MUST READ

New supply chain attack hits npm registry, compromising 40+ packages

 | 

Cybercrime group accessed Google Law Enforcement Request System (LERS)

 | 

China-linked Mustang Panda deploys advanced SnakeDisk USB worm

 | 

Insider breach at FinWise Bank exposes data of 689,000 AFF customers

 | 

Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

 | 

Fairmont Federal Credit Union 2023 data breach impacted 187K people

 | 

UK ICO finds students behind majority of school data breaches

 | 

INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

 | 

Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ShinyHunters Attack National Credit Information Center of Vietnam

 | 

FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

 | 

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

 | 

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

 | 

Samsung fixed actively exploited zero-day

 | 

UK train operator LNER (London North Eastern Railway) discloses a data breach

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

 | 

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

 | 

Google fixes critical Chrome flaw, researcher earns $43K

 | 

Kosovo man pleads guilty to running online criminal marketplace BlackDB

 | 

LATEST NEWS

VIEW ALL
Security
Two flaws in vBulletin forum software are under attack
Pierluigi Paganini June 01, 2025

Experts found two vulnerabilities in the vBulletin forum software, one of which is already being exploited in real-world attacks. Two critical vBulletin flaws, tracked as CVE-2025-48827 and CVE-20 ...

Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 47
Pierluigi Paganini June 01, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape 60 Malicious npm Packages Leak Network and Host Data in Active ...

Breaking News
Security Affairs newsletter Round 526 by Pierluigi Paganini – INTERNATIONAL EDITION
Pierluigi Paganini June 01, 2025

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Hacking
Two Linux flaws can lead to the disclosure of sensitive data
Pierluigi Paganini May 31, 2025

Qualys warns of two information disclosure flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora distros. Researchers discovered a vulne ...

top articles

KillSec Ransomware is Attacking Healthcare Institutions in Brazil
September 10, 2025
Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images
September 10, 2025
Google fixes critical Chrome flaw, researcher earns $43K
September 11, 2025
HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya
September 13, 2025
ShinyHunters Attack National Credit Information Center of Vietnam
September 14, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Malware

New supply chain attack hits npm registry, compromising 40+ packages

September 16, 2025

Security
Cybercrime group accessed Google Law Enforcement Request System (LERS)

September 16, 2025

APT
China-linked Mustang Panda deploys advanced SnakeDisk USB worm

September 16, 2025

Data Breach
Insider breach at FinWise Bank exposes data of 689,000 AFF customers

September 16, 2025

Cyber Crime
Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

September 15, 2025

recent articles

Malware
New supply chain attack hits npm registry, compromising 40+ packages

Researchers uncovered a new supply chain attack targeting the npm registry that impacted over 40 packages belonging to multiple maintainers. Security researchers at Socket uncovered a malicious u ...

Pierluigi Paganini September 16, 2025
Security
Cybercrime group accessed Google Law Enforcement Request System (LERS)

Google found threat actors created a fake account in its Law Enforcement Request System (LERS) and shut it down. Google confirmed that threat actors gained access to its Law Enforcement Request Sy ...

Pierluigi Paganini September 16, 2025
APT
China-linked Mustang Panda deploys advanced SnakeDisk USB worm

China-linked APT group Mustang Panda has been spotted using a new USB worm called SnakeDisk along with a new version of known malware China-linked APT group Mustang Panda (aka Hive0154, Camaro D ...

Pierluigi Paganini September 16, 2025
Data Breach
Insider breach at FinWise Bank exposes data of 689,000 AFF customers

An ex-employee caused an insider breach at FinWise Bank, exposing data of 689,000 American First Finance customers. FinWise Bank is a Utah-based community bank, FDIC-insured, that partners with fi ...

Pierluigi Paganini September 16, 2025
Cyber Crime
Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

Crooks stole personal data of millions of Gucci, Balenciaga, and Alexander McQueen customers: parent firm Kering confirmed the breach. Hackers stole private data of millions of Gucci, Balenciaga, ...

Pierluigi Paganini September 15, 2025
Data Breach
Fairmont Federal Credit Union 2023 data breach impacted 187K people

Fairmont Federal Credit Union alerts 187K people that a 2023 breach exposed personal, financial, and medical data. Fairmont Federal Credit Union (FFCU) is a not-for-profit financial cooperative in ...

Pierluigi Paganini September 15, 2025
Cyber Crime
UK ICO finds students behind majority of school data breaches

UK ICO reports students caused over half of school data breaches, showing kids are shaping cybersecurity in unexpected ways. The UK Information Commissioner’s Office (ICO), students were respons ...

Pierluigi Paganini September 15, 2025
Data Breach
INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

Panama’s Ministry of Economy and Finance disclosed a security breach impacting a computer in its infrastructure. Panama’s Ministry of Economy and Finance (MEF) announced that threat actors lik ...

Pierluigi Paganini September 15, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter npm debug and chalk packages compromised ...

Pierluigi Paganini September 14, 2025
Breaking News
Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini September 14, 2025
Cyber Crime
ShinyHunters Attack National Credit Information Center of Vietnam

Vietnam’s National Credit Information Center (CIC) was hit by a ShinyHunters cyberattack, with VNCERT confirming signs of unauthorized access to steal personal data. Authorities are investigatin ...

Pierluigi Paganini September 14, 2025
Cyber Crime
FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

The U.S. FBI issued a flash alert to warn of malicious activities carried out by two cybercriminal groups tracked as UNC6040 and UNC6395. The FBI issued a FLASH alert with IOCs for cybercriminal g ...

Pierluigi Paganini September 13, 2025
Malware
HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

HybridPetya ransomware bypasses UEFI Secure Boot to infect EFI partitions, echoing the infamous Petya/NotPetya attacks of 2016–2017. ESET researchers discovered a new ransomware called HybridPet ...

Pierluigi Paganini September 13, 2025
Security
Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

Cisco addressed multiple high-severity IOS XR vulnerabilities that can allow ISO image verification bypass and trigger DoS conditions. Cisco addressed multiple vulnerabilities in IOS XR software a ...

Pierluigi Paganini September 12, 2025
Hacking
Samsung fixed actively exploited zero-day

Samsung fixed the remote code execution flaw CVE-2025-21043 that was exploited in zero-day attacks against Android devices. Samsung addressed the remote code execution vulnerability, tracked as CV ...

Pierluigi Paganini September 12, 2025
Data Breach
UK train operator LNER (London North Eastern Railway) discloses a data breach

LNER warns of a data breach via a third-party supplier, exposing customer contact details and other personal information. UK train operator LNER (London North Eastern Railway) reported a data brea ...

Pierluigi Paganini September 12, 2025
Hacking
U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...

Pierluigi Paganini September 12, 2025
Cyber Crime
Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

Researchers warn that Akira ransomware group is exploiting a year-old SonicWall firewall flaw, likely using three attack vectors for initial access. The Akira ransomware group is exploiting a year ...

Pierluigi Paganini September 11, 2025
Security
Google fixes critical Chrome flaw, researcher earns $43K

Google addressed a critical use-after-free vulnerability in its Chrome browser that could potentially lead to code execution. A researcher earned $43000 from Google for reporting a critical Chrome ...

Pierluigi Paganini September 11, 2025
Breaking News
Kosovo man pleads guilty to running online criminal marketplace BlackDB

Kosovo man Liridon Masurica pleaded guilty to running the cybercrime marketplace BlackDB. He was arrested in 2024. Kosovo citizen Liridon Masurica (33) of Gjilan, aka @blackdb, pleaded guilty to r ...

Pierluigi Paganini September 11, 2025