Pierluigi Paganini
June 20, 2025
A cyberattack pushed the German napkin firm Fasana into insolvency, likely worsening existing financial troubles and serving as the final blow. German napkin maker Fasana filed for insolvency after a major cyberattack on May 19 paralyzed its systems, halting over €250K in orders the next day. The napkin factory is located in Stotzheim, Germany, and […]
Pierluigi Paganini
June 19, 2025
China-linked APT Salt Typhoon has reportedly targeted satellite firm Viasat, the group has breached multiple telecom providers in the past. China-linked APT group Salt Typhoon hacked the satellite communications firm Viasat, the cyber-espionage group has previously breached the networks of multiple other telecom providers in the United States and globally. Viasat is a global communications […]
Pierluigi Paganini
June 19, 2025
Iran experienced a near-total internet blackout on Wednesday as tensions with Israel escalated into the first week of conflict. Global internet monitor NetBlocks reported almost near-total Internet disruptions in Iran as tensions with Israel escalated into the first week of conflict. However, the exact cause behind the collapse of Iran’s internet remains unclear. While the […]
Pierluigi Paganini
June 18, 2025
Data breach at Healthcare services company Episource exposes personal and health data of over 5.4 million people in major cyberattack. A cyberattack on healthcare firm Episource led to a data breach exposing personal and health data of over 5.4 million individuals. Episource is a U.S.-based healthcare services and technology company that provides risk adjustment services, […]
Pierluigi Paganini
June 18, 2025
Veeam addressed a new critical flaw in Backup & Replication product that could potentially result in remote code execution. Veeam has rolled out security patches to address a critical security vulnerability, tracked CVE-2025-23121 (CVSS score of 9.9) in its Backup & Replication solution that can allow remote attackers to execute arbitrary code under certain conditions. […]
Pierluigi Paganini
June 18, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium V8 Out-of-Bounds Read and Write Vulnerability, tracked as CVE-2023-0386, to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership vulnerability in the Linux kernel that […]
Pierluigi Paganini
June 17, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: Last week, Apple confirmed that the now-patched […]
Pierluigi Paganini
June 17, 2025
State-sponsored hackers compromised the email accounts of several journalists working at the Washington Post. A cyberattack, likely carried out by state-sponsored hackers, compromised the Microsoft email accounts of Washington Post journalists, including reporters covering China and national security. “A cyberattack on the Washington Post compromised email accounts of several journalists and was potentially the work […]
Pierluigi Paganini
June 16, 2025
Insik Group analyzed the new Predator spyware infrastructure and discovered it’s still gaining users despite U.S. sanctions since July 2023. Despite earlier declines in activity due to U.S. sanctions and public exposure, Predator spyware has resurged. Insikt Group analyzed a renewed infrastructure linked to the commercial spyware company and identified a new customer in Mozambique, […]
Pierluigi Paganini
June 15, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Supply chain attack hits Gluestack NPM packages with 960K weekly downloads Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 Destructive npm Packages Disguised as Utilities Enable Remote System Wipe AMOS Variant Distributed […]
