MUST READ

A cyberattack on Collins Aerospace disrupted operations at major European airports

 | 

Fortra addressed a maximum severity flaw in GoAnywhere MFT software

 | 

UK police arrested two teen Scattered Spider members linked to the 2024 attack on Transport for London

 | 

ShadowLeak: Radware Uncovers Zero-Click Attack on ChatGPT

 | 

SonicWall warns customers to reset credentials after MySonicWall backups were exposed

 | 

CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025

 | 

Jaguar Land Rover will extend its production halt into a third week following a cyberattack

 | 

China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy

 | 

Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service

 | 

DoJ resentenced former BreachForums admin to three years in prison

 | 

Apple backports fix for actively exploited CVE-2025-43300

 | 

New supply chain attack hits npm registry, compromising 40+ packages

 | 

Cybercrime group accessed Google Law Enforcement Request System (LERS)

 | 

China-linked Mustang Panda deploys advanced SnakeDisk USB worm

 | 

Insider breach at FinWise Bank exposes data of 689,000 AFF customers

 | 

Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

 | 

Fairmont Federal Credit Union 2023 data breach impacted 187K people

 | 

UK ICO finds students behind majority of school data breaches

 | 

INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

 | 

Security

Pierluigi Paganini February 07, 2025
Hospital Sisters Health System impacted 882,782 individuals

The cyberattack on Hospital Sisters Health System in 2023 compromised the personal information of 883,000 individuals. The cyberattack that hit the infrastructure of the Hospital Sisters Health System (HSHS) in August 2023 impacted the personal information of 882,782 individuals. The systems at the hospital were brought down by the attack starting on August 27, 2023, […]

Pierluigi Paganini February 07, 2025
Attackers used a public ASP.NET machine to conduct ViewState code injection attacks

Microsoft researchers warn that threat actors are delivering the Godzilla framework using a static ASP.NET machine. In December 2024, Microsoft Threat Intelligence researchers spotted a threat actor using a public ASP.NET machine key to deploy Godzilla malware, exploiting insecure key usage in code. Microsoft has since found over 3,000 public keys that could be used […]

Pierluigi Paganini February 06, 2025
U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The vulnerability CVE-2024-21413 (CVSS score of 9.8) is a Remote Code Execution flaw in Microsoft Outlook. […]

Pierluigi Paganini February 06, 2025
Cisco addressed two critical flaws in its Identity Services Engine (ISE)

Cisco addressed critical flaws in Identity Services Engine, preventing privilege escalation and system configuration changes. Cisco addressed multiple vulnerabilities, including two critical remote code execution flaws, tracked as CVE-2025-20124 (CVSS score of 9.9) and CVE-2025-20125 (CVSS score of 9.1), in Identity Services Engine (ISE). A remote attacker authenticated with read-only administrative privileges could exploit the […]

Pierluigi Paganini February 06, 2025
Lazarus APT targets crypto wallets using cross-platform JavaScript stealer

The North Korea-linked APT group Lazarus uses a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Bitdefender researchers reported that the North Korea-linked Lazarus group uses fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Scammers lure […]

Pierluigi Paganini February 05, 2025
U.S. CISA adds Linux kernel flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Linux kernel vulnerability, tracked as CVE-2024-53104, to its Known Exploited Vulnerabilities (KEV) catalog. The February 2025 Android security updates addressed 48 vulnerabilities, the zero-day flaw CVE-2024-53104 which is actively exploited in attacks […]

Pierluigi Paganini February 05, 2025
U.S. CISA adds Microsoft .NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft .NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: In September 2024, Apache fixed a high-severity vulnerability, tracked as CVE-2024-45195 (CVSS score: 7.5) […]

Pierluigi Paganini February 05, 2025
SparkCat campaign target crypto wallets using OCR to steal recovery phrases

In late 2024, Kaspersky experts discovered a malicious campaign, called SparkCat, spreading malware to target crypto wallets. In March 2023, ESET found malware in modified versions of messengers using OCR to scan the victim’s gallery for images with recovery phrases to restore access to crypto wallets. In late 2024, Kaspersky discovered a new malicious campaign, […]

Pierluigi Paganini February 04, 2025
Netgear urges users to upgrade two flaws impacting WiFi router models

Netgear disclosed two critical flaws impacting multiple WiFi router models and urges customers to address them. Netgear addressed two critical vulnerabilities, internally tracked as PSV-2023-0039 and PSV-2021-0117, impacting multiple WiFi router models and urged customers to install the latest firmware. The two flaws are, respectively, a remote code execution issue and an authentication bypass vulnerability. […]

Pierluigi Paganini February 04, 2025
AMD fixed a flaw that allowed to load malicious microcode

AMD released security patches to fix a flaw that could bypass SEV protection, letting attackers load malicious microcode. Researchers from Google disclosed an improper signature verification vulnerability, tracked as CVE-2024-56161 (CVSS score of 7.2), in AMD’s Secure Encrypted Virtualization (SEV). An attacker could trigger the flaw to load a malicious CPU microcode under specific conditions. “Improper […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

A cyberattack on Collins Aerospace disrupted operations at major European airports

Hacking / September 20, 2025

Fortra addressed a maximum severity flaw in GoAnywhere MFT software

Security / September 19, 2025

UK police arrested two teen Scattered Spider members linked to the 2024 attack on Transport for London

Security / September 19, 2025

ShadowLeak: Radware Uncovers Zero-Click Attack on ChatGPT

Hacking / September 18, 2025

SonicWall warns customers to reset credentials after MySonicWall backups were exposed

Data Breach / September 18, 2025