Security Affairs - Page 1599 of 1768 - Read, think, share … Security is everyone's responsibility

LATEST NEWS

VIEW ALL

Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition

Pierluigi Paganini June 25, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Someone is sending mysterious smartwatches to the US Military personnel

Pierluigi Paganini June 24, 2023

U.S. Army’s Criminal Investigation Division warns that US military personnel have reported receiving unsolicited smartwatches in the mail. The U.S. Army’s Criminal Investigation Division repo ...

CISA orders govt agencies to fix recently disclosed flaws in Apple devices

Pierluigi Paganini June 23, 2023

U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six new vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...

VMware fixed five memory corruption issues in vCenter Server

Pierluigi Paganini June 23, 2023

VMware addressed multiple memory corruption vulnerabilities in vCenter Server that can be exploited to achieve remote code execution. VMware released security updates to five memory corruption vul ...

1
2
760
761
762
763
764
4417
4418
4419

most popular

VIEW ALL

Apple doubles maximum bug bounty to $2M for zero-click RCEs

October 10, 2025

Juniper patched nine critical flaws in Junos Space

October 10, 2025

Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors

October 10, 2025

U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog

October 10, 2025

RondoDox Botnet targets 56 flaws across 30+ device types worldwide

October 10, 2025

recent articles

Security

Apple doubles maximum bug bounty to $2M for zero-click RCEs

Apple raised bug bounties to $2M for zero-click RCEs, doubling payouts. Since 2020, it’s paid $35M to 800 researchers. Apple doubled its bug bounty rewards, now offering up to $2 million for zer ...

Pierluigi Paganini October 10, 2025

Security

Juniper patched nine critical flaws in Junos Space

Juniper fixed nearly 220 flaws in Junos OS, Junos Space, and Security Director, including nine critical bugs in Junos Space. Juniper Networks released patches to address nearly 220 vulnerabilities ...

Pierluigi Paganini October 10, 2025

APT

Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors

Russia-linked actors use AI to craft phishing and malware attacks against entities in Ukraine, says SSSCIP. Russian hackers increasingly use AI in cyberattacks against Ukraine, the country's State ...

Pierluigi Paganini October 10, 2025

Hacking

U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Grafana flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ad ...

Pierluigi Paganini October 10, 2025

Malware

RondoDox Botnet targets 56 flaws across 30+ device types worldwide

RondoDox botnet exploits 56 known flaws in over 30 device types, including DVRs, CCTV systems, and servers, active globally since June. Trend Micro researchers reported that the RondoDox botnet ex ...

Pierluigi Paganini October 10, 2025

Malware

ClayRat campaign uses Telegram and phishing sites to distribute Android spyware

ClayRat Android spyware targets Russian users via fake Telegram channels and phishing sites posing as popular apps like WhatsApp and YouTube. The ClayRat Android spyware campaign targets Russian u ...

Pierluigi Paganini October 09, 2025

Hacking

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as ...

Pierluigi Paganini October 09, 2025

Security

Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users

All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups ...

Pierluigi Paganini October 09, 2025

Cyber Crime

Discord denies massive breach, confirms limited exposure of 70K ID photos

Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data ...

Pierluigi Paganini October 09, 2025

Cyber Crime

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi

Qilin ransomware claimed responsibility for the recent attack on the beer giant Asahi that disrupted operations in Japan. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest br ...

Pierluigi Paganini October 08, 2025

Cyber Crime

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

DragonForce, LockBit, and Qilin formed a ransomware alliance to boost attack effectiveness, marking a major shift in the cyber threat landscape. Ransomware groups DragonForce, LockBit, and Qilin f ...

Pierluigi Paganini October 08, 2025

Security

DraftKings thwarts credential stuffing attack, but urges password reset and MFA

DraftKings warns of credential stuffing using stolen logins; No evidence of data loss, but users must reset passwords and enable MFA. A credential stuffing campaign is targeting the American spor ...

Pierluigi Paganini October 08, 2025

Security

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

Redis warns of CVE-2025-49844, a Lua script flaw enabling RCE via use-after-free. Attackers need authenticated access to exploit it. Redis disclosed a critical RCE bug, tracked as CVE-2025-49844 ( ...

Pierluigi Paganini October 08, 2025

Hacking

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastr ...

Pierluigi Paganini October 07, 2025

Hacking

GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns

Storm-1175 exploits GoAnywhere MFT flaw CVE-2025-10035 in Medusa attacks, allowing easy remote code execution via License Servlet bug. A cybercrime group, tracked as Storm-1175, has been actively ...

Pierluigi Paganini October 07, 2025

Cyber Crime

CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025

CrowdStrike links Oracle EBS flaw CVE-2025-61882 (CVSS 9.8) to Cl0p, enabling unauthenticated RCE, first exploited on August 9, 2025. CrowdStrike researchers attributed with moderate confidence th ...

Pierluigi Paganini October 07, 2025

Data Breach

Discord discloses third-party breach affecting customer support data

Discord reported a data breach at a third-party customer service provider that exposed user data, including contact details, IPs, and billing info. Discord disclosed a breach at a third-party cust ...

Pierluigi Paganini October 06, 2025

Security

Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers

Oracle fixed a critical flaw (CVE-2025-61882, CVSS 9.8) in E-Business Suite that is actively exploited by Cl0p cybercrime group. Oracle released an emergency patch to address a critical vulnerabil ...

Pierluigi Paganini October 06, 2025

Security

LinkedIn sues ProAPIs for $15K/Month LinkedIn data scraping scheme

LinkedIn sued ProAPIs and its CEO Rahmat Alam for running millions of fake accounts to scrape and sell user data, charging up to $15,000 per month. LinkedIn has filed a lawsuit against the softwar ...

Pierluigi Paganini October 06, 2025

Hacking

Zimbra users targeted in zero-day exploit using iCalendar attachments

Threat actors exploited a Zimbra zero-day via malicious iCalendar (.ICS) files used to deliver attacks through calendar attachments. StrikeReady researchers discovered that threat actors exploited ...

Pierluigi Paganini October 06, 2025