Pierluigi Paganini
June 30, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler vulnerability, tracked as CVE-2025-6543, to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-6543 (CVSS score of 9.2) is a memory overflow vulnerability in NetScaler ADC and NetScaler Gateway when configured […]
Pierluigi Paganini
June 30, 2025
Canada bans Hikvision over national security concerns, ordering the company to stop operations and barring its tech from government use. Canada ordered Chinese surveillance firm Hikvision to cease all operations in the country, citing national security concerns. Minister Mélanie Joly announced the decision after a security review found vendor’s activities could pose a threat. Canada […]
Pierluigi Paganini
June 30, 2025
Denmark plans to let citizens copyright their face, body, and voice to combat deepfakes under a new law strengthening personal digital rights. Denmark plans to amend its copyright law to give individuals rights over their body, face, and voice, to combat AI-generated deepfakes. Believed to be the first law of its kind in Europe, the […]
Pierluigi Paganini
June 30, 2025
A ransomware attack on grocery giant Ahold Delhaize led to a data breach that affected more than 2.2 million people. A ransomware attack on Dutch grocery giant Ahold Delhaize has led to a data breach affecting over 2.2 million people. Ahold Delhaize is a Dutch-Belgian multinational retail and wholesale holding company. Its name comes from the […]
Pierluigi Paganini
June 29, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Ransomware Gangs Collapse as Qilin Seizes Control Dissecting a Python Ransomware distributed through GitHub repositories SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play Uncovering a Tor-Enabled Docker Exploit […]
Pierluigi Paganini
June 29, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. The FBI warns that Scattered Spider is now targeting the airline sector LapDogs: China-nexus hackers Hijack […]
Pierluigi Paganini
June 28, 2025
Over 1,000 SOHO devices were hacked in a China-linked spying campaign called LapDogs, forming a covert network to support cyber espionage. Security researchers at SecurityScorecard’s STRIKE team have uncovered a cyber espionage campaign, dubbed LapDogs, involving over 1,000 hacked SOHO (small office/home office) devices. These compromised devices formed a hidden network, called an Operational Relay […]
Pierluigi Paganini
June 27, 2025
A critical flaw in Open VSX Registry could let attackers hijack the VS Code extension hub, exposing millions of developers to supply chain attacks. Cybersecurity researchers at Koi Security discovered a critical vulnerability in the Open VSX Registry (open-vsx.org) that could have let attackers take over the Visual Studio Code extensions marketplace, endangering millions of […]
Pierluigi Paganini
June 27, 2025
A OneClik campaign, likely carried out by China-linked actor, targets energy sectors using stealthy ClickOnce and Golang backdoors. Trellix cybersecurity researchers uncovered a new APT malware campaign, OneClik, targeting the energy, oil, and gas sectors. It abuses Microsoft’s ClickOnce deployment tech and custom Golang backdoors. While links to China-affiliated actors are suspected, attribution remains cautious. […]
Pierluigi Paganini
June 26, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these […]
