MUST READ

Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely

 | 

Millions of sites at risk from Imunify360 critical flaw exploit

 | 

Critical FortiWeb flaw under attack, allowing complete compromise

 | 

Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs

 | 

Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

 | 

Chrome extension “Safery” steals Ethereum wallet seed phrases

 | 

A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet

 | 

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days

 | 

Google sues cybercriminal group Smishing Triad

 | 

New Danabot Windows version appears in the threat landscape after May disruption

 | 

Australia’s spy chief warns of China-linked threats to critical infrastructure

 | 

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

 | 

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

 | 

Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug

 | 

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

 | 

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

 | 

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

 | 

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Triofox bug exploited to run malicious payloads via AV configuration

 | 

LATEST NEWS

VIEW ALL
Breaking News
Security Affairs newsletter Round 537 by Pierluigi Paganini – INTERNATIONAL EDITION
Pierluigi Paganini August 17, 2025

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Cyber Crime
Man-in-the-Prompt: The invisible attack threatening ChatGPT and other AI systems
Pierluigi Paganini August 16, 2025

Man-in-the-Prompt: a new threat targeting AI tools like ChatGPT and Gemini via simple browser extensions, no complex attack needed. A new type of threat is alarming the world of cyber security: it ...

Cyber Crime
EncryptHub abuses Brave Support in new campaign exploiting MSC EvilTwin flaw
Pierluigi Paganini August 16, 2025

EncryptHub actor exploits Windows flaw CVE-2025-26633 (“MSC EvilTwin”) with rogue MSC files and social engineering to drop malware. The threat actor EncryptHub exploits the now-patched Windows ...

APT
Taiwan Web Infrastructure targeted by APT UAT-7237 with custom toolset
Pierluigi Paganini August 16, 2025

APT group UAT-7237, linked to UAT-5918, targets web infrastructure in Taiwan using customized open-source tools to maintain long-term access. A Chinese-speaking advanced persistent threat (APT) gr ...

top articles

Google sounds alarm on self-modifying AI malware
November 06, 2025
LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks
November 07, 2025
Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS
November 11, 2025
Chrome extension “Safery” steals Ethereum wallet seed phrases
November 13, 2025
Google sues cybercriminal group Smishing Triad
November 12, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely

November 14, 2025

Security
Millions of sites at risk from Imunify360 critical flaw exploit

November 14, 2025

Hacking
Critical FortiWeb flaw under attack, allowing complete compromise

November 14, 2025

Security
Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs

November 14, 2025

Data Breach
Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

November 14, 2025

recent articles

Security
Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely

ASUS fixed a critical auth-bypass flaw (CVE-2025-59367) in DSL routers that let remote, unauthenticated attackers access devices with ease. ASUS patched a critical auth-bypass flaw, tracked as CVE ...

Pierluigi Paganini November 14, 2025
Security
Millions of sites at risk from Imunify360 critical flaw exploit

A vulnerability affecting Imunify360 lets attackers run code via malicious file uploads, risking millions of websites. A vulnerability in ImunifyAV/Imunify360 allows attackers to upload malicious ...

Pierluigi Paganini November 14, 2025
Hacking
Critical FortiWeb flaw under attack, allowing complete compromise

A Fortinet FortiWeb auth-bypass flaw is being actively exploited, allowing attackers to hijack admin accounts and fully compromise devices. Researchers warn of an authentication bypass flaw in For ...

Pierluigi Paganini November 14, 2025
Security
Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs

Germany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems. Germany’s BSI warns of rising evasion attacks on LLMs, issuing gui ...

Pierluigi Paganini November 14, 2025
Data Breach
Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

The Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors ...

Pierluigi Paganini November 14, 2025
Malware
Chrome extension “Safery” steals Ethereum wallet seed phrases

Malicious Chrome extension “Safery: Ethereum Wallet” steals users’ seed phrases while posing as a legit crypto wallet still available online. Socket’s Threat Research Team discovered a mal ...

Pierluigi Paganini November 13, 2025
Cyber Crime
A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet

Europol’s Operation Endgame dismantles Rhadamanthys, Venom RAT, and Elysium botnet in a global crackdown on cybercriminal infrastructures. Europol and Eurojust have launched a new phase of Opera ...

Pierluigi Paganini November 13, 2025
Security
U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cyberse ...

Pierluigi Paganini November 13, 2025
Hacking
Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days

Amazon warns that an advanced threat actor exploited zero-days in Cisco ISE and Citrix NetScaler to deploy custom malware. Amazon's threat intelligence researchers spotted an advanced threat actor ...

Pierluigi Paganini November 13, 2025
Cyber Crime
Google sues cybercriminal group Smishing Triad

Google sues China-based group using “Lighthouse” phishing kit in large-scale smishing attacks to steal victims’ financial data. Google filed a lawsuit against a cybercriminal group largely b ...

Pierluigi Paganini November 12, 2025
Malware
New Danabot Windows version appears in the threat landscape after May disruption

DanaBot returns after 6 months with a new Windows variant (v669), marking its comeback after being disrupted by Operation Endgame in May. DanaBot has resurfaced with a new variant (version 669) ta ...

Pierluigi Paganini November 12, 2025
Intelligence
Australia’s spy chief warns of China-linked threats to critical infrastructure

Australia’s spy chief warns China-linked actors are probing critical infrastructure and preparing for cyber sabotage and espionage. Australia’s intelligence chief Mike Burgess warned that Chin ...

Pierluigi Paganini November 12, 2025
Security
Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

Synology fixed a critical BeeStation RCE flaw (CVE-2025-12686) shown at Pwn2Own, caused by unchecked buffer input allowing code execution. Synology patched a critical remote code execution (RCE) f ...

Pierluigi Paganini November 12, 2025
Cyber Crime
$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

“Bitcoin Queen” Zhimin Qian gets 11 years in London for laundering $7.3B from a crypto scam that defrauded 128K victims in China. A British court sentenced a Chinese woman, Zhimin Qian (47), ...

Pierluigi Paganini November 12, 2025
Security
Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug

Microsoft fixed over 60 flaws, including an actively exploited Windows kernel zero-day, in its latest Patch Tuesday updates. Microsoft’s Patch Tuesday security updates for November 2025 address ...

Pierluigi Paganini November 12, 2025
Security
SAP fixed a maximum severity flaw in SQL Anywhere Monitor

SAP fixed 19 security issues, including a critical flaw in SQL Anywhere Monitor with hardcoded credentials that could enable remote code execution. SAP addressed 19 security vulnerabilities, inclu ...

Pierluigi Paganini November 11, 2025
Malware
Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

Researchers found Fantasy Hub, a Russian MaaS Android RAT that lets attackers spy, steal data, and control devices via Telegram. Zimperium researchers uncovered Fantasy Hub, a Russian-sold Android ...

Pierluigi Paganini November 11, 2025
Intelligence
North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

North Korea-linked APT Konni posed as counselors to steal data and wipe Android phones via Google Find Hub in Sept 2025. Genians Security Center researchers warn that the North Korea-linked Konni ...

Pierluigi Paganini November 11, 2025
Hacking
U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Age ...

Pierluigi Paganini November 11, 2025
Hacking
Critical Triofox bug exploited to run malicious payloads via AV configuration

Hackers exploited Triofox flaw CVE-2025-12480 to bypass auth and install remote access tools via the platform’s antivirus feature. Google's Mandiant researchers spotted threat actors exploiting ...

Pierluigi Paganini November 11, 2025