MUST READ

Google Big Sleep found five vulnerabilities in Safari

 | 

Jabber Zeus developer ‘MrICQ’ extradited to US from Italy

 | 

Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

 | 

Android Apps misusing NFC and HCE to steal payment data on the rise

 | 

Conduent January 2025 breach impacts 10M+ people

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69

 | 

Security Affairs newsletter Round 548 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ukrainian extradited to US over Conti ransomware involvement

 | 

BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government

 | 

China-linked UNC6384 exploits Windows zero-day to spy on European diplomats

 | 

Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks

 | 

EY Exposes 4TB SQL Server Backup Publicly on Microsoft Azure

 | 

Suspected Chinese actors compromise U.S. Telecom firm Ribbon Communications

 | 

U.S. CISA adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog

 | 

Brush exploit can cause any Chromium browser to collapse in 15-60 seconds

 | 

Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia

 | 

Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed

 | 

Hacktivists breach Canada’s critical infrastructure, cyber Agency warns

 | 

Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog

 | 

CISA

Pierluigi Paganini August 04, 2020
US govt agencies share details of the China-linked espionage malware Taidoor

China-linked hackers carried out cyber espionage campaigns targeting governments, corporations, and think tanks with TAIDOOR malware The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense (DoD) released information on a RAT variant, dubbed TAIDOOR, used by China-linked hackers in cyber espionage campaigns targeting governments, corporations, and think tanks. “The Cybersecurity and Infrastructure Security […]

Pierluigi Paganini July 28, 2020
QSnatch malware infected over 62,000 QNAP NAS Devices

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint advisory about a massive ongoing campaign spreading the QSnatch data-stealing malware. The malicious code […]

Pierluigi Paganini July 27, 2020
NSA/CISA joint report warns on attacks on critical industrial systems

NSA is warning of cyber attacks launched by foreign threat actors against organizations in the critical infrastructure sector across the U.S. The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert warning of cyber attacks targeting critical infrastructure across the U.S. “Over recent months, cyber-actors have demonstrated their […]

Pierluigi Paganini July 25, 2020
US CISA warns of attacks exploiting CVE-2020-5902 flaw in F5 BIG-IP

The U.S. CISA is warning of the active exploitation of the unauthenticated remote code execution CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about the active exploitation of the unauthenticated remote code execution (RCE) CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. The alert includes additional […]

Pierluigi Paganini July 17, 2020
DHS CISA urges government agencies to fix SIGRed Windows Server DNS bug within 24h

US DHS CISA urges government agencies to patch SIGRed Windows Server DNS vulnerability within 24h due to the likelihood of the issue being exploited. The US DHS CISA issued an emergency directive urging government agencies to patch the recently disclosed SIGRed Windows Server DNS vulnerability within 24h due to the likelihood of the issue being […]

Pierluigi Paganini February 19, 2020
US CISA warns of Ransomware attacks impacting pipeline operations

The Cybersecurity and Infrastructure Security Agency (CISA) is warning critical U.S. infrastructure operators of a recent ransomware attack that affected a natural gas compression facility. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert across critical U.S. infrastructure sectors about a recent infection at a natural gas compression facility. “The Cybersecurity and Infrastructure Security Agency (CISA) […]

Pierluigi Paganini February 14, 2020
US Govt agencies detail North Korea-linked HIDDEN COBRA malware

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new North-Korea linked hacking operation. The government experts released new and updated Malware Analysis Reports (MARs) […]

Pierluigi Paganini January 04, 2020
U.S. CISA Agency warns of possible cyber attacks from Iran

US Government fears a new wave of cyber attacks from Iran as retaliation for the airstrike that killed Maj. Gen. Qassim Suleimani at the Baghdad airport in Iraq. Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency (CISA) warned of a potential new wave of cyber attacks carried out by Iran-linked hacker groups targeting U.S. assets. […]

Pierluigi Paganini October 24, 2019
FBI and DHS CISA issue alerts on e-skimming attacks

The US FBI issued a warning for the US private sector about e-skimming attacks carried out by the Magecart cybercrime groups. The Federal Bureau of Investigation (FBI) has released an alert on e-skimming attacks. E-skimming took place when hackers compromise an e-commerce site and plant a malicious code designed to siphon payment card data or personally […]

Pierluigi Paganini June 24, 2019
US DHS CISA warns of Iran-linked hackers using data wipers in cyberattacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a significant increase in cyberattacks from Iranian hackers spreading data wipers. US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying, credential stuffing, and spear-phishing. The attacks are targeting U.S. industries and government agencies, the statement was also […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Google Big Sleep found five vulnerabilities in Safari

Security / November 04, 2025

Crooks exploit RMM software to hijack trucking firms and steal cargo

Cyber Crime / November 04, 2025

Jabber Zeus developer ‘MrICQ’ extradited to US from Italy

Cyber Crime / November 03, 2025

Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

Security / November 03, 2025

Android Apps misusing NFC and HCE to steal payment data on the rise

Security / November 03, 2025