MUST READ

Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

 | 

Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ohio’s Union County suffers ransomware attack impacting 45,000 people

 | 

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

 | 

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

Hacking

Pierluigi Paganini April 12, 2018
CVE-2018-0950 flaw in Microsoft Outlook could be exploited to steal Windows Passwords

An 18-month-old CVE-2018-0950 vulnerability in Microsoft Outlook could be exploited by hackers to steal the Windows Password. Almost 18 months ago, the security researcher Will Dormann of the CERT Coordination Center (CERT/CC) has found a severe vulnerability in Microsoft Outlook (CVE-2018-0950), time is passed but Microsoft partially addressed it with the last Patch Tuesday updates. […]

Pierluigi Paganini April 12, 2018
Researchers discovered several flaws that expose electrical substations to hack

The ICS-CERT and Siemens published are warning organizations of security flaws in Siemens devices (SIPROTEC 4, SIPROTEC Compact, and Reyrolle devices) that could be exploited by hackers to target electrical substations. “Successful exploitation of these vulnerabilities could allow an attacker to upload a modified device configuration that could overwrite access authorization passwords, or allow an […]

Pierluigi Paganini April 11, 2018
Microsoft April Patch Tuesday – Update your system now to avoid being hacked by visiting a site

  Microsoft has released April Patch Tuesday security updates that address 66 vulnerabilities, five of them could be exploited by an attacker to compromise a PC by just tricking the victims into visiting a website or opening a specifically crafted file. Hackers can compromise your computer just visiting a malicious website or clicking a malicious link. […]

Pierluigi Paganini April 10, 2018
Top VEVO Music videos Including ‘Despacito’ defaced by hackers

Some of the most popular music VEVO videos on YouTube, including the world’s most popular video ‘Despacito’ has been hacked by a duo calling themselves Prosox and Kuroi’SH. Some of the most popular music videos on YouTube, including the world’s most popular YouTube video ‘Despacito’ has been hacked. Popular videos of  pop stars like Shakira, Drake, Selena Gomez, […]

Pierluigi Paganini April 10, 2018
SirenJack flaw in Emergency Alert Systems could be exploited to trigger false alarms

“SirenJack is a vulnerability found in ATI Systems’ emergency alert systems that can be exploited via radio frequencies (RF) to activate sirens and trigger false alarms.” Security experts at Bastille have devised a new technique, dubbed SirenJack to remotely hack emergency warning systems. Emergency warning systems are used worldwide to alert the public of emergency situations […]

Pierluigi Paganini April 10, 2018
Public services at the Caribbean island Sint Maarten shut down by a cyber attack

A cyber attack shut down the entire government infrastructure of the Caribbean island Sint Maarten. public services were interrupted. A massive cyber attack took offline the entire government infrastructure of the Caribbean island Sint Maarten. it is a constituent country of the Kingdom of the Netherlands. Government building remained closed after the attack. “The Ministry of General Affairs hereby informs […]

Pierluigi Paganini April 10, 2018
Booby-trapped Office docs build with ThreadKit trigger CVE-2018-4878 flaw

Microsoft Office documents created with the exploit builder kit dubbed ThreadKit now include the code for CVE-2018-4878 flaw exploitation. At the end of March, security experts at Proofpoint discovered a Microsoft Office document exploit builder kit dubbed ThreadKit that has been used to spread a variety of malware, including banking Trojans and RATs (i.e. Trickbot, Chthonic, FormBook and Loki Bot). […]

Pierluigi Paganini April 10, 2018
Linux open source utility Beep is affected by several vulnerabilitues

Researchers have discovered several vulnerabilities in the Linux command line tool Beep, some experts suggest to remove the utility from distros. An unnamed security researcher has found several vulnerabilities in the Linux command line tool Beep, including a severe flaw introduced by a patch for a privilege escalation vulnerability. Beep is a small open source utility […]

Pierluigi Paganini April 09, 2018
Sodexo Filmology data breach – Users need cancel their credit cards

Sodexo food services and facilities management company notified a number of customers that it was the victim of a targeted attack on its cinema vouchers platform Sodexo Filmology. Sodexo food services and facilities management company notified a number of customers that it was the victim of a targeted attack on its cinema vouchers platform, Filmology […]

Pierluigi Paganini April 09, 2018
Verge Cryptocurrency suffered a cyber attack, dev team responded with an Hard Fork

The verge (XVG) currency schema was attacked last week, the hacker reportedly making off with $1 million-worth of tokens. The dev team responded with an Hard Fork. Ripple (XRP) and Verge (XVG) are two cryptocurrencies that attracted many investors in the last months. Last week attackers hackers the Verge cryptocurrency system by exploiting a vulnerability in […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

Security / September 28, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

Malware / September 28, 2025

Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / September 28, 2025

Ohio’s Union County suffers ransomware attack impacting 45,000 people

Uncategorized / September 27, 2025

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

Hacking / September 27, 2025