MUST READ

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

MoltBot Skills exploited to distribute 400+ malware packages in days

 | 

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

 | 

Hackers exploit unsecured MongoDB instances to wipe data and demand ransom

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

 | 

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

 | 

Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

search

Date range
Filters

1191 results

Pierluigi Paganini March 12, 2025
China-linked APT UNC3886 targets EoL Juniper routers

Mandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper Networks Junos OS MX routers. In mid-2024, Mandiant identified custom backdoors on Juniper Networks’ Junos OS routers, and attributed the attacks to a China-linked espionage group tracked as UNC3886. These TINYSHELL-based backdoors had various capabilities, including active and passive access and a script to […]

Pierluigi Paganini March 05, 2025
China-linked APT Silk Typhoon targets IT Supply Chain

Microsoft warns that China-backed APT Silk Typhoon linked to US Treasury hack, is now targeting global IT supply chains, using IT firms to spy and move laterally. Microsoft reported that China-linked APT group Silk Typhoon has shifted tactics to target IT solutions like remote management tools and cloud apps for initial access. Silk Typhoon is […]

Pierluigi Paganini March 02, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 35

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. DragonForce Ransomware Group is Targeting Saudi Arabia   Massive Botnet Targets M365 with Stealthy Password Spraying Attacks   Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2   #StopRansomware: Ghost (Cring) Ransomware   […]

Pierluigi Paganini March 02, 2025
Security Affairs newsletter Round 513 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ransomware gangs exploit a Paragon Partition Manager BioNTdrv.sys driver zero-day Microsoft disrupted a global cybercrime ring abusing Azure […]

Pierluigi Paganini February 23, 2025
Security Affairs newsletter Round 512 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever Apple removes iCloud encryption in […]

Pierluigi Paganini February 21, 2025
B1ack’s Stash released 1 Million credit cards

Experts warn that the carding website B1ack’s Stash released a collection of over 1 million unique credit and debit cards. D3 Lab researchers reported that on February 19, 2025, the carding website B1ack’s Stash released a collection of over 1 million unique credit and debit cards. Experts speculate that B1ack’s Stash used the free card release as a marketing strategy. The […]

Pierluigi Paganini February 16, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach Google Tag Manager Skimmer Steals Credit Card Info From Magento Site  From South America to Southeast Asia: The Fragile Web of REF7707  Analyzing DEEP#DRIVE: North Korean […]

Pierluigi Paganini February 16, 2025
Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog […]

Pierluigi Paganini February 13, 2025
Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

A subgroup of the Russia-linked Seashell Blizzard APT group (aka Sandworm) ran a global multi-year initial access operation called BadPilot. Microsoft shared findings on research on a subgroup of the Russia-linked APT group Seashell Blizzard behind the global BadPilot campaign, which compromises infrastructure to support Russian cyber operations. Seashell Blizzard (aka Sandworm, BlackEnergy and TeleBots) has been […]

Pierluigi Paganini February 11, 2025
Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

Sucuri researchers observed threat actors leveraging Google Tag Manager (GTM) to install e-skimmer software on Magento-based e-stores. Sucuri researchers found threat actors using Google Tag Manager (GTM) to deploy e-skimmer malware on a Magento eCommerce site. Google Tag Manager (GTM) is a free tool that lets website owners manage marketing tags without modifying site code, […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

Security / February 06, 2026

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

Security / February 06, 2026

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Uncategorized / February 05, 2026

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Hacktivism / February 05, 2026

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

APT / February 05, 2026