MUST READ

New supply chain attack hits npm registry, compromising 40+ packages

 | 

Cybercrime group accessed Google Law Enforcement Request System (LERS)

 | 

China-linked Mustang Panda deploys advanced SnakeDisk USB worm

 | 

Insider breach at FinWise Bank exposes data of 689,000 AFF customers

 | 

Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

 | 

Fairmont Federal Credit Union 2023 data breach impacted 187K people

 | 

UK ICO finds students behind majority of school data breaches

 | 

INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

 | 

Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ShinyHunters Attack National Credit Information Center of Vietnam

 | 

FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

 | 

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

 | 

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

 | 

Samsung fixed actively exploited zero-day

 | 

UK train operator LNER (London North Eastern Railway) discloses a data breach

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

 | 

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

 | 

Google fixes critical Chrome flaw, researcher earns $43K

 | 

Kosovo man pleads guilty to running online criminal marketplace BlackDB

 | 

GitHub Actions

Pierluigi Paganini March 18, 2025
GitHub Action tj-actions/changed-files was compromised in supply chain attack

The GitHub Action tj-actions/changed-files was compromised, enabling attackers to extract secrets from repositories using the CI/CD workflow. Researchers reported that threat actors compromised the GitHub Action tj-actions/changed-files, allowing the leak of secrets from repositories using the continuous integration and continuous delivery CI/CD workflow. The tj-actions/changed-files GitHub Action is used in over 23,000 repositories, it automates workflows by […]

Pierluigi Paganini July 12, 2022
Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Researchers investigated cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs. Researchers from Trend Micro published a report that details cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs and the threat actors behind them. Threat actors are attempting to compromise a large number of cloud-based systems to mine cryptocurrency with a significant […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

New supply chain attack hits npm registry, compromising 40+ packages

Malware / September 16, 2025

Cybercrime group accessed Google Law Enforcement Request System (LERS)

Security / September 16, 2025

China-linked Mustang Panda deploys advanced SnakeDisk USB worm

APT / September 16, 2025

Insider breach at FinWise Bank exposes data of 689,000 AFF customers

Data Breach / September 16, 2025

Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

Cyber Crime / September 15, 2025