Pierluigi Paganini
May 31, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io RemotePE: The Lazarus RAT that lives […]
Pierluigi Paganini
May 31, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers Signal Phishing Campaign Targets Journalists and […]
Pierluigi Paganini
May 30, 2026
Cybercrime group ShinyHunters leaked data allegedly stolen from Charter Communications, exposing millions of customer records after a failed extortion attempt. The ShinyHunters extortion group has published data allegedly stolen from Charter Communications after the company apparently refused to pay a ransom. Charter Communications is one of the largest telecommunications companies in the United States. It […]
Pierluigi Paganini
May 30, 2026
Attackers are texting Signal users posing as Support, asking for backup recovery keys. Once obtained, they can decrypt the entire message history, not just future chats. A phishing campaign is currently targeting Signal users with text messages that impersonate Signal Support and ask them to hand over their backup recovery key. The message looks urgent, […]
Pierluigi Paganini
May 29, 2026
BTMOB sells Android full-device takeover as a kit, no coding needed. It steals data, records screens, and hands attackers remote control for $5,000 lifetime. Most Android malware requires at least some technical competence to deploy, but the BTMOB doesn’t. The developers sell it with a built-in APK builder that lets buyers generate new malicious apps, […]
Pierluigi Paganini
May 28, 2026
Microsoft and Resecurity disrupted Fox Tempest, a malware-signing service that used fake Microsoft certificates to make malware look legitimate. Resecurity supported Microsoft’s Digital Crimes Unit (DCU) in its disruption of Fox Tempest, a financially motivated threat actor operating a malware-signing-as-a-service (MSaaS) capability used by cybercriminals to make malicious files appear legitimate. On May 19, 2026, […]
Pierluigi Paganini
May 27, 2026
Romanian hacker Catalin Dragomir (45) got 4 years and 8 months in prison for selling access to an Oregon state network. Romanian hacker Catalin Dragomir (45) will spend 4 years and 8 months in a US prison after admitting he sold access to an Oregon state network. ” A Romanian national was sentenced to 56 months […]
Pierluigi Paganini
May 27, 2026
Glassworm infected developers through poisoned tools and packages until a coordinated takedown killed all four of its C2 channels at once. On May 26, 2026, at 14:00 UTC, CrowdStrike Counter Adversary Operations team, working with Google and the Shadowserver Foundation, killed all four command-and-control channels of the Glassworm botnet at the same time. The timing […]
Pierluigi Paganini
May 26, 2026
A 5-year study on the Ransomware Economy found that 30,515 exposed databases were hit by ransom attacks, causing massive damage despite victims never paying. Database extortion doesn’t look like the ransomware stories that usually grab headlines. There’s no slick branding, no leak-site countdown, no gang posting memes on Telegram. In most cases, there’s just a […]
Pierluigi Paganini
May 26, 2026
Attackers have poisoned four Laravel-Lang Composer packages by rewriting hundreds of Git tags, putting many Laravel apps at risk. Hackers compromised four popular Laravel-Lang Composer packages and injected malware by rewriting more than 700 Git tags tied to historical versions. Laravel-Lang is a community-driven project that provides translation and localization files for Laravel applications. The […]
