MUST READ

Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.

 | 

Infy Returns: Iran-linked hacking group shows renewed activity

 | 

University of Sydney discloses a data breach impacting 27,000 people

 | 

Waymo suspends service after power outage hit San Francisco

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76

 | 

Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ATM Jackpotting ring busted: 54 indicted by DoJ

 | 

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

 | 

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

 | 

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

 | 

SonicWall warns of actively exploited flaw in SMA 100 AMC

 | 

GNV ferry Fantastic under cyberattack probe amid remote hijack fears

 | 

Askul data breach exposed over 700,000 records after ransomware attack

 | 

Russian state hackers targeted Western critical infrastructure for years, Amazon says

 | 

search

Date range
Filters

1182 results

Pierluigi Paganini December 20, 2020
COVID-19 themed attacks December 6 – December 19, 2020

This post includes the details of the COVID-19 themed attacks launched from December 6 – December 19, 2020. December 6 – Drug dealers are selling Pfizer COVID-19 vaccines on the darkweb While the United Kingdom announced the distribution of the COVID19 vaccine to the population drug dealers is selling ‘Pfizer COVID Vaccines.’ December 10 – […]

Pierluigi Paganini December 18, 2020
All-source intelligence: reshaping an old tool for future challenges

An enhanced version of the old all-source intelligence discipline could serve the purpose. By Boris Giannetto Hybrid, interconnected and complex threats require hybrid, interconnected and complex tools. An enhanced version of the old all-source intelligence discipline could serve the purpose. Today’s society hinges on technologies and they will have most likely an ever-increasing clout in […]

Pierluigi Paganini December 17, 2020
Digging the recently leaked Chinese Communist Party database

KELA researchers analyzed a database recently leaked online that contains data for 1.9 million Chinese Communist Party members in Shanghai. After the announcement of the leak of the database which contains the personal information of 1.9 million Chinese Communist Party (CCP) members in Shanghai, KELA researchers have obtained it. This database includes the members’ name, […]

Pierluigi Paganini December 13, 2020
Security Affairs newsletter Round 293

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. COVID-19 themed attacks October 1 – December 5, 2020 Drug dealers are selling Pfizer COVID vaccines on the darkweb LockBit Ransomware operators hit Swiss helicopter maker Kopter Police arrest two […]

Pierluigi Paganini December 03, 2020
TrickBoot feature allows TrickBot bot to run UEFI attacks

TrickBot, one of the most active botnets, in the world, gets a new improvement by adding a UEFI/BIOS Bootkit Feature. The infamous TrickBot gets a new improvement, authors added a new feature dubbed “TrickBoot” designed to exploit well-known vulnerabilities in the UEFI/BIOS firmware and inject malicious code, such as bootkits. The TrickBoot functionality was documented […]

Pierluigi Paganini December 01, 2020
Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Microsoft warns of Vietnam-linked Bismuth group that is deploying cryptocurrency miner while continues its cyberespionage campaigns Researchers from Microsoft reported that the Vietnam-linked Bismuth group, aka OceanLotus, Cobalt Kitty, or APT32, is deploying cryptocurrency miners while continues its cyberespionage campaigns. Cryptocurrency miners are typically associated with financially motivated attacks, but BISMUTH is attempting to take […]

Pierluigi Paganini November 29, 2020
Operators behind Dark Caracal are still alive and operational

The Dark Caracal APT group has carried out a series of attacks against multiple sectors using a new variant of a 13-year-old backdoor Trojan. The Dark Caracal cyberespionage group is back, researchers from Check Point uncovered a new series of attack against multiple industries. The Dark Caracal is an APT group associated with the Lebanese […]

Pierluigi Paganini November 27, 2020
Canon publicly confirms August ransomware attack and data breach

Canon finally confirmed that it has suffered a ransomware attack in early August that resulted in the theft of data from its servers. Canon has finally confirmed that it was the victim of a ransomware attack in early August and that the threat actors also stole data from its servers. In August, BleepingComputer first revealed […]

Pierluigi Paganini November 23, 2020
Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Sonatype’s deep dive research allowed to identify a new family of Discord malware called CursedGrabber. Sonatype has discovered more malware in the npm registry which, following our analysis and multiple cyber threat intelligence reports, has led to the discovery of a novel and large scale malware campaign leveraging the open-source ecosystem. The malware called “xpc.js” […]

Pierluigi Paganini November 12, 2020
New modular ModPipe POS Malware targets restaurants and hospitality sectors

Cybersecurity researchers spotted a new modular PoS malware, dubbed ModPipe, that targets PoS restaurant management software from Oracle. ESET researchers discovered a new modular backdoor, dubbed ModPipe, that was designed to target PoS systems running ORACLE MICROS Restaurant Enterprise Series (RES) 3700, which is a management suite widely used in restaurant and hospitality sectors. The backdoor outstands […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.

Cyber Crime / December 22, 2025

Infy Returns: Iran-linked hacking group shows renewed activity

Security / December 22, 2025

University of Sydney discloses a data breach impacting 27,000 people

Breaking News / December 22, 2025

Waymo suspends service after power outage hit San Francisco

Security / December 22, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76

Malware / December 21, 2025