Pierluigi Paganini
April 13, 2026
Threat actors compromised the CPUID website and spread STX RAT through fake CPU-Z and HWMonitor downloads. Attackers breached the website CPUID and replaced download links for CPU-Z and HWMonitor with malicious files for several hours. Users who downloaded them got infected with the STX RAT, giving attackers remote access to their systems. The short attack […]
Pierluigi Paganini
April 12, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Thirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Database Theft, and Persistent C2 Malicious LNK Files Distributing a Python-Based Backdoor and Changes in Distribution Techniques (Kimsuky Group) Hackers Are Attempting to Turn ComfyUI Servers Into a […]
Pierluigi Paganini
April 12, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Censys finds 5,219 devices exposed to attacks by Iranian APTs, majority in U.S. GlassWorm evolves with […]
Pierluigi Paganini
April 11, 2026
The GlassWorm campaign uses a Zig-based dropper hidden in a fake IDE extension to infect developer tools and compromise systems. The GlassWorm campaign, active since 2025, has evolved from malicious npm packages to large-scale supply chain attacks across GitHub, npm, and VS Code, even deploying RATs via fake browser extensions. In its latest iteration, threat […]
Pierluigi Paganini
April 10, 2026
Dutch healthcare IT firm ChipSoft suffered a ransomware attack, forcing services and its HiX platform offline, impacting hospitals and patients. ChipSoft, a major Dutch provider of EHR systems, was hit by a ransomware attack that forced it to take its website and digital services offline, disrupting access for hospitals, healthcare providers, and patients. EHR (Electronic […]
Pierluigi Paganini
April 10, 2026
Hackers breached Bitcoin Depot, stole credentials, and took about 50 BTC worth $3.6M from its wallets after a March 23 intrusion. Hackers breached the largest US Bitcoin ATM operator, Bitcoin Depot, on March 23, stole login credentials, and drained about 50.9 BTC worth $3.6M from company wallets. Bitcoin Depot told the SEC that a hacker […]
Pierluigi Paganini
April 09, 2026
Hackers breached Eurail in Dec 2025, stole names and passport data, and exposed over 300,000 travelers’ personal information. Threat actors breached Eurail in December 2025 and stole names and passport numbers from its network. The company now notifies 308,777 people that attackers exposed their personal data, raising concerns about identity theft and misuse of sensitive […]
Pierluigi Paganini
April 07, 2026
China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially driven ransomware attacks by exploiting newly disclosed vulnerabilities before organizations patch them. The group targets exposed systems and quickly moves from initial access to data theft and Medusa ransomware deployment, […]
Pierluigi Paganini
April 06, 2026
German police BKA identified two key REvil ransomware members, linking them to over 130 attacks in Germany. Germany’s Federal Criminal Police (BKA) has identified two key figures behind the REvil ransomware group, linking them to more than 130 attacks in the country. The first suspect is Daniil Maksimovich Shchukin (31), a Russian national known online […]
Pierluigi Paganini
April 05, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government RoadK1ll: A WebSocket Based Pivoting Implant axios Compromised: npm Supply Chain Attack via Dependency Injection […]
