Uncategorized

Pierluigi Paganini May 21, 2025
A critical flaw in OpenPGP.js lets attackers spoof message signatures

A critical flaw in OpenPGP.js, tracked as CVE-2025-47934, lets attackers spoof message signatures; updates have been released to address the flaw. A critical vulnerability, tracked as CVE-2025-47934, in OpenPGP.js allowed spoofing of message signature verification. OpenPGP.js is an open-source JavaScript library that implements the OpenPGP standard for email and data encryption. It allows developers to […]

Pierluigi Paganini May 16, 2025
AI in the Cloud: The Rising Tide of Security and Privacy Risks

Over half of firms adopted AI in 2024, but cloud tools like Azure OpenAI raise growing concerns over data security and privacy risks. As enterprises embrace artificial intelligence (AI) to streamline operations and accelerate decision-making, a growing number are turning to cloud-based platforms like Azure OpenAI, AWS Bedrock, and Google Bard. In 2024 alone, over […]

Pierluigi Paganini February 23, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 34

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. You’ve Got Malware: FINALDRAFT Hides in Your Drafts   Telegram Abused as C2 Channel for New Golang Backdoor   Infostealing Malware Infections in the U.S. Military & Defense Sector: A Cybersecurity Disaster in the Making   Analyzing ELF/Sshdinjector.A!tr with […]

Pierluigi Paganini January 26, 2025
Cisco warns of a ClamAV bug with PoC exploit

Cisco addressed a ClamAV denial-of-service (DoS) vulnerability, and experts warn of the availability of a proof-of-concept (PoC) exploit code. Cisco has released security updates to address a ClamAV denial-of-service (DoS) vulnerability tracked as CVE-2025-20128. The Cisco PSIRT experts warn of the availability of a proof-of-concept (PoC) exploit code for this flaw. The vulnerability resides in […]

Pierluigi Paganini January 19, 2025
Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon EU privacy […]

Pierluigi Paganini January 07, 2025
Threat actors breached the Argentina’s airport security police (PSA) payroll

Threat actors breached Argentina’s airport security police (PSA) payroll, stealing data and deducting 2,000-5,000 pesos from salaries. Threat actors have breached Argentina’s airport security police (PSA) and compromised the personal and financial data of its officers and civilian personnel. Threat actors deducted from 2,000 to 5,000 pesos under false charges like “DD mayor” and “DD […]

Pierluigi Paganini December 29, 2024
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 26

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Now You See Me, Now You Don’t: Using LLMs to Obfuscate Malicious JavaScript Analyzing Malicious Intent in Python Code: A Case Study       DigiEver Fix That IoT Thing!   Botnets Continue to Target Aging D-Link Vulnerabilities   OtterCookie, […]

Pierluigi Paganini December 27, 2024
Experts warn of a surge in activity associated FICORA and Kaiten botnets

FortiGuard Labs observed increased activity from two botnets, the Mirai variant “FICORA” and the Kaiten variant “CAPSAICIN”. FortiGuard Labs researchers observed a surge in activity associated with two botnets, the Mirai variant “FICORA” and the Kaiten variant “CAPSAICIN,” in late 2024. Both botnets target vulnerabilities in D-Link devices, particularly through the HNAP interface, allowing remote […]

Pierluigi Paganini December 22, 2024
US charged Dual Russian and Israeli National as LockBit Ransomware developer

US authorities charged a dual Russian and Israeli national for being a developer of the LockBit ransomware group. Rostislav Panev, 51, a dual Russian-Israeli national, was charged as a LockBit ransomware developer. Arrested in Israel, he awaits extradition to the U.S. Panev was arrested in Israel in August and is awaiting extradition to the U.S. […]

Pierluigi Paganini December 19, 2024
US considers banning TP-Link routers over cybersecurity concerns

The U.S. government may ban TP-Link routers in 2025 if investigations confirm their use could pose a national security risk. The U.S. government is investigating whether TP-Link routers, linked to cyberattacks, pose a national security risk, the Wall Street Journal reported. According to the WSJ, the U.S. government is considering banning TP-Link routers starting in […]