MUST READ

Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles

 | 

Sturnus: New Android banking trojan targets WhatsApp, Telegram, and Signal

 | 

Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops

 | 

Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks

 | 

U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild

 | 

Operation WrtHug hijacks 50,000+ ASUS routers to build a global botnet

 | 

U.S. CISA adds a new Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

 | 

Eurofiber confirms November 13 hack, data theft, and extortion attempt

 | 

New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet

 | 

Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack

 | 

DoorDash data breach exposes personal info after social engineering attack

 | 

Google fixed the seventh Chrome zero-day in 2025

 | 

Dutch police takes down bulletproof hosting hub linked to 80+ cybercrime cases

 | 

Microsoft mitigated the largest cloud DDoS ever recorded, 15.7 Tbps

 | 

Jaguar Land Rover confirms major disruption and ÂŁ196M cost from September cyberattack

 | 

North Korean threat actors use JSON sites to deliver malware via trojanized code

 | 

RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025

 | 

Five admit helping North Korea evade sanctions through IT worker schemes

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71

 | 

Contagious Interview

Pierluigi Paganini November 17, 2025
North Korean threat actors use JSON sites to deliver malware via trojanized code

North Korean Contagious Interview actors now host malware on JSON storage sites to deliver trojanized code projects, NVISO reports. North Korea-linked actors behind the Contagious Interview campaign have updated their tactics, using JSON storage services (e.g. JSON Keeper, JSONsilo, and npoint.io) to host and deliver malware through trojanized code projects, according to a new NVISO report. “NVISO […]

Pierluigi Paganini December 28, 2024
North Korea actors use OtterCookie malware in Contagious Interview campaign

North Korea-linked threat actors are using the OtterCookie backdoor to target software developers with fake job offers. North Korea-linked threat actors were spotted using new malware called OtterCookie as part of the Contagious Interview campaign that targets software developer community with fake job offers. The Contagious Interview campaign was first detailed by Palo Alto Networks […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles

Mobile / November 20, 2025

Sturnus: New Android banking trojan targets WhatsApp, Telegram, and Signal

Breaking News / November 20, 2025

Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops

Cyber Crime / November 20, 2025

Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks

APT / November 20, 2025

U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

Hacking / November 19, 2025