

Security / November 10, 2025

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

Uncategorized / November 10, 2025

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

Malware / November 10, 2025