MUST READ

Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

 | 

Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ohio’s Union County suffers ransomware attack impacting 45,000 people

 | 

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

 | 

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

LATEST NEWS

VIEW ALL
Malware
Duqu Trojan, Stuxnet-derived malware
Pierluigi Paganini November 02, 2011

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...

Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

EU agency ENISA says ransomware attack behind airport disruptions
September 22, 2025
Nation-State hackers exploit Libraesva Email Gateway flaw
September 24, 2025
Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps
September 24, 2025
Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors
September 26, 2025
Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata
September 25, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

September 28, 2025

Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

September 28, 2025

Breaking News
Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

September 28, 2025

Uncategorized
Ohio’s Union County suffers ransomware attack impacting 45,000 people

September 27, 2025

Hacking
ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

September 27, 2025

recent articles

Security
Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

The cyberattack on UK retailer Co-op in April caused empty shelves, customer data theft, and a $275M revenue loss. In May, the cybercrime group behind the April Co-op cyberattack, who go online wi ...

Pierluigi Paganini September 28, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Brewing Trouble — Dissecting a macOS M ...

Pierluigi Paganini September 28, 2025
Breaking News
Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini September 28, 2025
Uncategorized
Ohio’s Union County suffers ransomware attack impacting 45,000 people

A ransomware attack resulted in the theft of Social Security and financial data from Union County, Ohio, impacting 45,487 people. A ransomware attack hit Union County, Ohio, and crooks stole Socia ...

Pierluigi Paganini September 27, 2025
Hacking
ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

Researchers disclosed a critical flaw, named ForcedLeak, in Salesforce Agentforce that enables indirect prompt injection, risking CRM data exposure. Noma Labs researchers discovered a critical vul ...

Pierluigi Paganini September 27, 2025
Malware
Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Microsoft Threat Intelligence researchers found a new XCSSET macOS malware variant used in limited attacks. Microsoft Threat Intelligence researchers have discovered a new version of the macOS mal ...

Pierluigi Paganini September 26, 2025
Hacking
Hackers exploit Fortra GoAnywhere flaw before public alert

watchTowr Labs says hackers exploited the Fortra GoAnywhere MFT flaw CVE-2025-10035 on Sept 10, 2025, a week before public disclosure. Cybersecurity firm watchTowr Labs revealed that it has 'credi ...

Pierluigi Paganini September 26, 2025
Hacking
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclose ...

Pierluigi Paganini September 26, 2025
Malware
Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

China-linked actors used Brickstorm malware to spy on U.S. tech and legal firms, stealing data undetected for over a year, Google warns. Google Threat Intelligence Group (GTIG) observed the use o ...

Pierluigi Paganini September 26, 2025
Hacking
U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastr ...

Pierluigi Paganini September 25, 2025
Cyber Crime
Operation HAECHI VI seized $439M from global cybercrime rings

Interpol announced that Operation HAECHI VI seized $439M from global cybercrime rings, with 40 countries joining the five-month crackdown. Interpol announced that an international law enforcement ...

Pierluigi Paganini September 25, 2025
Data Breach
Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

Volvo North America disclosed a data breach that exposed the personal data of its employees after a ransomware attack hit third-party supplier Miljödata. Volvo NA disclosed a data breach that ex ...

Pierluigi Paganini September 25, 2025
Hacking
Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

Cisco addressed a high-severity zero-day in Cisco IOS and IOS XE Software that is being actively exploited in attacks in the wild. Cisco fixed an actively exploited zero-day, tracked as CVE-2025-2 ...

Pierluigi Paganini September 25, 2025
Hacking
Nation-State hackers exploit Libraesva Email Gateway flaw

State-sponsored hackers exploited a vulnerability, tracked as CVE-2025-59689, in Libraesva Email Gateway via malicious attachments. Nation-state actors exploited a command injection flaw, tracked ...

Pierluigi Paganini September 24, 2025
Security
SolarWinds fixed a critical RCE flaw in its Web Help Desk software

SolarWinds fixed a critical flaw in its Web Help Desk software that could allow attackers to execute arbitrary commands on vulnerable systems. SolarWinds has released hot fixes to address a critic ...

Pierluigi Paganini September 24, 2025
Hacking
How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

US CISA revealed that threat actors exploited an unpatched vulnerability in GeoServer to breach a U.S. federal civilian agency’s network. Threat actors breached a U.S. federal agency via unpatch ...

Pierluigi Paganini September 24, 2025
Security
Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

Cloudflare blocked a new record-breaking DDoS attack peaking at 22.2 Tbps and 10.6 billion packets per second. Cloudflare announced it has mitigated a new record-breaking distributed denial-of-ser ...

Pierluigi Paganini September 24, 2025
Security
U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (C ...

Pierluigi Paganini September 23, 2025
Intelligence
US Secret Service dismantled covert communications network near the U.N. in New York

Secret Service seizes a covert communications network near U.N. composed of sophisticated equipment, including 100K SIMs and 300 servers The U.S. Secret Service uncovered a covert communications n ...

Pierluigi Paganini September 23, 2025
Cyber Crime
A suspected Scattered Spider member suspect detained for casino network attacks

A suspected Scattered Spider member linked to cyber attacks on Las Vegas casinos was arrested on September 17. The Las Vegas Metropolitan Police Department arrested on September 17 a suspected Sca ...

Pierluigi Paganini September 23, 2025