Pierluigi Paganini
November 26, 2025
RomCom malware used the SocGholish fake update loader to deliver Mythic Agent to a U.S. civil engineering firm. In September 2025, Arctic Wolf Labs observed RomCom threat actors delivering the Mythic Agent via SocGholish to a U.S. company. The researchers noticed that the payload executed about 10 minutes after initial exploitation, marking the first time […]
Pierluigi Paganini
November 26, 2025
Multiple London councils, including Chelsea and Westminster, faced a cyberattack that may have exposed resident data. Authorities are actively investigating the incident. A cyberattack struck multiple London councils, including Kensington & Chelsea and Westminster, which share IT systems. Officials say residents’ data may have been compromised and have notified the UK Information Commissioner’s Office. The […]
Pierluigi Paganini
November 25, 2025
Cybercriminals posing as banks drove a major spike in account takeover fraud this year, stealing over $262 million, the FBI warned. The FBI warns of a surge in account takeover fraud, with criminals posing as financial institutions and stealing over $262M since January 2025. Cybercriminals breach online financial, payroll, or health-savings accounts to steal money […]
Pierluigi Paganini
November 25, 2025
CISA warns that threat actors are actively using commercial spyware and RATs to target users of mobile messaging apps WhatsApp and Signal. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of threat actors using commercial spyware and remote access trojans (RATs) to target users of popular instant messaging applications, including WhatsApp and Signal. […]
Pierluigi Paganini
November 25, 2025
SitusAMC says a recent breach exposed customer data; the real-estate financing firm provides back-office services for banks and lenders. SitusAMC, a leading real-estate financing services provider for banks and lenders, disclosed a data breach discovered earlier this month that exposed customer information. The firm manages back-office functions such as mortgage origination, servicing, and compliance for […]
Pierluigi Paganini
November 24, 2025
Harvard revealed its Alumni Affairs systems suffered a vishing breach, exposing emails, phone numbers, addresses, donation data and biographical info. Harvard revealed that threat actors breached its Alumni Affairs and Development systems through a vishing attack, exposing contact, donation, and biographical data of students, staff, alumni. Harvard says the breached systems held no Social Security […]
Pierluigi Paganini
November 24, 2025
Delta Dental of Virginia suffered a data breach that exposed personal and health data of about 146,000 customers after the hack of an email account. A security breach at the dental care provider Delta Dental of Virginia (DDVA) exposed data of about 146,000 people, including names, Social Security numbers, ID numbers, and health information, after […]
Pierluigi Paganini
November 24, 2025
Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware. AhnLab SEcurity intelligence Center (ASEC) researchers reported that threat actors exploited a recently patched WSUS flaw (CVE-2025-59287) to deliver the ShadowPad malware. ShadowPad is a backdoor widely used by China-linked APT groups and privately sold […]
Pierluigi Paganini
November 24, 2025
Why today’s AI attack agents boost human attackers but still fall far from becoming real autonomous weapons. Anthropic recently published a report that sparked a lively debate about what AI agents can actually do during a cyberattack. The study shows an AI system, trained specifically for offensive tasks, handling 80–90% of the tactical workload in […]
Pierluigi Paganini
November 24, 2025
Two UK teens linked to Scattered Spider pleaded not guilty to charges over last year’s TfL cyberattack at a Southwark Crown Court hearing. Two British teens accused of Computer Misuse Act offenses for a cyberattack on Transport for London pleaded not guilty in court. Thalha Jubair (aka EarthtoStar, Brad, Austin, and @autistic), 19, and Owen […]
