Security Affairs - Page 1599 of 1757 - Read, think, share … Security is everyone's responsibility

LATEST NEWS

VIEW ALL

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Pierluigi Paganini November 08, 2024

Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them harder to unlock, reported 404 Media. Law enforcement warns that securely s ...

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini November 07, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyber ...

DPRK-linked BlueNoroff used macOS malware with novel persistence

Pierluigi Paganini November 07, 2024

SentinelLabs observed North Korea-linked threat actor BlueNoroff targeting businesses in the crypto industry with a new multi-stage malware. SentinelLabs researchers identified a North Korea-link ...

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Pierluigi Paganini November 07, 2024

Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The Canadian government ordered ByteDance to wind up TikTok Technology ...

1
2
276
277
278
279
280
4390
4391
4392

most popular

VIEW ALL

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

September 11, 2025

Google fixes critical Chrome flaw, researcher earns $43K

September 11, 2025

Kosovo man pleads guilty to running online criminal marketplace BlackDB

September 11, 2025

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

September 11, 2025

Jaguar Land Rover discloses a data breach after recent cyberattack

September 11, 2025

recent articles

Cyber Crime

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

Researchers warn that Akira ransomware group is exploiting a year-old SonicWall firewall flaw, likely using three attack vectors for initial access. The Akira ransomware group is exploiting a year ...

Pierluigi Paganini September 11, 2025

Security

Google fixes critical Chrome flaw, researcher earns $43K

Google addressed a critical use-after-free vulnerability in its Chrome browser that could potentially lead to code execution. A researcher earned $43000 from Google for reporting a critical Chrome ...

Pierluigi Paganini September 11, 2025

Breaking News

Kosovo man pleads guilty to running online criminal marketplace BlackDB

Kosovo man Liridon Masurica pleaded guilty to running the cybercrime marketplace BlackDB. He was arrested in 2024. Kosovo citizen Liridon Masurica (33) of Gjilan, aka @blackdb, pleaded guilty to r ...

Pierluigi Paganini September 11, 2025

Malware

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

Hackers exploit ConnectWise ScreenConnect to drop AsyncRAT via scripted loaders, stealing data and persisting with a fake Skype updater. LevelBlue researchers warn of a campaign abusing ConnectWi ...

Pierluigi Paganini September 11, 2025

Data Breach

Jaguar Land Rover discloses a data breach after recent cyberattack

Jaguar Land Rover confirms a cyberattack caused factory disruptions and led to a data breach, compromising sensitive information. In early September, Jaguar Land Rover shut down systems to mitigat ...

Pierluigi Paganini September 11, 2025

Security

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

Adobe fixed a critical flaw in its Commerce and Magento Open Source platforms that allows an attacker to take over customer accounts. Adobe addressed a critical vulnerability, tracked as CVE-2025- ...

Pierluigi Paganini September 10, 2025

Security

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

Pixel 10 adds C2PA to camera and Photos, helping users verify authenticity and spot AI-generated or altered images. Pixel 10 integrates C2PA Content Credentials into the camera and Photos, allowin ...

Pierluigi Paganini September 10, 2025

Cyber Crime

KillSec Ransomware is Attacking Healthcare Institutions in Brazil

KillSec Ransomware claimed responsibility for a cyberattack on MedicSolution, a software solutions provider for the healthcare industry in Brazil. The KillSec Ransomware group has threatened to l ...

Pierluigi Paganini September 10, 2025

Security

Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

Microsoft Patch Tuesday security updates for September 2025 fixed 80 vulnerabilities, including two publicly disclosed zero-day flaws. Microsoft Patch Tuesday security updates for September 2025 a ...

Pierluigi Paganini September 10, 2025

Security

SAP September 2025 Patch Day fixed 4 critical flaws

SAP issues 21 new and 4 updated security notes, fixing critical NetWeaver flaws enabling RCE and privilege escalation. SAP this week issued 21 new and four updated security notes as part of the co ...

Pierluigi Paganini September 09, 2025

Security

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

Multiple popular npm packages were compromised in a supply chain attack after a maintainer fell for a phishing email targeting 2FA credentials. A supply chain attack compromised multiple popular n ...

Pierluigi Paganini September 09, 2025

Malware

LunaLock Ransomware threatens victims by feeding stolen data to AI models

LunaLock, a new ransomware gang, introduced a unique cyber extortion technique, threatening to turn stolen art into AI training data. A new ransomware group, named LunaLock, appeared in the threat ...

Pierluigi Paganini September 09, 2025

Hacking

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

Hackers breached Salesloft’s GitHub in March, stole tokens, and used them in a mass attack on several major tech customers. Salesloft revealed that the threat actor UNC6395 breached its GitHub a ...

Pierluigi Paganini September 08, 2025

Data Breach

Canadian investment platform Wealthsimple disclosed a data breach

Wealthsimple reported a data breach affecting some customers due to a supply chain attack via a third-party software package. Canadian investment platform Wealthsimple disclosed a data breach that ...

Pierluigi Paganini September 08, 2025

Security

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

Venezuela’s President Maduro shows Huawei Mate X6 gift from China's President Xi Jinping, hailing it as “unhackable” by U.S. spies. Last week, Venezuelan President Nicolás Maduro showcased ...

Pierluigi Paganini September 08, 2025

Intelligence

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

Czech cybersecurity agency NUKIB warns of Chinese cyber threats to critical infrastructure, citing the cyberespionage group APT31 and risky devices. The Czech Republic's National Cyber and Informa ...

Pierluigi Paganini September 08, 2025

Breaking News

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Operation HanKook Phantom: North Korean ...

Pierluigi Paganini September 07, 2025

Breaking News

Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini September 07, 2025

Data Breach

Qantas cuts executive bonuses by 15% after a July data breach

Qantas cuts executive bonuses by 15% after a July cyberattack exposed data of 5.7M people, despite reporting $1.5B profit last fiscal year. Qantas cuts executive bonuses by 15% after a July cybera ...

Pierluigi Paganini September 06, 2025

Security

MeetC2 - A serverless C2 framework that leverages Google Calendar APIs as a communication channel

MeetC2 is a PoC C2 tool using Google Calendar to mimic cloud abuse, helping teams test detection, logging, and response. Background: Modern adversaries increasingly hide command-and-control ( ...

Pierluigi Paganini September 06, 2025