MUST READ

Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases

 | 

CAPI Backdoor targets Russia’s auto and e-commerce sectors

 | 

F5 breach exposes 262,000 BIG-IP systems worldwide

 | 

China finds “irrefutable evidence” of US NSA cyberattacks on time Authority

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 67

 | 

Security Affairs newsletter Round 546 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Winos 4.0 hackers expand to Japan and Malaysia with new malware

 | 

From Airport chaos to cyber intrigue: Everest Gang takes credit for Collins Aerospace breach

 | 

SIMCARTEL operation: Europol takes down SIM-Box ring linked to 3,200 scams

 | 

A critical WatchGuard Fireware flaw could allow unauthenticated code execution

 | 

Prosper disclosed a data breach impacting 17.6 million accounts

 | 

Microsoft revokes 200+ certificates abused by Vanilla Tempest in fake Teams campaign

 | 

PowerSchool hacker got four years in prison

 | 

Auction house Sotheby’s disclosed a July data breach

 | 

Operation Zero Disco: Threat actors targets Cisco SNMP flaw to drop Linux rootkits

 | 

U.S. CISA adds Adobe Experience Manager Forms flaw to its Known Exploited Vulnerabilities catalog

 | 

U.S. CISA adds SKYSEA Client View, Rapid7 Velociraptor, Microsoft Windows, and IGEL OS flaws to its Known Exploited Vulnerabilities catalog

 | 

Spanish fashion retailer MANGO disclosed a data breach

 | 

Qilin Ransomware announced new victims

 | 

200,000 Linux systems from Framework are shipped with signed UEFI components vulnerable to Secure Boot bypass

 | 

CVE-2023-46604

Pierluigi Paganini August 21, 2025
Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection

Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud Linux systems and deploy DripDropper malware. Uniquely, they patch the flaw post-exploit […]

Pierluigi Paganini November 02, 2023
Suspected exploitation of Apache ActiveMQ flaw CVE-2023-46604 to install HelloKitty ransomware

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ. Apache ActiveMQ is an open-source message broker software that serves as a message-oriented middleware (MOM) […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases

Data Breach / October 20, 2025

CAPI Backdoor targets Russia’s auto and e-commerce sectors

Uncategorized / October 20, 2025

F5 breach exposes 262,000 BIG-IP systems worldwide

Security / October 20, 2025

China finds “irrefutable evidence” of US NSA cyberattacks on time Authority

Intelligence / October 20, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 67

Malware / October 19, 2025