Pierluigi Paganini
August 12, 2025
Microsoft Patch Tuesday security updates for August 2025 fixed 107 flaws, including a publicly disclosed Windows Kerberos zero-day. Microsoft Patch Tuesday security updates for August 2025 fixed 107 vulnerabilities in Windows and Windows Components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, GitHub Copilot, Dynamics 365, SQL Server, and Hyper-V Server. 12 vulnerabilities are rated […]
Pierluigi Paganini
August 12, 2025
Researchers at cybersecurity firm Profero cracked DarkBit ransomware encryption, allowing victims to recover files for free. Good news for the victims of the DarkBit ransomware, researchers at cybersecurity firm Profero cracked the encryption process, allowing victims to recover files for free without paying the ransom. However, at this time, the company has yet to release […]
Pierluigi Paganini
August 11, 2025
Researcher earns Google Chrome ’s top $250K bounty for a sandbox escape vulnerability enabling remote code execution. A researcher who goes online with the moniker ‘Micky’ earned $250,000 from Google for reporting a high-severity Chrome vulnerability. The flaw, tracked as CVE-2025-4609, resides in the Mojo IPC system, an attacker can exploit the flaw to escape […]
Pierluigi Paganini
August 11, 2025
Researchers showed how hackers can exploit flaws in a bus’ onboard and remote systems for tracking, control and spying. Researchers Chiao-Lin ‘Steven Meow’ Yu of Trend Micro Taiwan and Kai-Ching ‘Keniver’ Wang of CHT Security, found that vulnerabilities in smart bus systems could let hackers remotely track, control, or spy on vehicles, exposing risks from […]
Pierluigi Paganini
August 10, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Embargo Ransomware nets $34.2M in crypto since April 2024 Germany limits police spyware use to serious […]
Pierluigi Paganini
August 09, 2025
Germany’s top court ruled police can use spyware only for crimes punishable by at least three years in prison. Germany’s top court ruled that police may only use spyware to monitor devices in cases involving crimes with a maximum sentence of at least three years. “The interference with both the fundamental right protecting IT-systems and Art. 10(1) of […]
Pierluigi Paganini
August 09, 2025
WinRAR flaw CVE-2025-8088, fixed in v7.13, was exploited as a zero-day in phishing attacks to install RomCom malware. The WinRAR flaw CVE-2025-8088, a directory traversal bug fixed in version 7.13, was exploited as a zero-day in phishing attacks to deliver RomCom malware, Bleeping Computer first reported. The flaw is a path traversal vulnerability affecting the […]
Pierluigi Paganini
August 08, 2025
Bouygues Telecom suffered a cyberattack that compromised the personal information of 6.4 million customers. French telecommunications company Bouygues Telecom suffered a cyberattack that resulted in the compromise of personal information of 6.4 million customers. Bouygues Telecom, part of the Bouygues industrial group, is one of France’s leading telecom providers, offering mobile, internet, and IPTV services. […]
Pierluigi Paganini
August 08, 2025
Columbia University was hit by a cyberattack, exposing personal data of over 860,000 students, applicants, and employees. Columbia University suffered a cyberattack that exposed the personal data of students, applicants, and employees. According to the data breach notification sent to the Maine Attorney’s General Office, the incident impacted 868,969 people. The organization quickly notified law enforcement. […]
Pierluigi Paganini
August 07, 2025
CISA and Microsoft warn of CVE-2025-53786, a high-severity Exchange flaw allowing privilege escalation in hybrid cloud environments. CISA and Microsoft warn of a high-severity flaw, tracked as CVE-2025-53786, in Exchange hybrid deployments that allows attackers to escalate privileges in cloud setups. Microsoft address the vulnerability in Exchange Server 2016, 2019 and Subscription Edition RTM. The […]
