MUST READ

Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

 | 

Android Apps misusing NFC and HCE to steal payment data on the rise

 | 

Conduent January 2025 breach impacts 10M+ people

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69

 | 

Security Affairs newsletter Round 548 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ukrainian extradited to US over Conti ransomware involvement

 | 

BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government

 | 

China-linked UNC6384 exploits Windows zero-day to spy on European diplomats

 | 

Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks

 | 

EY Exposes 4TB SQL Server Backup Publicly on Microsoft Azure

 | 

Suspected Chinese actors compromise U.S. Telecom firm Ribbon Communications

 | 

U.S. CISA adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog

 | 

Brush exploit can cause any Chromium browser to collapse in 15-60 seconds

 | 

Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia

 | 

Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed

 | 

Hacktivists breach Canada’s critical infrastructure, cyber Agency warns

 | 

Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog

 | 

Herodotus Android malware mimics human typing to evade detection

 | 

Aisuru botnet is behind record 20Tb/sec DDoS attacks

 | 

LATEST NEWS

VIEW ALL
Hacking
North Korea-linked Lazarus APT used a 0-day in a recent attack
Pierluigi Paganini March 08, 2023

North Korea-linked Lazarus APT group exploits a zero-day vulnerability in attacks aimed at a South Korean financial entity. ASEC (AhnLab Security Emergency Response Center) observed North Korea- ...

Security
CISA adds three new bugs to Known Exploited Vulnerabilities Catalog
Pierluigi Paganini March 08, 2023

US CISA added actively exploited flaws in Teclib GLPI, Apache Spark, and Zoho ManageEngine ADSelfService Plus to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively e ...

APT
China-linked APT Sharp Panda targets government entities in Southeast Asia
Pierluigi Paganini March 08, 2023

China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed t ...

Hacking
VMware NSX Manager bugs actively exploited in the wild since December
Pierluigi Paganini March 08, 2023

Security researchers warn of hacking attempts in the wild exploiting critical vulnerabilities in VMware NSX Manager. Cyber security firm Wallarm is warning of ongoing attacks exploiting the critic ...

top articles

Memento Labs, the ghost of Hacking Team, has returned — or maybe it was never gone at all.
October 27, 2025
Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia
October 30, 2025
Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets
October 29, 2025
Hacktivists breach Canada’s critical infrastructure, cyber Agency warns
October 29, 2025
Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks
October 31, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

November 03, 2025

Security
Android Apps misusing NFC and HCE to steal payment data on the rise

November 03, 2025

Data Breach
Conduent January 2025 breach impacts 10M+ people

November 03, 2025

Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69

November 02, 2025

Uncategorized
Security Affairs newsletter Round 548 by Pierluigi Paganini – INTERNATIONAL EDITION

November 02, 2025

recent articles

Security
Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

Google released Chrome 142, fixing 20 flaws, including two high-severity V8 bugs, and awarded $100,000 in bug bounties. Google addressed 20 flaws in Chrome version 142, including high-severity bug ...

Pierluigi Paganini November 03, 2025
Security
Android Apps misusing NFC and HCE to steal payment data on the rise

Zimperium zLabs found 760+ Android apps abusing NFC and HCE to steal payment data, showing a surge in NFC relay fraud since April 2024. Zimperium zLabs researchers spotted over 760 Android apps ab ...

Pierluigi Paganini November 03, 2025
Data Breach
Conduent January 2025 breach impacts 10M+ people

Conduent January 2025 breach exposed personal data of 10M+ people, including names, addresses, DOBs, SSNs, and health and insurance info. Conduent January 2025 breach exposed the personal data of ...

Pierluigi Paganini November 03, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Agenda Ransomware Deploys Linux Variant ...

Pierluigi Paganini November 02, 2025
Uncategorized
Security Affairs newsletter Round 548 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini November 02, 2025
Security
Ukrainian extradited to US over Conti ransomware involvement

Ukrainian Oleksii Lytvynenko extradited from Ireland to US for alleged role in Conti ransomware after fleeing Ukraine in 2022. Ukrainian national Oleksii Lytvynenko (43) extradited from Ireland to ...

