MUST READ

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

 | 

U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

 | 

Nine arrested in €600M crypto laundering bust across Europe

 | 

Google fixed a critical remote code execution in Android

 | 

SesameOp: New backdoor exploits OpenAI API for covert C2

 | 

Google Big Sleep found five vulnerabilities in Safari

 | 

Jabber Zeus developer ‘MrICQ’ extradited to US from Italy

 | 

Malware

Pierluigi Paganini January 10, 2023
Kinsing malware targets Kubernetes environments via misconfigured PostgreSQL

Kinsing cryptojacking operators are exploiting misconfigured and exposed PostgreSQL servers to access Kubernetes environments. Researchers at Microsoft Defender for Cloud observed threat actors behind the Kinsing cryptojacking operation using two methods to gain initial access in Kubernetes environments: exploitation of weakly configured PostgreSQL containers and exploiting vulnerable images. The crypto-miner Kinsing was first spotted by security firm […]

Pierluigi Paganini January 09, 2023
inSicurezzaDigitale launches the Dashboard Ransomware Monitor

The cybersecurity blog inSicurezzaDigitale has launched the Italian Dashboard Ransomware Monitor to analyze the principal RaaSs’ activities. Here it comes, inSicurezzaDigitale announced the Dashboard Ransomware Monitor, it is the second project after the recent presentation of the project Mastodon. The Dashboard is very easy to use and it is available via this link: ransom.insicurezzadigitale.com The […]

Pierluigi Paganini January 08, 2023
Dridex targets MacOS users with a new delivery technique

Experts warn of a new variant of the Dridex banking malware that is targeting systems using the macOS operating system. Trend Micro experts discovered a new variant of the Dridex banking malware that targets the MacOS platform and that used a new technique to deliver documents embedded with malicious macros. The Dridex banking Trojan that has been […]

Pierluigi Paganini January 07, 2023
IcedID malware campaign targets Zoom users

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. IcedID banking trojan first appeared in the threat landscape in 2017, […]

Pierluigi Paganini January 07, 2023
Hive Ransomware gang leaked 550 GB stolen from Consulate Health Care

The Hive ransomware gang just leaked 550 GB of data stolen from the Consulate Health Care, including customer and employee PII data. Consulate Health Care is a leading provider of senior healthcare services, specializing in post-acute care. The Hive ransomware gang this week added the company to its Tor leak site, threatening to publish the stolen […]

Pierluigi Paganini January 06, 2023
Saint Gheorghe Recovery Hospital in Romania suffered a ransomware attack

The Saint Gheorghe Recovery Hospital in Romania suffered a ransomware attack in December that is still impacting medical activity. The Saint Gheorghe Recovery Hospital in Botoşani, in northeastern Romania, was hit by a ransomware attack in December that is still impacting medical operations. The hospital is not able to report the services performed in December […]

Pierluigi Paganini January 06, 2023
Microsoft details techniques of Mac ransomware

Microsoft warns of different ransomware families (KeRanger, FileCoder, MacRansom, and EvilQuest) targeting Apple macOS systems. Microsoft Security Threat Intelligence team warns of four different ransomware families (KeRanger, FileCoder, MacRansom, and EvilQuest) that impact Apple macOS systems. The initial vector in attacks involving Mac ransomware typically relies on user-assisted methods, such as downloading and running fake […]

Pierluigi Paganini January 06, 2023
Bitdefender released a free decryptor for the MegaCortex ransomware

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware, which can allow victims of the group to restore their data for free. The MegaCortex ransomware first appeared on the threat landscape in May 2019 when […]

Pierluigi Paganini January 04, 2023
New shc Linux Malware used to deploy CoinMiner

Researchers discovered a new Linux malware developed with the shell script compiler (shc) that was used to deliver a cryptocurrency miner. The ASEC analysis team recently discovered that a Linux malware developed with shell script compiler (shc) that threat actors used to install a CoinMiner. The experts believe attackers initially compromised targeted devices through a […]

Pierluigi Paganini January 04, 2023
US. rail and locomotive company Wabtec hit with Lockbit ransomware

US. rail and locomotive company Wabtec Corporation disclosed a data breach after it was hit with Lockbit ransomware attack. Wabtec Corporation is an American company formed by the merger of the Westinghouse Air Brake Company (WABCO) and MotivePower Industries Corporation in 1999. It manufactures products for locomotives, freight cars and passenger transit vehicles, and builds new locomotives up to 6,000 horsepower. The company employs […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

Hacking / November 10, 2025

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

Hacking / November 09, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

Malware / November 09, 2025

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / November 09, 2025

China-linked hackers target U.S. non-profit in long-term espionage campaign

APT / November 08, 2025