MUST READ

Australia’s spy chief warns of China-linked threats to critical infrastructure

 | 

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

 | 

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

 | 

Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug

 | 

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

 | 

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

 | 

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

 | 

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Triofox bug exploited to run malicious payloads via AV configuration

 | 

GlassWorm malware has resurfaced on the Open VSX registry

 | 

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

 | 

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

 | 

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

 | 

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Security

Pierluigi Paganini January 08, 2015
New Emotet spam campaign targets German users

Security experts at Microsoft detected a new variant in the Win32/Emotet family which is targeting German users with a new spam email campaign. Researchers from Microsoft have uncovered a new criminal campaign is targeting German users with a new variant of a sophisticated banking malware, Trojan:Win32/Emotet.C. The attackers are running Spam email campaign in Germany to serve a […]

Pierluigi Paganini January 07, 2015
Insider Theft affects a tenth of Morgan Stanley Wealth Management Clients

Insider theft at Morgan Stanley affected nearly the ten percent of the company’s wealth management clients, the company officially confirmed the incident. The financial services company Morgan Stanley has confirmed a partial client data leak, the incident was confirmed by the firm in a statement published on its website. Morgan Stanley reported that an employee posted […]

Pierluigi Paganini January 07, 2015
CERT CC warns about critical flaws in UEFI implementations

The Carnegie Mellon University CERT/CC warned about the presence of serious vulnerabilities in the Unified Extensible Firmware Interface (UEFI). The CERT/CC has issued three different advisories for security flaws identified in the Unified Extensible Firmware Interface (UEFI). The Unified Extensible Firmware Interface (UEFI) (pronounced as an initialism U-E-F-I or like “unify” without the n) is a specification that defines a software interface between an operating […]

Pierluigi Paganini January 03, 2015
Google discloses a Zero-Day Windows 8.1 flaw

Google Project Zero team has disclosed the details of an unpatched flaw affecting Windows 8.1 systems and reported to Microsoft in September. The experts at the Google Project Zero team have ethically disclosed the details of an unpatched Windows 8.1 vulnerability reported to Microsoft in September. The team has waited for 90 days before publicly disclose the […]

Pierluigi Paganini December 29, 2014
Gmail service has been blocked in China

Gmail has been blocked in China, experts speculated that the Chinese Government used the China’s Great Firewall to interfere with the email service. Bad news for Chinese Gmail users, the popular email service offered by Google was blocked in China. Anti-censorship and privacy advocates speculated on filtering activity operated by the national Great Firewall system. According to the freedom […]

Pierluigi Paganini December 29, 2014
SS7 Attacks and Potential Breaches in Telecommunication Leading to Chaos.The Ukraine case.

Recent revelations have made it clear that SS7 breaches can occur, thanks to the vulnerabilities of such a set of protocols for telecom. Hackers can take advantage of these threats, like they have done in the past, as German researchers warn. The example of Ukraine and Russia highlights the danger crawling towards countries wishing to […]

Pierluigi Paganini December 28, 2014
Lavish Cars with Wireless Technology and Dashboards Can Be Hacked

Hackers have now got the knowledge and ability to track down dashboard technology and intercept crucial info from cars and especially luxury ones. It has been reported that cars wit fitted wireless technology can be hacked by experts and cause grave problems to their owners. Hackers have now got the knowledge and ability to track […]

Pierluigi Paganini December 20, 2014
USBdriveby, how to compromise a PC with a $20 microcontroller

USBdriveby is a device designed to quickly and covertly install a backdoor and override DNS settings on an unlocked machine via USB. The security experts Samy Kamkar (@SamyKamkar) has proposed a very interesting way to compromise an unlocked computer and deploy a backdoor on it simply by using a pre-programmed Teensy microcontroller. The cheap ($20) […]

Pierluigi Paganini December 19, 2014
New security flaws in the SS7 protocol allow hackers to spy on phone users

German researchers have announced the discovery of news security flaws in SS7 protocol that could be exploited by an attacker to spy on private phone calls. A team of German researchers has discovered security flaws that be exploited by a threat actor to spy on private phone calls and intercept text messages on a large […]

Pierluigi Paganini December 19, 2014
Several critical security vulnerabilities affect the Glassdoor website

The security expert  Mohamed M.Fouad discovered several critical security vulnerabilities at Glassdoor, which can lead to very harmful impact on all users. The Independent Security Researcher Mohamed M.Fouad has discovered  a lot of critical security vulnerabilities at Glassdoor that could lead to very harmful impact on all users.  Mohamed M.Fouad an Independent Security Researcher from Egypt. I […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Australia’s spy chief warns of China-linked threats to critical infrastructure

Intelligence / November 12, 2025

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

Security / November 12, 2025

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

Cyber Crime / November 12, 2025

Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug

Security / November 12, 2025

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

Security / November 11, 2025