MUST READ

Ni8mare flaw gives unauthenticated control of n8n instances

 | 

Misconfigured email routing enables internal-spoofed phishing

 | 

Veeam resolves CVSS 9.0 RCE flaw and other security issues

 | 

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

 | 

Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector

 | 

CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200

 | 

Google fixes critical Dolby Decoder bug in Android January update

 | 

Resecurity Went on the Cyber Offensive - When 'Shiny Objects' trick 'Shiny Hunters'

 | 

Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025

 | 

Kimwolf botnet leverages residential proxies to hijack 2M+ Android devices

 | 

The cybercriminal behind the 2016 Bitfinex hack has been released from prison early thanks to Trump’s 2018 First Step Act

 | 

VVS Stealer, a new python malware steals Discord credentials

 | 

Resecurity Caught ShinyHunters in Honeypot

 | 

What is happening to the Internet in Venezuela? Did the U.S. use cyber capabilities?

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 78

 | 

Security Affairs newsletter Round 557 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

President Trump blocks $2.9M Emcore chip sale over security concerns

 | 

French authorities investigate AI ‘undressing’ deepfakes on X

 | 

Thousands of ColdFusion exploit attempts spotted during Christmas holiday

 | 

Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case

 | 

ClickFix

Pierluigi Paganini January 07, 2026
Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector

PHALT#BLYX targets European hotels with fake Booking emails and BSoD lures, tricking staff into installing the DCRat remote access trojan. Researchers uncovered a late-December 2025 campaign, dubbed PHALT#BLYX, targeting European hotels with fake Booking-themed emails. Victims are redirected to bogus BSoD pages using ClickFix-style lures that prompt them to apply “fixes.” The multi-stage attack ultimately […]

Pierluigi Paganini July 14, 2025
Interlock ransomware group deploys new PHP-based RAT via FileFix

Interlock ransomware group deploys new PHP-based RAT via FileFix (a ClickFix variant) in a widespread campaign targeting multiple industries. The Interlock ransomware group is deploying a new PHP-based variant of the Interlock RAT in a broad campaign. According to researchers from the DFIR Report, in partnership with Proofpoint, it uses a delivery method known as FileFix, […]

Pierluigi Paganini May 26, 2025
Fake software activation videos on TikTok spread Vidar, StealC

Crooks use TikTok videos with fake tips to trick users into running commands that install Vidar and StealC malware in ClickFix attacks. Cybercriminals leverage AI-generated TikTok videos in ClickFix attacks to spread Vidar and StealC malware, reports Trend Micro. These videos trick users into running PowerShell commands disguised as software activation steps for tools like […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Ni8mare flaw gives unauthenticated control of n8n instances

Security / January 07, 2026

Misconfigured email routing enables internal-spoofed phishing

Hacking / January 07, 2026

Veeam resolves CVSS 9.0 RCE flaw and other security issues

Security / January 07, 2026

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

Hacking / January 07, 2026

Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector

Cyber Crime / January 07, 2026