Over half of firms adopted AI in 2024, but cloud tools like Azure OpenAI raise growing concerns over data security and privacy risks. As enterprises embrace artificial intelligence (AI) to streamline operations and accelerate decision-making, a growing number are turning to cloud-based platforms like Azure OpenAI, AWS Bedrock, and Google Bard. In 2024 alone, over […]
Ivanti addressed two Endpoint Manager Mobile (EPMM) software vulnerabilities that have been exploited in limited attacks. Ivanti has released security updates to address two vulnerabilities in Endpoint Manager Mobile (EPMM) software. The company confirmed that threat actors have chained the flaws in limited attacks to gain remote code execution. The two vulnerabilities are tracked as CVE-2025-4427 and […]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. You’ve Got Malware: FINALDRAFT Hides in Your Drafts Telegram Abused as C2 Channel for New Golang Backdoor Infostealing Malware Infections in the U.S. Military & Defense Sector: A Cybersecurity Disaster in the Making Analyzing ELF/Sshdinjector.A!tr with […]
Cisco addressed a ClamAV denial-of-service (DoS) vulnerability, and experts warn of the availability of a proof-of-concept (PoC) exploit code. Cisco has released security updates to address a ClamAV denial-of-service (DoS) vulnerability tracked as CVE-2025-20128. The Cisco PSIRT experts warn of the availability of a proof-of-concept (PoC) exploit code for this flaw. The vulnerability resides in […]
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon EU privacy […]
Threat actors breached Argentina’s airport security police (PSA) payroll, stealing data and deducting 2,000-5,000 pesos from salaries. Threat actors have breached Argentina’s airport security police (PSA) and compromised the personal and financial data of its officers and civilian personnel. Threat actors deducted from 2,000 to 5,000 pesos under false charges like “DD mayor” and “DD […]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Now You See Me, Now You Don’t: Using LLMs to Obfuscate Malicious JavaScript Analyzing Malicious Intent in Python Code: A Case Study DigiEver Fix That IoT Thing! Botnets Continue to Target Aging D-Link Vulnerabilities OtterCookie, […]
FortiGuard Labs observed increased activity from two botnets, the Mirai variant “FICORA” and the Kaiten variant “CAPSAICIN”. FortiGuard Labs researchers observed a surge in activity associated with two botnets, the Mirai variant “FICORA” and the Kaiten variant “CAPSAICIN,” in late 2024. Both botnets target vulnerabilities in D-Link devices, particularly through the HNAP interface, allowing remote […]
US authorities charged a dual Russian and Israeli national for being a developer of the LockBit ransomware group. Rostislav Panev, 51, a dual Russian-Israeli national, was charged as a LockBit ransomware developer. Arrested in Israel, he awaits extradition to the U.S. Panev was arrested in Israel in August and is awaiting extradition to the U.S. […]
The U.S. government may ban TP-Link routers in 2025 if investigations confirm their use could pose a national security risk. The U.S. government is investigating whether TP-Link routers, linked to cyberattacks, pose a national security risk, the Wall Street Journal reported. According to the WSJ, the U.S. government is considering banning TP-Link routers starting in […]