MUST READ

Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days

 | 

Google sues cybercriminal group Smishing Triad

 | 

New Danabot Windows version appears in the threat landscape after May disruption

 | 

Australia’s spy chief warns of China-linked threats to critical infrastructure

 | 

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

 | 

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

 | 

Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug

 | 

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

 | 

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

 | 

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

 | 

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Triofox bug exploited to run malicious payloads via AV configuration

 | 

GlassWorm malware has resurfaced on the Open VSX registry

 | 

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

 | 

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

 | 

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

 | 

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Security

Pierluigi Paganini May 11, 2018
Tech giant Telstra warns cloud customers they’re at risk of hack due to a SNAFU

On May 4th Tech giant Telstra discovered a vulnerability in its service that could potentially expose customers of its cloud who run self-managed resources. Telstra is a leading provider of mobile phones, mobile devices, home phones and broadband internet. On May 4th, the company has discovered a vulnerability in its service that could potentially expose […]

Pierluigi Paganini May 10, 2018
Lenovo releases updates to fix Secure Boot flaw in servers and other issues

Lenovo has released security patches that address the High severity vulnerability CVE-2017-3775 in the Secure Boot function on some System x servers. The standard operator configurations disable signature checking, this means that some Server x BIOS/UEFI versions do not properly authenticate signed code before booting it. “Lenovo internal testing discovered some System x server BIOS/UEFI versions that, […]

Pierluigi Paganini May 10, 2018
Misinterpretation of Intel docs is the root cause for the CVE-2018-8897 flaw in Hypervisors and OSs

Developers of major operating systems and hypervisors misread documentation from Intel and introduced a the CVE-2018-8897 vulnerability into to their products. The development communities of major operating systems and hypervisors misread documentation from Intel and introduced a potentially serious vulnerability to their products. The CERT/CC speculates the root cause of the flaw is the developers […]

Pierluigi Paganini May 09, 2018
Signal disappearing messages can be recovered by the macOS client

The macOS client for the Signal fails to properly delete disappearing messages from the recipient’s system, potentially exposing sensitive messages. Signal is considered the most secure instant messaging app, searching for it on the Internet it is possible to read the Edward Snowden’ testimony: “Use anything by Open Whisper Systems” Snowden says. The Cryptographer and Professor at Johns […]

Pierluigi Paganini May 09, 2018
May 2018 Android Security Bulletin includes additional Meltdown fix

Google releases additional Meltdown mitigations for Android as part of the May 2018 Android Security Bulletin. The tech giant also addresses flaws in NVIDIA and Qualcomm components. Both Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive data. The Meltdown attack (CVE-2017-5754 vulnerability) could allow attackers to read the entire physical memory of the […]

Pierluigi Paganini May 09, 2018
Are you using Python module ‘SSH Decorator’? Newer versions include a backdoor

A backdoor was discovered in the Python module named SSH Decorator (ssh-decorate), that was developed by Israeli developer Uri Goren. Are you using the Python module ‘SSH Decorator’? You need to check the version number, because newer versions include a backdoor. The library was developed to handle SSH connections from Python code. Early this week, a developer […]

Pierluigi Paganini May 09, 2018
Adobe fixed a Critical Code Execution issue in Flash Player

Adobe has released security updates to address several vulnerabilities in its products, including Flash Player, Creative Cloud and Connect products. The security updates also address a Critical Code Execution vulnerability in Flash Player tracked as CVE-2018-4944. The flaw is a critical type confusion that could be exploited to execute arbitrary code, the good news is that Adobe […]

Pierluigi Paganini May 09, 2018
May 2018 Patch Tuesday: Microsoft fixes 2 zero-day flaws reportedly exploited by APT group

Microsoft has released the May 2018 Patch Tuesday that addresses more than 60 vulnerabilities, including two Windows zero-day flaws that can be exploited for remote code execution and privilege escalation. Microsoft May 2018 Patch Tuesday includes security patches for 67 vulnerabilities, including two zero-days that have already been exploited in the wild by threat actors. The […]

Pierluigi Paganini May 07, 2018
Chrome freezes PC running Windows OS after Windows 10 April update

Some Chrome users are reporting freezes and timeouts after the installation of the Windows 10 April Update, let’s see what has happened After the installation of  Windows 10 April Update I observed continuous freezes while using the Chrome browser with one of my PCs, in some cases, I was not able to reach the websites […]

Pierluigi Paganini May 06, 2018
Google announces the open-source Asylo framework for confidential computing

Last week, Google announced the release of an open-source framework and an SDK dubbed ‘Asylo’ that allows developers to build applications targeting trusted execution environments. The Asylo framework makes it easy to protect the confidentiality and integrity of applications and data in an isolated, confidential computing environment. The framework leverages trusted execution environments (TEEs) that implements specialized execution […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days

Hacking / November 13, 2025

Google sues cybercriminal group Smishing Triad

Cyber Crime / November 12, 2025

New Danabot Windows version appears in the threat landscape after May disruption

Malware / November 12, 2025

Australia’s spy chief warns of China-linked threats to critical infrastructure

Intelligence / November 12, 2025

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

Security / November 12, 2025