Pierluigi Paganini
September 03, 2025
Threat actors abuse HexStrike AI, a new offensive security tool meant for red teaming and bug bounties, to exploit fresh vulnerabilities. Check Point researchers warn that threat actors are abusing AI-based offensive security tool HexStrike AI to quickly exploit recently disclosed security flaws. HexStrike AI combines professional security tools with autonomous AI agents to deliver comprehensive security testing capabilities. […]
Pierluigi Paganini
September 03, 2025
Google addressed 120 Android vulnerabilities in September 2025, including two flaws actively exploited in targeted attacks. Google has released security updates to address 120 Android vulnerabilities as part of Android Security Bulletin – September 2025. Two of these vulnerabilities have been exploited in targeted attacks. “There are indications that the following may be under limited, targeted […]
Pierluigi Paganini
September 03, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2020-24363 (CVSS 8.8) is a missing authentication flaw in TP-Link TL-WA855RE […]
Pierluigi Paganini
September 03, 2025
Jaguar Land Rover shut down systems after a cyberattack, disrupting production and retail, but says customer data likely remains safe. Jaguar Land Rover shut down systems to mitigate a cyberattack that disrupted production and retail operations. The attack occurred over the weekend, and it also impacted systems at the Solihull production plant. UK dealers reported […]
Pierluigi Paganini
September 02, 2025
Cloudflare blocked a record 11.5 Tbps DDoS attack, a UDP flood from Google Cloud, part of weeks-long assault waves. Cloudflare announced on X that it had blocked the largest ever DDoS attack, peaking at 11.5 Tbps. The UDP flood, mainly from Google Cloud, was part of a wave of attacks that lasted several weeks. Cloudflare […]
Pierluigi Paganini
September 01, 2025
Zscaler breach tied to Salesloft Drift attack exposed Salesforce data, leaking customer info and support case details in a supply-chain compromise. Zscaler discloses a data breach that is linked to the recent Salesloft Drift attack. The cybersecurity vendor confirmed it was affected by a campaign targeting Salesloft Drift, a marketing SaaS integrated with Salesforce. Threat […]
Pierluigi Paganini
September 01, 2025
Cybercriminals spread Brokewell via fake TradingView Premium ads on Meta, stealing crypto and data with remote control since July 2024. Bitdefender warns threat actors are abusing Meta ads to spread fake TradingView Premium apps for Android, delivering Brokewell malware to steal crypto and data. “Bitdefender researchers recently uncovered a wave of malicious ads on Facebook […]
Pierluigi Paganini
September 01, 2025
ScarCruft (APT37) launches Operation HanKook Phantom, a phishing campaign using RokRAT to target academics, ex-officials, and researchers. Cybersecurity firm Seqrite Labs uncovered a phishing campaign, tracked as dubbed Operation HanKook Phantom, by the North Korea-linked group APT37 (aka Ricochet Chollima, ScarCruft, Reaper, and Group123). Threat actors are using a fake “National Intelligence Research Society Newsletter […]
Pierluigi Paganini
August 31, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships New zero-click exploit allegedly used […]
Pierluigi Paganini
August 31, 2025
Amazon stopped a Russia-linked APT29 watering hole attack that hijacked Microsoft device code authentication via compromised sites. Amazon announced that it had disrupted an opportunistic watering hole campaign orchestrated by the Russia-linked cyber espionage group APT29 (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes). Amazon experts labeled the attacks as an opportunistic watering hole campaign using compromised […]
