MUST READ

For the first time, a RomCom payload has been observed being distributed via SocGholish

 | 

Multiple London councils faced a cyberattack

 | 

Emergency alerts go dark after cyberattack on OnSolve CodeRED

 | 

Dissecting a new malspam chain delivering Purelogs infostealer

 | 

FBI: bank impersonators fuel $262M surge in account takeover fraud

 | 

Morphisec warns StealC V2 malware spread through weaponized blender files

 | 

CISA: Spyware and RATs used to target WhatsApp and Signal Users

 | 

Harvard reports vishing breach exposing alumni and donor contact data

 | 

Delta Dental of Virginia data breach impacts 145,918 customers

 | 

Attackers deliver ShadowPad via newly patched WSUS RCE bug

 | 

AI attack agents are accelerators, not autonomous weapons: the Anthropic attack

 | 

Scattered Spider alleged members deny TfL charges

 | 

Iberia discloses security incident tied to supplier breach

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 72

 | 

Security Affairs newsletter Round 551 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

SonicWall flags SSLVPN flaw allowing firewall crashes

 | 

BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks

 | 

U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog

 | 

CrowdStrike denies breach after insider sent internal screenshots to hackers

 | 

SolarWinds addressed three critical flaws in Serv-U

 | 

LATEST NEWS

VIEW ALL
Hacking
Metasploit team released Metasploit Vulnerable Services Emulator
Pierluigi Paganini March 05, 2017

Rapid7 released the Metasploit Vulnerable Services Emulator, a new tool that can be used by IT experts to emulate vulnerable services. Which is the best way to protect a system? You need to think of ...

Cyber Crime
Exclusive: A criminal group using SSH TCP direct forward attack is also targeting Italian infrastructure
Pierluigi Paganini March 04, 2017

Exclusive: MalwareMustDie for Security Affairs released the list of the sites under attack. A criminal gang is using SSH TCP direct forward attack technique. MalwareMustDie is back and has published� ...

Data Breach
The US Vice President Mike Pence's personal AOL account was hacked
Pierluigi Paganini March 04, 2017

The US Vice President Mike Pence's personal AOL account was hacked, once again politics were breached due to wrong security posture. Pence has been harshly criticized after the discovery that he us ...

Malware
Talos team spotted a PowerShell malware that uses DNS queries to contact the C2
Pierluigi Paganini March 03, 2017

Researchers from Cisco Talos team spotted a new strain of malware that leverages PowerShell scripts to fetch commands from DNS TXT records. Malware researchers at Cisco Talos have published a detail ...

top articles

Microsoft mitigated the largest cloud DDoS ever recorded, 15.7 Tbps
November 17, 2025
New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet
November 19, 2025
Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles
November 20, 2025
Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack
November 21, 2025
Emergency alerts go dark after cyberattack on OnSolve CodeRED
November 26, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

For the first time, a RomCom payload has been observed being distributed via SocGholish

November 26, 2025

Security
Multiple London councils faced a cyberattack

November 26, 2025

Cyber Crime
Emergency alerts go dark after cyberattack on OnSolve CodeRED

November 26, 2025

Cyber Crime
Dissecting a new malspam chain delivering Purelogs infostealer

November 26, 2025

Cyber Crime
FBI: bank impersonators fuel $262M surge in account takeover fraud

November 25, 2025

recent articles

Security
For the first time, a RomCom payload has been observed being distributed via SocGholish

RomCom malware used the SocGholish fake update loader to deliver Mythic Agent to a U.S. civil engineering firm. In September 2025, Arctic Wolf Labs observed RomCom threat actors delivering the Myt ...

Pierluigi Paganini November 26, 2025
Security
Multiple London councils faced a cyberattack

Multiple London councils, including Chelsea and Westminster, faced a cyberattack that may have exposed resident data. Authorities are actively investigating the incident. A cyberattack struck mult ...

Pierluigi Paganini November 26, 2025
Cyber Crime
Emergency alerts go dark after cyberattack on OnSolve CodeRED

Cyberattack on OnSolve CodeRED disrupted emergency alert services for U.S. state, local, police, and fire agencies. A cyberattack on the OnSolve CodeRED alert platform disrupted emergency notifica ...

