Pierluigi Paganini
August 22, 2025
INTERPOL arrested 1,209 cybercriminals in 18 African nations seizing $97.4M, and dismantling 11,432 malicious infrastructures. INTERPOL announced the result of the second phase of ongoing law enforcement Operation Serengeti (June to August 2025) that led to 1,209 arrests across 18 nations in Africa. The authorities are aiding 88,000 victims, seizing $97.4M, and dismantling 11,432 cybercrime […]
Pierluigi Paganini
August 22, 2025
Microsoft halts PoC exploit sharing with Chinese firms after SharePoint zero-day leaks, giving only written bug details to curb future abuse. Microsoft has reportedly stopped giving Chinese firms proof-of-concept exploit code through its Microsoft Active Protections Program (MAPP) program after July’s mass exploitation of SharePoint flaws, believed linked to a leak of early bug disclosures. […]
Pierluigi Paganini
August 22, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS, iPadOS, and macOSÂ flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)Â added Apple iOS, iPadOS, and macOSÂ flaw, tracked as CVE-2025-43300, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Apple addressed the actively exploited zero-day CVE-2025-43300 in iOS, iPadOS, and […]
Pierluigi Paganini
August 21, 2025
Apple addressed a vulnerability impacting iOS, iPadOS, and macOS that it is under active exploitation in the wild. Apple addressed an actively exploited zero-day, tracked as CVE-2025-43300, in iOS, iPadOS, and macOS. The vulnerability is zero-day out-of-bounds write issue that resides in the ImageIO framework, an attacker could exploit it to cause memory corruption when processing […]
Pierluigi Paganini
August 21, 2025
FBI warns FSB-linked group Static Tundra is exploiting a 7-year-old Cisco IOS/IOS XE flaw to gain persistent access for cyber espionage. The FBI warns that Russia-linked threat actor Static Tundra exploits Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI) to target organizations in the […]
Pierluigi Paganini
August 21, 2025
CERT/CC disclosed serious data exposure vulnerabilities in Workhorse Software used by hundreds of U.S. cities and towns. CERT Coordination Center (CERT/CC) at Carnegie Mellon University disclosed two serious data exposure flaws in an accounting application developed by Workhorse Software’s, and used by hundreds of U.S. cities and towns. CERT/CC disclosed the vulnerabilities only after the […]
Pierluigi Paganini
August 20, 2025
DOJ charges 22-year-old Ethan Foltz of Oregon for running RapperBot, a DDoS botnet behind 370K+ attacks in 80+ countries since 2021. The U.S. DOJ charged 22-year-old Ethan Foltz of Oregon for running the RapperBot botnet, used in over 370,000 DDoS-for-hire attacks since 2021. The criminal service is active in over 80 countries, RapperBot enabled large-scale […]
Pierluigi Paganini
August 20, 2025
Google Chrome 139 addressed a high-severity V8 flaw, tracked as CVE-2025-9132, found by Big Sleep AI Google Chrome 139 addressed a high-severity vulnerability, tracked as CVE-2025-9132, in its open source high-performance JavaScript and WebAssembly engine V8. The vulnerability is an out-of-bounds write issue in the V8 JavaScript engine that was discovered by Big Sleep AI. […]
Pierluigi Paganini
August 20, 2025
Pharmaceutical firm Inotiv says a ransomware attack encrypted systems and data, disrupting operations, according to its SEC filing. U.S. pharmaceutical firm Inotiv reported a ransomware attack that encrypted some systems and data, disrupting business operations. Inotiv is a U.S.-based pharmaceutical research and contract research organization (CRO). It provides nonclinical and analytical drug discovery and development […]
Pierluigi Paganini
August 20, 2025
UK hacker Al-Tahery Al-Mashriky, tied to Yemen Cyber Army, gets 20 months in prison for website defacements and stolen data possession. Al-Tahery Al-Mashriky (26), a man from South Yorkshire, linked to the Yemen Cyber Army, has been sentenced to 20 months in prison for hacking and defacing websites in hacktivist campaigns. The UK’s National Crime […]
