Pierluigi Paganini
January 09, 2025
Medusind, a medical billing provider, disclosed a data breach that occurred in December 2023 and affected over 360,000 individuals. Medusind is a company that provides medical billing, coding, and revenue cycle management (RCM) services to healthcare organizations, including medical practices, dental practices, and other providers. The company disclosed a data breach discovered on December 29, […]
Pierluigi Paganini
January 08, 2025
Gayfemboy, a Mirai botnet variant, has been exploiting a flaw in Four-Faith industrial routers to launch DDoS attacks since November 2024. The Gayfemboy botnet was first identified in February 2024, it borrows the code from the basic Mirai variant and now integrates N-day and 0-day exploits. By November 2024, Gayfemboy exploited 0-day vulnerabilities in Four-Faith […]
Pierluigi Paganini
January 06, 2025
PLAYFULGHOST is a new malware family with capabilities including keylogging, screen and audio capture, remote shell access, and file transfer/execution. Google researchers analyzed a new malware family called PLAYFULGHOST that supports multiple features, including keylogging, screen and audio capture, remote shell, and file transfer/execution. The PLAYFULGHOST backdoor shares functionality with Gh0st RAT whose source code was publicly released in […]
Pierluigi Paganini
January 05, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. 7-Zip Zero-Day Exploit Dropped: A New Playground for Infostealer & Supply Chain Attacks Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts The Mac Malware of 2024 Ransomware Vulnerability Matrix Inside […]
Pierluigi Paganini
January 05, 2025
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Malicious npm packages target Ethereum developers US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT […]
Pierluigi Paganini
January 04, 2025
Malicious npm packages target Ethereum developers, impersonating Hardhat plugins to steal private keys and sensitive data. Hardhat, by the Nomic Foundation, is an essential Ethereum tool, enabling streamlined smart contract and dApp development with customizable plugins. Socket researchers reported a supply chain attack targeting the Nomic Foundation and Hardhat platforms, attackers use malicious npm packages to […]
Pierluigi Paganini
January 03, 2025
Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals. Richmond University Medical Center (RUMC) is a healthcare institution based in Staten Island, New York. It provides a wide range of medical services, including […]
Pierluigi Paganini
January 02, 2025
US authorities have arrested soldier Cameron John Wagenius for his alleged involvement in leaking presidential phone records. US authorities arrested Cameron John Wagenius (20), a US Army soldier, suspected of involvement in leaking presidential call logs. The soldier was arrested in Fort Hood, Texas, he is suspected to be the hacker who using the moniker […]
Pierluigi Paganini
December 31, 2024
Rhode Island ’s health benefits system was hacked, and threat actors leaked residents’ data on the dark web. Cybercriminals leaked data stolen from Rhode Island ‘s health benefits system on the dark web. Gov. Daniel McKee stated the state had prepared for this and is informing impacted individuals. RIBridges supports state programs like Medicaid, SNAP, […]
Pierluigi Paganini
December 31, 2024
Threat actors compromised at least 16 Chrome browser extensions leading to the exposure of data from over 600,000 users. A supply chain attack compromised 16 Chrome browser extensions, exposing over 600,000 users. Threat actors targeted the publishers of the extensions on the Chrome Web Store via phishing messages, then once obtained access to their account […]
