Pierluigi Paganini
November 11, 2025
Hackers exploited Triofox flaw CVE-2025-12480 to bypass auth and install remote access tools via the platform’s antivirus feature. Google’s Mandiant researchers spotted threat actors exploiting a now-patched Triofox flaw, tracked as CVE-2025-12480 (CVSS score of 9.1) that allows them to bypass authentication to upload and run remote access tools via the platform’s antivirus feature. Mandiant […]
Pierluigi Paganini
November 10, 2025
GlassWorm malware resurfaces in Open VSX and GitHub, infecting VS Code extensions weeks after its removal from the official marketplace. GlassWorm malware has resurfaced on the Open VSX registry and newly appeared in GitHub repositories, infecting three more VS Code extensions just weeks after its removal from the official marketplace, Koi Security researchers warn. In […]
Pierluigi Paganini
November 10, 2025
Denmark and Norway probe a security flaw in Chinese-made Yutong buses, deepening European fears over reliance on Chinese tech and potential cyber risks. Bus operators in Denmark and Norway are urgently probing a security vulnerability in Chinese-made Yutong electric buses, raising concerns about Western dependence on Chinese technology. The issue highlights growing European fears that […]
Pierluigi Paganini
November 10, 2025
QNAP patched seven zero-days used at Pwn2Own 2025 affecting QTS, QuTS hero, Hyper Data Protector, Malware Remover, and HBS 3. Taiwanese vendor QNAP patched seven zero-day vulnerabilities exploited at Pwn2Own Ireland 2025. The flaws affected QTS, QuTS hero, Hyper Data Protector, Malware Remover, and HBS 3 Hybrid Backup Sync. The vulnerabilities addressed by the company […]
Pierluigi Paganini
November 09, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. China-linked hackers target U.S. non-profit in long-term espionage campaign A new Italian citizen was targeted with […]
Pierluigi Paganini
November 08, 2025
A China-linked group targeted a U.S. non-profit to gain long-term access, part of wider attacks on U.S. entities tied to policy matters. China-linked hackers breached a U.S. policy-focused nonprofit in April 2025, maintaining weeks of access. They used DLL sideloading via vetysafe.exe, a tactic used by other Chinese APT groups like Space Pirates, Kelp, and […]
Pierluigi Paganini
November 08, 2025
An Italian political adviser was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity. Italian political adviser Francesco Nicodemo said he was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity. Graphite is an invasive, non-auditable spyware that covertly accesses sensitive phone data; […]
Pierluigi Paganini
November 07, 2025
A now-patched Samsung Galaxy flaw, tracked as CVE-2025-21042, was exploited as a zero-day to deploy LANDFALL spyware in targeted attacks in Middle East. Samsung patched a flaw exploited as a zero-day, tracked as CVE-2025-21042 (CVSS score of 8.8), to deploy LANDFALL spyware on Galaxy devices in Middle East attacks. “Unit 42 researchers have uncovered a […]
Pierluigi Paganini
November 07, 2025
Cisco patched a critical flaw in its Unified Contact Center Express (UCCX) software that allowed attackers to execute commands with root privileges. Cisco released security updates to address a critical vulnerability, tracked as CVE-2025-20354 (CVSS score 9.8), in the Unified Contact Center Express (UCCX) software. An attacker can exploit the flaw to execute commands with root […]
Pierluigi Paganini
November 06, 2025
Cisco warns of a new attack variant exploiting CVE-2025-20333 and CVE-2025-20362 in Secure Firewall ASA and FTD devices. Cisco warned of a new attack variant targeting vulnerable Secure Firewall ASA and FTD devices by exploiting the vulnerabilities CVE-2025-20333 and CVE-2025-20362. “On November 5, 2025, Cisco became aware of a new attack variant against devices running […]
