MUST READ

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Triofox bug exploited to run malicious payloads via AV configuration

 | 

GlassWorm malware has resurfaced on the Open VSX registry

 | 

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

 | 

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

 | 

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

 | 

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

 | 

LATEST NEWS

VIEW ALL
Intelligence
Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant
Pierluigi Paganini July 08, 2025

Italian police arrested a Chinese national linked to Silk Typhoon APT group at Milan's Malpensa Airport on a U.S. warrant. Italian police arrested a Chinese national, Zewei Xu (33), at Milan's Mal ...

Hacking
U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog
Pierluigi Paganini July 08, 2025

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS) flaws to its Known Ex ...

Cyber Crime
IT Worker arrested for selling access in $100M PIX cyber heist
Pierluigi Paganini July 08, 2025

Brazil arrests IT worker João Roque for aiding $100M PIX cyber heist, one of Brazil’s biggest banking system breaches. Brazilian police arrested João Roque (48), an IT employee at C&M, for ...

Malware
New Batavia spyware targets Russian industrial enterprises
Pierluigi Paganini July 07, 2025

Since March 2025, fake contract emails have been spreading Batavia spyware in targeted attacks on Russian organizations. Since March 2025, a targeted phishing campaign against Russian organization ...

top articles

Brush exploit can cause any Chromium browser to collapse in 15-60 seconds
October 30, 2025
Google sounds alarm on self-modifying AI malware
November 06, 2025
Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices
November 06, 2025
SonicWall blames state-sponsored hackers for September security breach
November 05, 2025
AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack
November 09, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Hacking

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

November 11, 2025

Hacking
Critical Triofox bug exploited to run malicious payloads via AV configuration

November 11, 2025

Malware
GlassWorm malware has resurfaced on the Open VSX registry

November 10, 2025

Security
Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

November 10, 2025

Uncategorized
Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

November 10, 2025

recent articles

Hacking
U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Age ...

Pierluigi Paganini November 11, 2025
Hacking
Critical Triofox bug exploited to run malicious payloads via AV configuration

Hackers exploited Triofox flaw CVE-2025-12480 to bypass auth and install remote access tools via the platform’s antivirus feature. Google's Mandiant researchers spotted threat actors exploiting ...

Pierluigi Paganini November 11, 2025
Malware
GlassWorm malware has resurfaced on the Open VSX registry

GlassWorm malware resurfaces in Open VSX and GitHub, infecting VS Code extensions weeks after its removal from the official marketplace. GlassWorm malware has resurfaced on the Open VSX registry a ...

Pierluigi Paganini November 10, 2025
Security
Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

Denmark and Norway probe a security flaw in Chinese-made Yutong buses, deepening European fears over reliance on Chinese tech and potential cyber risks. Bus operators in Denmark and Norway are urg ...

Pierluigi Paganini November 10, 2025
Uncategorized
Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

With a 4M cybersecurity worker shortage, agentic AI helps SOCs move beyond triage, enabling proactive security once thought impossible. With a deficit of 4 million cybersecurity workers worldwide, ...

Pierluigi Paganini November 10, 2025
Malware
Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

Nine NuGet packages by “shanhai666” can deploy delayed payloads to disrupt databases and industrial systems. Socket's Threat Research Team discovered nine malicious NuGet packages, published b ...

Pierluigi Paganini November 10, 2025
Hacking
QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

QNAP patched seven zero-days used at Pwn2Own 2025 affecting QTS, QuTS hero, Hyper Data Protector, Malware Remover, and HBS 3. Taiwanese vendor QNAP patched seven zero-day vulnerabilities exploited ...

Pierluigi Paganini November 10, 2025
Hacking
AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

Microsoft uncovered Whisper Leak, a side-channel attack that lets network snoopers infer AI chat topics despite encryption, risking user privacy. Microsoft revealed a new side-channel attack calle ...

Pierluigi Paganini November 09, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter SesameOp: Novel backdoor uses OpenAI Ass ...

Pierluigi Paganini November 09, 2025
Breaking News
Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini November 09, 2025
APT
China-linked hackers target U.S. non-profit in long-term espionage campaign

A China-linked group targeted a U.S. non-profit to gain long-term access, part of wider attacks on U.S. entities tied to policy matters. China-linked hackers breached a U.S. policy-focused nonprof ...

Pierluigi Paganini November 08, 2025
Security
A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

An Italian political adviser was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity. Italian political adviser Francesco Nicodem ...

Pierluigi Paganini November 08, 2025
Security
LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

A now-patched Samsung Galaxy flaw, tracked as CVE-2025-21042, was exploited as a zero-day to deploy LANDFALL spyware in targeted attacks in Middle East. Samsung patched a flaw exploited as a zero- ...

Pierluigi Paganini November 07, 2025
Security
Cisco fixes critical UCCX flaw allowing Root command execution

Cisco patched a critical flaw in its Unified Contact Center Express (UCCX) software that allowed attackers to execute commands with root privileges. Cisco released security updates to address a cr ...

Pierluigi Paganini November 07, 2025
Security
Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

Cisco warns of a new attack variant exploiting CVE-2025-20333 and CVE-2025-20362 in Secure Firewall ASA and FTD devices. Cisco warned of a new attack variant targeting vulnerable Secure Firewall A ...

Pierluigi Paganini November 06, 2025
Malware
Google sounds alarm on self-modifying AI malware

Google warns malware now uses AI to mutate, adapt, and collect data during execution, boosting evasion and persistence. Google’s Threat Intelligence Group (GTIG) warn of a new generation of malw ...

Pierluigi Paganini November 06, 2025
Hacking
Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

Curly COMrades threat actors exploit Windows Hyper-V to hide Linux VMs, evade EDR tools, and deploy custom malware undetected. Bitdefender researchers, aided by Georgia’s CERT, uncovered that Cu ...

Pierluigi Paganini November 06, 2025
Security
SonicWall blames state-sponsored hackers for September security breach

Cybersecurity firm SonicWall attributed the September security breach exposing firewall configuration files to state-sponsored hackers. In September, SonicWall urged customers to reset credentials ...

Pierluigi Paganini November 05, 2025
Laws and regulations
U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

U.S. sanctions North Korea bankers and firms accused of laundering cybercrime funds used to finance the country’s nuclear weapons program. The U.S. Government has imposed sanctions on several No ...

Pierluigi Paganini November 05, 2025
Cyber Crime
Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

U.S. prosecutors charged three Florida men for using BlackCat ransomware to hack and extort five U.S. companies in 2023. U.S. prosecutors charged Ryan Clifford Goldberg, Kevin Tyler Martin, and an ...

Pierluigi Paganini November 05, 2025