MUST READ

Canadian investment platform Wealthsimple disclosed a data breach

 | 

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

 | 

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

 | 

Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Qantas cuts executive bonuses by 15% after a July data breach

 | 

MeetC2 - A serverless C2 framework that leverages Google Calendar APIs as a communication channel

 | 

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

 | 

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

 | 

SVG files used in hidden malware campaign impersonating Colombian authorities

 | 

France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules

 | 

$10M reward for Russia's FSB officers accused of hacking US Critical infrastructure

 | 

Severe Hikvision HikCentral product flaws: What You Need to Know

 | 

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

 | 

Google addressed two Android flaws actively exploited in targeted attacks

 | 

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

 | 

Android droppers evolved into versatile tools to spread malware

 | 

Jaguar Land Rover shuts down systems after cyberattack, no evidence of customer data theft

 | 

Cloudflare blocked a record 11.5 Tbps DDoS attack

 | 

Palo Alto Networks disclosed a data breach linked to Salesloft Drift incident

 | 

LATEST NEWS

VIEW ALL
Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

Crooks exploit Meta malvertising to target Android users with Brokewell
September 01, 2025
Cloudflare blocked a record 11.5 Tbps DDoS attack
September 02, 2025
Palo Alto Networks disclosed a data breach linked to Salesloft Drift incident
September 02, 2025
Severe Hikvision HikCentral product flaws: What You Need to Know
September 04, 2025
Qantas cuts executive bonuses by 15% after a July data breach
September 06, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Data Breach

Canadian investment platform Wealthsimple disclosed a data breach

September 08, 2025

Security
Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

September 08, 2025

Intelligence
Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

September 08, 2025

Breaking News
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

September 07, 2025

Breaking News
Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

September 07, 2025

recent articles

Data Breach
Canadian investment platform Wealthsimple disclosed a data breach

Wealthsimple reported a data breach affecting some customers due to a supply chain attack via a third-party software package. Canadian investment platform Wealthsimple disclosed a data breach that ...

Pierluigi Paganini September 08, 2025
Security
Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

Venezuela’s President Maduro shows Huawei Mate X6 gift from China's President Xi Jinping, hailing it as “unhackable” by U.S. spies. Last week, Venezuelan President Nicolás Maduro showcased ...

Pierluigi Paganini September 08, 2025
Intelligence
Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

Czech cybersecurity agency NUKIB warns of Chinese cyber threats to critical infrastructure, citing the cyberespionage group APT31 and risky devices. The Czech Republic's National Cyber and Informa ...

Pierluigi Paganini September 08, 2025
Breaking News
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Operation HanKook Phantom: North Korean ...

Pierluigi Paganini September 07, 2025
Breaking News
Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini September 07, 2025
Data Breach
Qantas cuts executive bonuses by 15% after a July data breach

Qantas cuts executive bonuses by 15% after a July cyberattack exposed data of 5.7M people, despite reporting $1.5B profit last fiscal year. Qantas cuts executive bonuses by 15% after a July cybera ...

Pierluigi Paganini September 06, 2025
Security
MeetC2 - A serverless C2 framework that leverages Google Calendar APIs as a communication channel

MeetC2 is a PoC C2 tool using Google Calendar to mimic cloud abuse, helping teams test detection, logging, and response. Background: Modern adversaries increasingly hide command-and-control ( ...

Pierluigi Paganini September 06, 2025
Hacking
Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

Experts warn of an actively exploited vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), in SAP S/4HANA software. A critical command injection vulnerability, tracked as CVE-2025-42957 ...

Pierluigi Paganini September 05, 2025
Breaking News
U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ...

Pierluigi Paganini September 05, 2025
Malware
SVG files used in hidden malware campaign impersonating Colombian authorities

VirusTotal uncovered an undetected malware campaign using SVG files that impersonated the Colombian justice system. VirusTotal researchers uncovered a phishing campaign using SVG files with hidden ...

Pierluigi Paganini September 05, 2025
Laws and regulations
France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules

France’s data watchdog fined Google $379M (€325 million) and Shein $175M (€150 million) for breaching cookie rules. The French data watchdog, the National Commission on Informatics and Liber ...

Pierluigi Paganini September 05, 2025
Cyber warfare
$10M reward for Russia's FSB officers accused of hacking US Critical infrastructure

US offers $10M for Russian FSB officers Tyukov, Gavrilov & Akulov, accused of attacking US critical infrastructure and over 500 energy firms worldwide. The US Department of State is offering u ...

Pierluigi Paganini September 04, 2025
Hacking
Severe Hikvision HikCentral product flaws: What You Need to Know

Hikvision HikCentral flaw allows unauthenticated users to gain admin rights, risking full control over configs, logs, and critical monitoring. Security researchers warn of three vulnerabilities im ...

Pierluigi Paganini September 04, 2025
Hacking
U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructu ...

Pierluigi Paganini September 04, 2025
Cyber Crime
Crooks turn HexStrike AI into a weapon for fresh vulnerabilities

Threat actors abuse HexStrike AI, a new offensive security tool meant for red teaming and bug bounties, to exploit fresh vulnerabilities. Check Point researchers warn that threat actors are abusin ...

Pierluigi Paganini September 03, 2025
Security
Google addressed two Android flaws actively exploited in targeted attacks

Google addressed 120 Android vulnerabilities in September 2025, including two flaws actively exploited in targeted attacks. Google has released security updates to address 120 Android vulnerabili ...

Pierluigi Paganini September 03, 2025
Hacking
U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Age ...

Pierluigi Paganini September 03, 2025
Malware
Android droppers evolved into versatile tools to spread malware

Android droppers now spread banking trojans, SMS stealers, and spyware, disguised as government or banking apps in India and Asia. ThreatFabric researchers warn of a shift in Android malware: drop ...

Pierluigi Paganini September 03, 2025
Hacking
Jaguar Land Rover shuts down systems after cyberattack, no evidence of customer data theft

Jaguar Land Rover shut down systems after a cyberattack, disrupting production and retail, but says customer data likely remains safe. Jaguar Land Rover shut down systems to mitigate a cyberattack ...

Pierluigi Paganini September 03, 2025
Cyber Crime
Cloudflare blocked a record 11.5 Tbps DDoS attack

Cloudflare blocked a record 11.5 Tbps DDoS attack, a UDP flood from Google Cloud, part of weeks-long assault waves. Cloudflare announced on X that it had blocked the largest ever DDoS attack, peak ...

Pierluigi Paganini September 02, 2025