Security Affairs - Page 83 of 1785 - Read, think, share … Security is everyone's responsibility

LATEST NEWS

VIEW ALL

Hurry up,fix the CVE-2016-5425 privilege escalation flaw in Apache Tomcat

Pierluigi Paganini October 11, 2016

The security research Dawid Golunski reported a Root Privilege Escalation in the Apache Tomcat (RedHat-based distros) tracked as CVE-2016-5425. Apache Tomcat packages provided by default reposito ...

StrongPity APT - Waterhole attacks against Italian and Belgian users

Pierluigi Paganini October 11, 2016

Kaspersky published a report on cyber espionage activities conducted by StrongPity APT that most targeted Italians and Belgians with watering holes attacks. Experts from Kaspersky Lab have published ...

The France TV5Monde was almost destroyed by the Russian APT28 group

Pierluigi Paganini October 11, 2016

The TV5Monde director-general has told the BBC that his TV was almost destroyed by a targeted cyber attack conducted by the Russian APT28 group. On April 2015, the TV5Monde was hit by a severe cybe ...

Internet of Things

MITRE will award $50,000 for a solution that detects rogue IoT Devices

Pierluigi Paganini October 11, 2016

MITRE has challenged the security community to devise new methods that could help in detecting rogue IoT devices on a network. The non-profit research and development organization MITRE has challenge ...

1
2
3386
3387
3388
3389
3390
4460
4461
4462

most popular

VIEW ALL

AI attack agents are accelerators, not autonomous weapons: the Anthropic attack

November 24, 2025

Scattered Spider alleged members deny TfL charges

November 24, 2025

Iberia discloses security incident tied to supplier breach

November 23, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 72

November 23, 2025

Security Affairs newsletter Round 551 by Pierluigi Paganini – INTERNATIONAL EDITION

November 23, 2025

recent articles

Security

AI attack agents are accelerators, not autonomous weapons: the Anthropic attack

Why today’s AI attack agents boost human attackers but still fall far from becoming real autonomous weapons. Anthropic recently published a report that sparked a lively debate about what AI agen ...

Pierluigi Paganini November 24, 2025

Hacking

Scattered Spider alleged members deny TfL charges

Two UK teens linked to Scattered Spider pleaded not guilty to charges over last year’s TfL cyberattack at a Southwark Crown Court hearing. Two British teens accused of Computer Misuse Act offens ...

Pierluigi Paganini November 24, 2025

Data Breach

Iberia discloses security incident tied to supplier breach

Iberia warns customers of a supplier-related data breach as a threat actor claims to hold 77GB of stolen airline data. Iberia is warning customers about a data breach after a third-party supplier ...

Pierluigi Paganini November 23, 2025

Breaking News

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 72

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Contagious Interview Actors Now Utilize ...

Pierluigi Paganini November 23, 2025

Breaking News

Security Affairs newsletter Round 551 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini November 23, 2025

Security

SonicWall flags SSLVPN flaw allowing firewall crashes

SonicWall warns of a high-severity buffer overflow flaw in SonicOS SSLVPN (CVE-2025-40601) that lets attackers crash Gen7 and Gen8 firewalls. A new high-severity SonicOS SSLVPN flaw, tracked as CV ...

Pierluigi Paganini November 23, 2025

APT

BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks

APT24 used supply chain attacks and varied techniques to deploy the BadAudio malware in a long-running cyberespionage campaign. China-linked group APT24 used supply-chain attacks and multiple tech ...

Pierluigi Paganini November 22, 2025

Security

U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...

Pierluigi Paganini November 22, 2025

Security

CrowdStrike denies breach after insider sent internal screenshots to hackers

CrowdStrike says an insider shared internal screenshots with hackers but confirms no system breach and no customer data exposure. BleepingComputer first reported that CrowdStrike said an insider s ...

Pierluigi Paganini November 21, 2025

Security

SolarWinds addressed three critical flaws in Serv-U

SolarWinds patched three critical vulnerabilities in its Serv-U file transfer solution that could allow remote code execution. SolarWinds addressed three critical vulnerabilities in its Serv-U fil ...

Pierluigi Paganini November 21, 2025

Data Breach

Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack

Ferrovie dello Stato Italiane (FS) data leaked after a breach at IT provider Almaviva. A hacker claims the theft of 2.3 TB of sensitive data. Data belonging to Italy's national railway operator F ...

Pierluigi Paganini November 21, 2025

Hacking

Salesforce alerts users to potential data exposure via Gainsight OAuth apps

Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gai ...

Pierluigi Paganini November 21, 2025

Mobile

Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles

Researchers disclosed a WhatsApp flaw that exposed 3.5B accounts. Meta has patched it to prevent this mass enumeration. A team of researchers at the University of Vienna found a WhatsApp flaw that ...

Pierluigi Paganini November 20, 2025

Breaking News

Sturnus: New Android banking trojan targets WhatsApp, Telegram, and Signal

The Android trojan Sturnus targets communications from secure messaging apps like WhatsApp, Telegram and Signal. Sturnus is a new Android banking trojan with full device-takeover abilities. It byp ...

Pierluigi Paganini November 20, 2025

Cyber Crime

Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops

US, Australia and UK sanctioned 2 Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. US, Australia and UK sanctioned two Russian bulletproof hosting p ...

Pierluigi Paganini November 20, 2025

APT

Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks

Iran-linked actors mapped ship AIS data ahead of a missile strike attempt, highlighting the rise of cyber operations enabling real-world attacks. Iran-linked threat actors mapped ship Automatic Id ...

Pierluigi Paganini November 20, 2025

Hacking

U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini November 19, 2025

Security

7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild

A remote code execution vulnerability, tracked as CVE-2025-11001, in the 7-Zip software is under active exploitation. A new 7-Zip flaw tracked as CVE-2025-11001 (CVSS score of 7.0) is now being a ...

Pierluigi Paganini November 19, 2025

Cyber Crime

Operation WrtHug hijacks 50,000+ ASUS routers to build a global botnet

Operation WrtHug hijacks tens of thousands of outdated ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, forming a large botnet. A new campaign called Operation WrtHug has compromise ...

Pierluigi Paganini November 19, 2025

Hacking

U.S. CISA adds a new Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA has added a second Fortinet FortiWeb vulnerability in just a few days to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)&nbs ...

Pierluigi Paganini November 19, 2025