Pierluigi Paganini
June 28, 2025
Over 1,000 SOHO devices were hacked in a China-linked spying campaign called LapDogs, forming a covert network to support cyber espionage. Security researchers at SecurityScorecard’s STRIKE team have uncovered a cyber espionage campaign, dubbed LapDogs, involving over 1,000 hacked SOHO (small office/home office) devices. These compromised devices formed a hidden network, called an Operational Relay […]
Pierluigi Paganini
June 25, 2025
Hackers spread a trojanized version of SonicWall VPN app to steal login credentials from users accessing corporate networks. Unknown threat actors are distributing a trojanized version of SonicWall NetExtender SSL VPN app to steal user credentials. The legitimate NetExtender app lets remote users securely access and use company network resources as if they were on-site. […]
Pierluigi Paganini
June 25, 2025
Cybersecurity researchers devised two attack techniques to disrupt the operations of cryptocurrency mining botnets. Akamai Researchers uncovered two novel techniques to disrupt cryptocurrency mining botnets by exploiting flaws in common mining topologies. Current methods to stop cryptocurrecy mining botnets are pool bans or infrastructure takedowns, however, both are slow and complex. Researchers developed two faster techniques exploiting […]
Pierluigi Paganini
June 25, 2025
Prometei botnet activity has surged since March 2025, with a new malware variant spreading rapidly, Palo Alto Networks reports. Palo Alto Networks warns of a spike in Prometei botnet activity since March 2025, the researchers observed a new variant spreading rapidly. Since March 2025, Prometei botnet is targeting Linux systems for Monero mining and credential […]
Pierluigi Paganini
June 24, 2025
Russia-linked group APT28 uses Signal chats as an attack vector to phish Ukrainian officials with new malware strains. Russia-linked cyberespionage group APT28 is targeting Ukrainian government officials using Signal chats to deliver two new types of malware, tracked as BeardShell and SlimAgent. While Signal itself remains secure, attackers are exploiting its growing popularity in official […]
Pierluigi Paganini
June 22, 2025
Qilin ransomware gang now offers a “Call Lawyer” feature to help affiliates pressure victims into paying, per Cybereason. The Qilin ransomware group is now offering legal support to its affiliates through a “Call Lawyer” feature to pressure victims into paying. This move, reported by cybersecurity firm Cybereason, shows Qilin stepping up its operations and trying […]
Pierluigi Paganini
June 22, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet Predator Still Active, with New Client and Corporate Links Identified Threat Group Targets Companies in Taiwan Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion Anubis: A […]
Pierluigi Paganini
June 21, 2025
Godfather Android trojan uses virtualization to hijack banking and crypto apps, stealing user funds, warns mobile security firm Zimperium. Zimperium zLabs has uncovered a major evolution of the GodFather Android trojan, which uses on-device virtualization to hijack real banking and crypto apps. Instead of using fake overlays, the malware creates a sandbox on the victim’s […]
Pierluigi Paganini
June 19, 2025
Researchers discovered the largest data breach ever, exposing 16 billion login credentials, likely due to multiple infostealers. Researchers announced the discovery of what appears to be the largest data breach ever recorded, with an astonishing 16 billion login credentials exposed. The ongoing investigation, which began earlier this year, suggests that the credentials were collected through […]
Pierluigi Paganini
June 19, 2025
Java-based malware targets Minecraft users via fake cheat tools, utilizing the Stargazers Ghost Network distribution-as-a-service (DaaS). Check Point researchers found a multi-stage malware on GitHub targeting Minecraft users via Stargazers DaaS, using Java/.NET stealers disguised as cheat tools. Minecraft, one of the world’s most popular games with over 200 million monthly players and 300 million […]
