MUST READ

European Commission probes cyberattack on mobile device management system

 | 

Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

 | 

Romania’s national oil pipeline firm Conpet reports cyberattack

 | 

Flickr moves to contain data exposure, warns users of phishing

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83

 | 

Security Affairs newsletter Round 562 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

DKnife toolkit abuses routers to spy and deliver malware since 2019

 | 

Italian university La Sapienza still offline to mitigate recent cyber attack

 | 

CISA pushes Federal agencies to retire end-of-support edge devices

 | 

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Cybercrime

Pierluigi Paganini January 01, 2018
Forever 21 confirms Payment Card Breach and provides further info on the incident

FOREVER 21 confirmed the presence of a malware at some point of sale (POS) systems in stores across the US. On November 2017, the US clothes retailer FOREVER 21 announced it has suffered a security breach, the company now confirmed that hackers stole payment card data from its locations throughout the country for several months during 2017. Even if […]

Pierluigi Paganini December 30, 2017
It’s a mystery, member of the Lurk gang admits creation of WannaCry ransomware for intelligence agencies

A hacker belonging to the Lurk cybercrime gang admits the creation of WannaCry ransomware and DNC hack on request of intelligence agencies. In an interview to Dozhd TV channel, one of the members of the Lurk crime group arrested in the Russian city of Ekaterinburg, Konstantin Kozlovsky, told that he was one of the authors of the dreaded WannaCry ransomware and that […]

Pierluigi Paganini December 29, 2017
Info Stealing – The cyber security expert Marco Ramilli spotted a new operation in the wild

The Italia cyber security expert Marco Ramilli, founder of Yoroi, published an interesting analysis of a quite new InfoStealer Malware delivered by eMail to many International Companies. Attack attribution is always a very hard work. False Flags, Code Reuse and Spaghetti Code  makes impossible to assert “This attack belongs to X”. Indeed nowadays makes more sense talking about Attribution […]

Pierluigi Paganini December 29, 2017
Two Romanians charged with infecting US Capital Police cameras with ransomware early this year

Two Romanian people have been arrested and charged with hacking into US Capital Police cameras ahead of the inauguration of President Trump. Two Romanian people have been arrested and charged with hacking into control systems of the surveillance cameras for the Metropolitan Police Department in the US. The two suspects, Mihai Alexandru Isvanca, 25, and Eveline […]

Pierluigi Paganini December 27, 2017
The popular cryptocurrency exchange EtherDelta suffered a DNS attack

The popular cryptocurrency exchange EtherDelta was hacked, attackers conducted a DNS attack that allowed to steal at least 308 ETH ($266,789) as well as a large number of tokens. The spike in cryptocurrency values is attracting cybercriminals, the last victim is the popular cryptocurrency exchange EtherDelta that announced a potential attack against its DNS server. As result […]

Pierluigi Paganini December 26, 2017
The spike in Bitcoin price is making it a less useful payment method in the cybercrime underground

The recent spike in the Bitcoin price and the fees associated with each transaction are making Bitcoin a less useful payment method in the cybercrime underground. We have a long debated the use of unregulated virtual currencies like Bitcoin in the criminal underground. Virtual currencies have a crucial role in facilitating illicit commerce, it is normal that […]

Pierluigi Paganini December 26, 2017
Three fake Bitcoin wallet apps were removed from the official Google Play

Researchers from the mobile security firm Lookout have discovered three fake Bitcoin wallet apps in the official Play store, Google promptly removed them. Experts from mobile security firm Lookout have discovered three fake Bitcoin wallet apps in the official Play store. The fake Bitcoin wallet apps were removed by Google Play after security researchers reported their discovery […]

Pierluigi Paganini December 24, 2017
Experts from Bleeping Computer spotted a new Cryptomix Ransomware variant

Security experts spotted a new variant of the CryptoMix ransomware that uses a different extension (.FILE) and a new set of contact emails. Security experts from BleepingComputer discovered a new variant of the CryptoMix ransomware that uses a different extension (.FILE)  to append to the file names of the encrypted files and uses new contact emails. For example, a file encrypted by […]

Pierluigi Paganini December 23, 2017
Experts uncovered a new GlobeImposter Ransomware malspam campaign

Experts observed cybercriminals are conducting a new malspam campaign to distribute a new variant of the GlobeImposter ransomware According to Lawrence Abrams from BleepingComputer, crooks are conducting a new malspam campaign to distribute a new variant of the GlobeImposter ransomware that appends the “..doc” extension to encrypted files. The malicious messages pretend to have attached photos being sent to the […]

Pierluigi Paganini December 20, 2017
Backdoor in Captcha Plugin poses serious risks to 300K WordPress sites

Experts discovered that the popular WordPress Captcha plugin installed on over 300,000 sites was recently updated to deliver a hidden backdoor. Security experts at WordFence have discovered that the popular WordPress Captcha plugin installed on over 300,000 sites was recently updated to deliver a hidden backdoor. The WordPress team promptly removed the plugin from the official WordPress […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

European Commission probes cyberattack on mobile device management system

Data Breach / February 09, 2026

Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

Security / February 09, 2026

Romania’s national oil pipeline firm Conpet reports cyberattack

Cyber Crime / February 09, 2026

Flickr moves to contain data exposure, warns users of phishing

Data Breach / February 09, 2026

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83

Malware / February 08, 2026