MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

 | 

Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ShinyHunters Attack National Credit Information Center of Vietnam

 | 

FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

 | 

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

 | 

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

 | 

Samsung fixed actively exploited zero-day

 | 

UK train operator LNER (London North Eastern Railway) discloses a data breach

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

 | 

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

 | 

Google fixes critical Chrome flaw, researcher earns $43K

 | 

Kosovo man pleads guilty to running online criminal marketplace BlackDB

 | 

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

 | 

Jaguar Land Rover discloses a data breach after recent cyberattack

 | 

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

 | 

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

 | 

KillSec Ransomware is Attacking Healthcare Institutions in Brazil

 | 

Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

 | 

SAP September 2025 Patch Day fixed 4 critical flaws

 | 

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

 | 

LATEST NEWS

VIEW ALL
Malware
CoffeeLoader uses a GPU-based packer to evade detection
Pierluigi Paganini March 31, 2025

CoffeeLoader is a sophisticated malware that uses numerous techniques to bypass security solutions, Zscaler ThreatLabz warns. Zscaler ThreatLabz discovered CoffeeLoader, a malware family active si ...

Cyber Crime
Morphing Meerkat phishing kits exploit DNS MX records
Pierluigi Paganini March 31, 2025

Morphing Meerkat phishing kits exploit DNS MX records to deliver spoofed login pages, targeting over 100 brands. Infoblox researchers discovered a new phishing-as-a-service (PhaaS) platform that g ...

Breaking News
CISA warns of RESURGE malware exploiting Ivanti flaw
Pierluigi Paganini March 30, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. The U.S. Cybersecurity and Infrastr ...

Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 39
Pierluigi Paganini March 30, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Microsoft Trusted Signing service abused to code-sign malware ...

top articles

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack
September 08, 2025
LunaLock Ransomware threatens victims by feeding stolen data to AI models
September 09, 2025
KillSec Ransomware is Attacking Healthcare Institutions in Brazil
September 10, 2025
Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images
September 10, 2025
Google fixes critical Chrome flaw, researcher earns $43K
September 11, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Malware

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

September 14, 2025

Breaking News
Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

September 14, 2025

Cyber Crime
ShinyHunters Attack National Credit Information Center of Vietnam

September 14, 2025

Cyber Crime
FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

September 13, 2025

Malware
HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

September 13, 2025

recent articles

Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter npm debug and chalk packages compromised ...

Pierluigi Paganini September 14, 2025
Breaking News
Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini September 14, 2025
Cyber Crime
ShinyHunters Attack National Credit Information Center of Vietnam

Vietnam’s National Credit Information Center (CIC) was hit by a ShinyHunters cyberattack, with VNCERT confirming signs of unauthorized access to steal personal data. Authorities are investigatin ...

Pierluigi Paganini September 14, 2025
Cyber Crime
FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

The U.S. FBI issued a flash alert to warn of malicious activities carried out by two cybercriminal groups tracked as UNC6040 and UNC6395. The FBI issued a FLASH alert with IOCs for cybercriminal g ...

Pierluigi Paganini September 13, 2025
Malware
HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

HybridPetya ransomware bypasses UEFI Secure Boot to infect EFI partitions, echoing the infamous Petya/NotPetya attacks of 2016–2017. ESET researchers discovered a new ransomware called HybridPet ...

Pierluigi Paganini September 13, 2025
Security
Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

Cisco addressed multiple high-severity IOS XR vulnerabilities that can allow ISO image verification bypass and trigger DoS conditions. Cisco addressed multiple vulnerabilities in IOS XR software a ...

Pierluigi Paganini September 12, 2025
Hacking
Samsung fixed actively exploited zero-day

Samsung fixed the remote code execution flaw CVE-2025-21043 that was exploited in zero-day attacks against Android devices. Samsung addressed the remote code execution vulnerability, tracked as CV ...

Pierluigi Paganini September 12, 2025
Data Breach
UK train operator LNER (London North Eastern Railway) discloses a data breach

LNER warns of a data breach via a third-party supplier, exposing customer contact details and other personal information. UK train operator LNER (London North Eastern Railway) reported a data brea ...

Pierluigi Paganini September 12, 2025
Hacking
U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...

Pierluigi Paganini September 12, 2025
Cyber Crime
Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

Researchers warn that Akira ransomware group is exploiting a year-old SonicWall firewall flaw, likely using three attack vectors for initial access. The Akira ransomware group is exploiting a year ...

Pierluigi Paganini September 11, 2025
Security
Google fixes critical Chrome flaw, researcher earns $43K

Google addressed a critical use-after-free vulnerability in its Chrome browser that could potentially lead to code execution. A researcher earned $43000 from Google for reporting a critical Chrome ...

Pierluigi Paganini September 11, 2025
Breaking News
Kosovo man pleads guilty to running online criminal marketplace BlackDB

Kosovo man Liridon Masurica pleaded guilty to running the cybercrime marketplace BlackDB. He was arrested in 2024. Kosovo citizen Liridon Masurica (33) of Gjilan, aka @blackdb, pleaded guilty to r ...

Pierluigi Paganini September 11, 2025
Malware
Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

Hackers exploit ConnectWise ScreenConnect to drop AsyncRAT via scripted loaders, stealing data and persisting with a fake Skype updater. LevelBlue researchers warn of a campaign abusing ConnectWi ...

Pierluigi Paganini September 11, 2025
Data Breach
Jaguar Land Rover discloses a data breach after recent cyberattack

Jaguar Land Rover confirms a cyberattack caused factory disruptions and led to a data breach, compromising sensitive information. In early September, Jaguar Land Rover shut down systems to mitigat ...

Pierluigi Paganini September 11, 2025
Security
Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

Adobe fixed a critical flaw in its Commerce and Magento Open Source platforms that allows an attacker to take over customer accounts. Adobe addressed a critical vulnerability, tracked as CVE-2025- ...

Pierluigi Paganini September 10, 2025
Security
Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

Pixel 10 adds C2PA to camera and Photos, helping users verify authenticity and spot AI-generated or altered images. Pixel 10 integrates C2PA Content Credentials into the camera and Photos, allowin ...

Pierluigi Paganini September 10, 2025
Cyber Crime
KillSec Ransomware is Attacking Healthcare Institutions in Brazil

KillSec Ransomware claimed responsibility for a cyberattack on MedicSolution, a software solutions provider for the healthcare industry in Brazil. The KillSec Ransomware group has threatened to l ...

Pierluigi Paganini September 10, 2025
Security
Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

Microsoft Patch Tuesday security updates for September 2025 fixed 80 vulnerabilities, including two publicly disclosed zero-day flaws. Microsoft Patch Tuesday security updates for September 2025 a ...

Pierluigi Paganini September 10, 2025
Security
SAP September 2025 Patch Day fixed 4 critical flaws

SAP issues 21 new and 4 updated security notes, fixing critical NetWeaver flaws enabling RCE and privilege escalation. SAP this week issued 21 new and four updated security notes as part of the co ...

Pierluigi Paganini September 09, 2025
Security
Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

Multiple popular npm packages were compromised in a supply chain attack after a maintainer fell for a phishing email targeting 2FA credentials. A supply chain attack compromised multiple popular n ...

Pierluigi Paganini September 09, 2025