MUST READ

U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog

 | 

Asahi halts ordering, shipping, and customer service after cyberattack

 | 

Scattered Spider, ShinyHunters Restructure - New Attacks Underway 

 | 

UK grants £1.5B loan to Jaguar Land Rover after cyberattack

 | 

Harrods alerts customers to new data breach linked to third-party provider

 | 

Akira Ransomware bypasses MFA on SonicWall VPNs

 | 

Despite Russian influence, Moldova votes Pro-EU, highlighting future election risks

 | 

Dutch teens arrested for spying on behalf of pro-Russian hackers

 | 

Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

 | 

Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ohio’s Union County suffers ransomware attack impacting 45,000 people

 | 

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

 | 

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

LATEST NEWS

VIEW ALL
Malware
Duqu Trojan, Stuxnet-derived malware
Pierluigi Paganini November 02, 2011

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...

Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

EU agency ENISA says ransomware attack behind airport disruptions
September 22, 2025
Nation-State hackers exploit Libraesva Email Gateway flaw
September 24, 2025
Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps
September 24, 2025
Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors
September 26, 2025
Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata
September 25, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog

September 30, 2025

Security
Asahi halts ordering, shipping, and customer service after cyberattack

September 30, 2025

Cyber Crime
Scattered Spider, ShinyHunters Restructure - New Attacks Underway 

September 30, 2025

Security
UK grants £1.5B loan to Jaguar Land Rover after cyberattack

September 29, 2025

Data Breach
Harrods alerts customers to new data breach linked to third-party provider

September 29, 2025

recent articles

Security
U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog. The U.S. ...

Pierluigi Paganini September 30, 2025
Security
Asahi halts ordering, shipping, and customer service after cyberattack

Japan’s top brewer Asahi suspends operations after a cyberattack, halting ordering, shipping, and customer service activities. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s larg ...

Pierluigi Paganini September 30, 2025
Cyber Crime
Scattered Spider, ShinyHunters Restructure - New Attacks Underway 

Resecurity warns the “Trinity of Chaos” (LAPSUS$, ShinyHunters, Scattered Spider) is driving a global cybercrime wave, with major breaches undisclosed. A new Resecurity report has uncovered a ...

Pierluigi Paganini September 30, 2025
Security
UK grants £1.5B loan to Jaguar Land Rover after cyberattack

UK grants Jaguar Land Rover a £1.5B loan guarantee after a major cyberattack, though cybersecurity experts voice concerns about the government’s support plan. The UK government has announced a ...

Pierluigi Paganini September 29, 2025
Data Breach
Harrods alerts customers to new data breach linked to third-party provider

British Department Store Harrods warns customers of a data breach via a third-party provider, exposing some names and contact details. Harrods, the luxury British department store, warned custome ...

Pierluigi Paganini September 29, 2025
Cyber Crime
Akira Ransomware bypasses MFA on SonicWall VPNs

Akira ransomware is targeting SonicWall SSL VPNs, bypassing OTP MFA on accounts, likely using stolen OTP seeds. Since July 2025, Akira ransomware has exploited SonicWall SSL VPNs, likely using cre ...

Pierluigi Paganini September 29, 2025
Uncategorized
Despite Russian influence, Moldova votes Pro-EU, highlighting future election risks

Moldova ’s deputy PM blames Russia for an election cyberattack, calling it part of a planned hybrid campaign to destabilize democracy. Moldova Deputy Prime Minister Doina Nistor blamed Russia fo ...

Pierluigi Paganini September 29, 2025
Intelligence
Dutch teens arrested for spying on behalf of pro-Russian hackers

Dutch police arrested two 17-year-olds for spying for pro-Russian hackers; one jailed, the other placed on home bail. Dutch police arrested two 17-year-olds suspected of spying for pro-Russian hac ...

Pierluigi Paganini September 29, 2025
Security
Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

The cyberattack on UK retailer Co-op in April caused empty shelves, customer data theft, and a $275M revenue loss. In May, the cybercrime group behind the April Co-op cyberattack, who go online wi ...

Pierluigi Paganini September 28, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Brewing Trouble — Dissecting a macOS M ...

Pierluigi Paganini September 28, 2025
Breaking News
Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini September 28, 2025
Cyber Crime
Ohio’s Union County suffers ransomware attack impacting 45,000 people

A ransomware attack resulted in the theft of Social Security and financial data from Union County, Ohio, impacting 45,487 people. A ransomware attack hit Union County, Ohio, and crooks stole Socia ...

Pierluigi Paganini September 27, 2025
Hacking
ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

Researchers disclosed a critical flaw, named ForcedLeak, in Salesforce Agentforce that enables indirect prompt injection, risking CRM data exposure. Noma Labs researchers discovered a critical vul ...

Pierluigi Paganini September 27, 2025
Malware
Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Microsoft Threat Intelligence researchers found a new XCSSET macOS malware variant used in limited attacks. Microsoft Threat Intelligence researchers have discovered a new version of the macOS mal ...

Pierluigi Paganini September 26, 2025
Hacking
Hackers exploit Fortra GoAnywhere flaw before public alert

watchTowr Labs says hackers exploited the Fortra GoAnywhere MFT flaw CVE-2025-10035 on Sept 10, 2025, a week before public disclosure. Cybersecurity firm watchTowr Labs revealed that it has 'credi ...

Pierluigi Paganini September 26, 2025
Hacking
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclose ...

Pierluigi Paganini September 26, 2025
Malware
Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

China-linked actors used Brickstorm malware to spy on U.S. tech and legal firms, stealing data undetected for over a year, Google warns. Google Threat Intelligence Group (GTIG) observed the use o ...

Pierluigi Paganini September 26, 2025
Hacking
U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastr ...

Pierluigi Paganini September 25, 2025
Cyber Crime
Operation HAECHI VI seized $439M from global cybercrime rings

Interpol announced that Operation HAECHI VI seized $439M from global cybercrime rings, with 40 countries joining the five-month crackdown. Interpol announced that an international law enforcement ...

Pierluigi Paganini September 25, 2025
Data Breach
Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

Volvo North America disclosed a data breach that exposed the personal data of its employees after a ransomware attack hit third-party supplier Miljödata. Volvo NA disclosed a data breach that ex ...

Pierluigi Paganini September 25, 2025