MUST READ

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

 | 

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

 | 

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

 | 

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Triofox bug exploited to run malicious payloads via AV configuration

 | 

GlassWorm malware has resurfaced on the Open VSX registry

 | 

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

 | 

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

 | 

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

 | 

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

Hacking

Pierluigi Paganini April 20, 2017
Vulnerabilities in Linksys routers allow attackers to hijack dozens of models

Cyber security experts disclosed the existence of 10 unpatched security flaws in dozens of Linksys routers widely used today. The IOActive senior security consultant Tao Sauvage and the independent security researcher Antide Petit have reported more than a dozen of unpatched security vulnerabilities affecting 25 different Linksys Smart Wi-Fi Routers models. The security duo published […]

Pierluigi Paganini April 20, 2017
Exfiltrating data from laptop and smartphones via ambient light sensors

A security researcher presented a method to exfiltrate sensitive data from a laptop or a smartphone through built-in ambient light sensors. The security expert Lukasz Olejnik discovered that it is possible to steal sensitive data exploiting the ambient light sensors built-in many smartphones and laptops. The ambient light sensors are installed on electronic devices to […]

Pierluigi Paganini April 20, 2017
Symantec is monitoring the Hajime IoT malware, is it the work of vigilante hacker?

Symantec observed the Hajime IoT malware leaving a message on the devices it infects, is it the work of a cyber vigilante? The Mirai botnet is the most popular thingbot, it is targeting poorly configured and flawed ‘Internet of Things’ devices since August 2016, when the threat was first discovered by the researcher MalwareMustDie. Many other bots threaten […]

Pierluigi Paganini April 19, 2017
Oracle patch update for April 2017 also fixed Struts and Shadow Brokers exploits

Oracle patch update for April 2017 fixed a record number of vulnerabilities, including Apache Struts and Shadow Brokers exploits. Oracle has released security updates to fix flaws in its product, including Apache Struts and a Solaris exploit included in a dump leaked by the Shadow Brokers hackers and containing NSA documents and hacking tools. The Oracle patch update […]

Pierluigi Paganini April 19, 2017
Critical vulnerability in Drupal References Module opens 120,000 Sites to hack

A critical vulnerability affects the Drupal References module that is used by hundreds of thousands of websites using the popular CMS. The Drupal security team has discovered a critical vulnerability in a third-party module named References. The Drupal team published a Security advisory on April 12 informing its users of the critical flaw. The flaw has a huge impact on […]

Pierluigi Paganini April 19, 2017
Homograph Phishing Attacks are almost impossible to detect on major browsers

The Chinese security Xudong Zheng is warning of Homograph Phishing Attacks are “almost impossible to detect” also to experts. The Chinese security researcher Xudong Zheng has devised a phishing technique that is “almost impossible to detect.” Hackers can exploit a known vulnerability in the popular web browsers Chrome, Firefox and Opera to display to the […]

Pierluigi Paganini April 18, 2017
Moving threat landscape: The reality beyond the cyberwarfare

It started quietly as a probability not a reality. Now within months cyberwarfare has become a reality plausible as the air we breathe. The revelation of governments hacking units has brought light for a new domain of conflict: Cyberwarfare. Once a secret these government agencies were public revealed like the Equation Group as well as […]

Pierluigi Paganini April 17, 2017
Windows attacks via CVE-2017-0199 – Practical exploitation! (PoC)

The Security expert David Routin (@Rewt_1) has detailed a step by step procedure to exploit the recently patched cve-2017-0199 vulnerability exploited in Windows attacks in the wild. Introduction Since several days the security community has been informed thanks to FireEye publication of different malware campaigns (Dridex…) leveraging the CVE-2017-0199. Several other publications were related to this vulnerability but […]

Pierluigi Paganini April 17, 2017
The failure of the missile launch by North Korea may have been caused by US cyber attack

The failure of the missile launch made the North Korea may have been thwarted by a cyber attack powered by the US Cyber Command. The crisis between the US and North Korea is increasing, Donald Trump warns his military may ‘have no choice’ to strike the rogue state. According to The Sun, US cyber soldiers may have […]

Pierluigi Paganini April 16, 2017
Callisto APT Group exploited Hacking Team surveillance tools to hack Government targets

The Callisto APT Group borrowed the source code leaked by hackers that broke into Hacking Team network. According to F-Secure Labs, The Callisto APT Group used the HackingTeam leaked surveillance software to gather intelligence on foreign and security policy in eastern Europe and the South Caucasus. The Callisto APT group targeted government officials, military personnel, journalists and think tanks since […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

Security / November 11, 2025

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

Malware / November 11, 2025

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

Intelligence / November 11, 2025

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

Hacking / November 11, 2025

Critical Triofox bug exploited to run malicious payloads via AV configuration

Hacking / November 11, 2025