MUST READ

RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025

 | 

Five admit helping North Korea evade sanctions through IT worker schemes

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71

 | 

Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack

 | 

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely

 | 

Millions of sites at risk from Imunify360 critical flaw exploit

 | 

Critical FortiWeb flaw under attack, allowing complete compromise

 | 

Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs

 | 

Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

 | 

Chrome extension “Safery” steals Ethereum wallet seed phrases

 | 

A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet

 | 

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days

 | 

Google sues cybercriminal group Smishing Triad

 | 

New Danabot Windows version appears in the threat landscape after May disruption

 | 

Australia’s spy chief warns of China-linked threats to critical infrastructure

 | 

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

 | 

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

 | 

LATEST NEWS

VIEW ALL
Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

Google sounds alarm on self-modifying AI malware
November 06, 2025
LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks
November 07, 2025
Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS
November 11, 2025
Chrome extension “Safery” steals Ethereum wallet seed phrases
November 13, 2025
Google sues cybercriminal group Smishing Triad
November 12, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Malware

RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025

November 17, 2025

Cyber Crime
Five admit helping North Korea evade sanctions through IT worker schemes

November 16, 2025

Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71

November 16, 2025

Breaking News
Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION

November 16, 2025

Hacking
Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack

November 16, 2025

recent articles

Malware
RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025

RondoDox botnet exploits unpatched XWiki flaw CVE-2025-24893 to gain RCE and infect more servers, despite fixes released in February 2025. RondoDox is targeting unpatched XWiki servers via critica ...

Pierluigi Paganini November 17, 2025
Cyber Crime
Five admit helping North Korea evade sanctions through IT worker schemes

Five pleaded guilty to aiding North Korea ’s illicit revenue via IT worker fraud, violating international sanctions. The U.S. Department of Justice announced that five people have pleaded guilty ...

Pierluigi Paganini November 16, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter 9 Malicious NuGet Packages Deliver Time- ...

Pierluigi Paganini November 16, 2025
Breaking News
Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini November 16, 2025
Hacking
Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack

China-linked actors used Anthropic’s AI to automate and run cyberattacks in a sophisticated 2025 espionage campaign using advanced agentic tools. China-linked threat actors used Anthropic’s AI ...

Pierluigi Paganini November 16, 2025
Hacking
U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ( ...

Pierluigi Paganini November 15, 2025
Security
Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely

ASUS fixed a critical auth-bypass flaw (CVE-2025-59367) in DSL routers that let remote, unauthenticated attackers access devices with ease. ASUS patched a critical auth-bypass flaw, tracked as CVE ...

Pierluigi Paganini November 14, 2025
Security
Millions of sites at risk from Imunify360 critical flaw exploit

A vulnerability affecting Imunify360 lets attackers run code via malicious file uploads, risking millions of websites. A vulnerability in ImunifyAV/Imunify360 allows attackers to upload malicious ...

Pierluigi Paganini November 14, 2025
Hacking
Critical FortiWeb flaw under attack, allowing complete compromise

A Fortinet FortiWeb auth-bypass flaw is being actively exploited, allowing attackers to hijack admin accounts and fully compromise devices. Researchers warn of an authentication bypass flaw in For ...

Pierluigi Paganini November 14, 2025
Security
Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs

Germany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems. Germany’s BSI warns of rising evasion attacks on LLMs, issuing gui ...

Pierluigi Paganini November 14, 2025
Data Breach
Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

The Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors ...

Pierluigi Paganini November 14, 2025
Malware
Chrome extension “Safery” steals Ethereum wallet seed phrases

Malicious Chrome extension “Safery: Ethereum Wallet” steals users’ seed phrases while posing as a legit crypto wallet still available online. Socket’s Threat Research Team discovered a mal ...

Pierluigi Paganini November 13, 2025
Cyber Crime
A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet

Europol’s Operation Endgame dismantles Rhadamanthys, Venom RAT, and Elysium botnet in a global crackdown on cybercriminal infrastructures. Europol and Eurojust have launched a new phase of Opera ...

Pierluigi Paganini November 13, 2025
Security
U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cyberse ...

Pierluigi Paganini November 13, 2025
Hacking
Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days

Amazon warns that an advanced threat actor exploited zero-days in Cisco ISE and Citrix NetScaler to deploy custom malware. Amazon's threat intelligence researchers spotted an advanced threat actor ...

Pierluigi Paganini November 13, 2025
Cyber Crime
Google sues cybercriminal group Smishing Triad

Google sues China-based group using “Lighthouse” phishing kit in large-scale smishing attacks to steal victims’ financial data. Google filed a lawsuit against a cybercriminal group largely b ...

Pierluigi Paganini November 12, 2025
Malware
New Danabot Windows version appears in the threat landscape after May disruption

DanaBot returns after 6 months with a new Windows variant (v669), marking its comeback after being disrupted by Operation Endgame in May. DanaBot has resurfaced with a new variant (version 669) ta ...

Pierluigi Paganini November 12, 2025
Intelligence
Australia’s spy chief warns of China-linked threats to critical infrastructure

Australia’s spy chief warns China-linked actors are probing critical infrastructure and preparing for cyber sabotage and espionage. Australia’s intelligence chief Mike Burgess warned that Chin ...

Pierluigi Paganini November 12, 2025
Security
Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

Synology fixed a critical BeeStation RCE flaw (CVE-2025-12686) shown at Pwn2Own, caused by unchecked buffer input allowing code execution. Synology patched a critical remote code execution (RCE) f ...

Pierluigi Paganini November 12, 2025
Cyber Crime
$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

“Bitcoin Queen” Zhimin Qian gets 11 years in London for laundering $7.3B from a crypto scam that defrauded 128K victims in China. A British court sentenced a Chinese woman, Zhimin Qian (47), ...

Pierluigi Paganini November 12, 2025