MUST READ

SimonMed Imaging discloses a data breach impacting over 1.2 million people

 | 

Microsoft revamps Internet Explorer Mode in Edge after August attacks

 | 

Astaroth Trojan abuses GitHub to host configs and evade takedowns

 | 

Google, Mandiant expose malware and zero-day behind Oracle EBS extortion

 | 

Stealit Malware spreads via fake game & VPN installers on Mediafire and Discord

 | 

Security Affairs newsletter Round 545 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66

 | 

CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack

 | 

Cybercrime ring GXC Team dismantled in Spain, 25-year-old leader detained

 | 

Attackers exploit valid logins in SonicWall SSL VPN compromise

 | 

Apple doubles maximum bug bounty to $2M for zero-click RCEs

 | 

Juniper patched nine critical flaws in Junos Space

 | 

Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors

 | 

U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog

 | 

RondoDox Botnet targets 56 flaws across 30+ device types worldwide

 | 

ClayRat campaign uses Telegram and phishing sites to distribute Android spyware

 | 

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

 | 

Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users

 | 

Discord denies massive breach, confirms limited exposure of 70K ID photos

 | 

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi

 | 

Astaroth banking Trojan

Pierluigi Paganini October 13, 2025
Astaroth Trojan abuses GitHub to host configs and evade takedowns

The Astaroth banking Trojan uses GitHub to host malware configs, evade C2 takedowns and stay active by pulling new settings from the platform. McAfee discovered a new Astaroth campaign using GitHub repositories to host malware configurations. This allows attackers to evade takedowns by pulling fresh configs from GitHub whenever C2 servers are shut down, ensuring […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SimonMed Imaging discloses a data breach impacting over 1.2 million people

Uncategorized / October 13, 2025

Microsoft revamps Internet Explorer Mode in Edge after August attacks

Security / October 13, 2025

Astaroth Trojan abuses GitHub to host configs and evade takedowns

Cyber Crime / October 13, 2025

Google, Mandiant expose malware and zero-day behind Oracle EBS extortion

Hacking / October 13, 2025

Stealit Malware spreads via fake game & VPN installers on Mediafire and Discord

Malware / October 13, 2025