Pierluigi Paganini November 26, 2025
Cyber Crime
Dissecting a new malspam chain delivering Purelogs infostealer

The AISI Research Center's Cybersecurity Observatory publishes the report "Dissecting a new malspam chain delivering Purelogs infostealer" - November 25, 2025. Organizational and personal security ...

Pierluigi Paganini November 26, 2025
Cyber Crime
FBI: bank impersonators fuel $262M surge in account takeover fraud

Cybercriminals posing as banks drove a major spike in account takeover fraud this year, stealing over $262 million, the FBI warned. The FBI warns of a surge in account takeover fraud, with crimina ...

Pierluigi Paganini November 25, 2025
Cyber Crime
Morphisec warns StealC V2 malware spread through weaponized blender files

StealC V2 spread via malicious Blender files on 3D model sites like CGTrader, abusing Blender’s ability to run hidden Python scripts. Cybersecurity firm Morphisec reported that Russian threat a ...

Pierluigi Paganini November 25, 2025
Malware
CISA: Spyware and RATs used to target WhatsApp and Signal Users

CISA warns that threat actors are actively using commercial spyware and RATs to target users of mobile messaging apps WhatsApp and Signal. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini November 25, 2025
Security
Harvard reports vishing breach exposing alumni and donor contact data

Harvard revealed its Alumni Affairs systems suffered a vishing breach, exposing emails, phone numbers, addresses, donation data and biographical info. Harvard revealed that threat actors breached ...

Pierluigi Paganini November 24, 2025
Data Breach
Delta Dental of Virginia data breach impacts 145,918 customers

Delta Dental of Virginia suffered a data breach that exposed personal and health data of about 146,000 customers after the hack of an email account. A security breach at the dental care provider D ...

Pierluigi Paganini November 24, 2025
Malware
Attackers deliver ShadowPad via newly patched WSUS RCE bug

Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware. AhnLab SEcurity intelligence Center (ASEC) researchers reporte ...

Pierluigi Paganini November 24, 2025
Security
AI attack agents are accelerators, not autonomous weapons: the Anthropic attack

Why today’s AI attack agents boost human attackers but still fall far from becoming real autonomous weapons. Anthropic recently published a report that sparked a lively debate about what AI agen ...

Pierluigi Paganini November 24, 2025
Hacking
Scattered Spider alleged members deny TfL charges

Two UK teens linked to Scattered Spider pleaded not guilty to charges over last year’s TfL cyberattack at a Southwark Crown Court hearing. Two British teens accused of Computer Misuse Act offens ...

Pierluigi Paganini November 24, 2025
Data Breach
Iberia discloses security incident tied to supplier breach

Iberia warns customers of a supplier-related data breach as a threat actor claims to hold 77GB of stolen airline data. Iberia is warning customers about a data breach after a third-party supplier ...

Pierluigi Paganini November 23, 2025
Breaking News
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 72

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Contagious Interview Actors Now Utilize ...

Pierluigi Paganini November 23, 2025
Breaking News
Security Affairs newsletter Round 551 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini November 23, 2025
Security
SonicWall flags SSLVPN flaw allowing firewall crashes

SonicWall warns of a high-severity buffer overflow flaw in SonicOS SSLVPN (CVE-2025-40601) that lets attackers crash Gen7 and Gen8 firewalls. A new high-severity SonicOS SSLVPN flaw, tracked as CV ...

Pierluigi Paganini November 23, 2025
APT
BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks

APT24 used supply chain attacks and varied techniques to deploy the BadAudio malware in a long-running cyberespionage campaign. China-linked group APT24 used supply-chain attacks and multiple tech ...

Pierluigi Paganini November 22, 2025
Security
U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...

Pierluigi Paganini November 22, 2025
Security
CrowdStrike denies breach after insider sent internal screenshots to hackers

CrowdStrike says an insider shared internal screenshots with hackers but confirms no system breach and no customer data exposure. BleepingComputer first reported that CrowdStrike said an insider s ...

Pierluigi Paganini November 21, 2025
Security
SolarWinds addressed three critical flaws in Serv-U

SolarWinds patched three critical vulnerabilities in its Serv-U file transfer solution that could allow remote code execution. SolarWinds addressed three critical vulnerabilities in its Serv-U fil ...

Pierluigi Paganini November 21, 2025