Pierluigi Paganini November 02, 2025
Hacking
BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government

Australia warns of attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell install. The Australian Signals Directorate (ASD) warns of ongoing attacks on un ...

Pierluigi Paganini November 01, 2025
Security
Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks

CISA warns ransomware gangs exploit CVE-2024-1086, a Linux kernel flaw in netfilter: nf_tables, introduced in 2014 and patched in Jan 2024. CISA warned that ransomware gangs are exploiting CVE-20 ...

Pierluigi Paganini October 31, 2025
Data Breach
EY Exposes 4TB SQL Server Backup Publicly on Microsoft Azure

A massive 4TB SQL Server backup file belonging to global accounting giant Ernst & Young (EY) was discovered publicly accessible on Microsoft Azure. Cybersecurity firm Neo Security discove ...

Pierluigi Paganini October 31, 2025
Intelligence
Suspected Chinese actors compromise U.S. Telecom firm Ribbon Communications

A nation-state actor, likely a China-nexus one, hacked the U.S.-based technology company Ribbon Communications. Ribbon Communications is a U.S.-based technology company that provides telecommunica ...

Pierluigi Paganini October 31, 2025
Hacking
U.S. CISA adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog. The U.S ...

Pierluigi Paganini October 30, 2025
Hacking
Brush exploit can cause any Chromium browser to collapse in 15-60 seconds

“Brash” flaw in Chromium’s Blink engine lets attackers crash browsers instantly via a single malicious URL, researcher Jose Pino revealed. Security researcher Jose Pino found a severe vulner ...

Pierluigi Paganini October 30, 2025
Security
Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia

Former US defense contractor exec Peter Williams pled guilty to stealing trade secrets and selling cyber exploits to a Russian broker, per the US DOJ. Ex-US defense contractor Peter Williams (39) ...

Pierluigi Paganini October 30, 2025
Data Breach
Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed

Dentsu said its U.S. unit Merkle was hit by a cyberattack exposing staff and client data, forcing some systems offline to mitigate the security breach. Japanese multinational advertising and publi ...

Pierluigi Paganini October 30, 2025
Hacktivism
Hacktivists breach Canada’s critical infrastructure, cyber Agency warns

Canada’s cyber agency warns hacktivists breached critical infrastructure, altering industrial controls and risking public safety. The Canadian Centre for Cyber Security revealed that hacktivists ...

Pierluigi Paganini October 29, 2025
APT
Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets

Russian actors, likely linked to Sandworm, targeted Ukrainian firms using LotL tactics and dual-use tools to steal data and stay hidden, says Symantec and Carbon Black. Russian threat actors, like ...

Pierluigi Paganini October 29, 2025
Security
U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure S ...

Pierluigi Paganini October 29, 2025
Malware
Herodotus Android malware mimics human typing to evade detection

Threat Fabric researchers spotted Herodotus Android malware mimicking human typing with random delays to evade detection. Threat Fabric found a new Android malware, named Herodotus, which mimics ...

Pierluigi Paganini October 29, 2025
Malware
Aisuru botnet is behind record 20Tb/sec DDoS attacks

A new Mirai-based IoT botnet, dubbed Aisuru, was used to launch multiple high-impact DDoS attacks exceeding 20Tb/sec and/or 4gpps. In October 2025, the Aisuru Mirai-based IoT botnet launched massi ...

Pierluigi Paganini October 28, 2025
Cyber Crime
Everest group claimed the hack of Sweden’s power grid operator Svenska kraftnät

Hackers hit Sweden’s power grid operator Svenska kraftnät, stealing data via a file transfer tool. The power grid was not affected. Hackers breached Sweden’s state-owned power grid operator S ...

Pierluigi Paganini October 28, 2025