MUST READ

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

 | 

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Triofox bug exploited to run malicious payloads via AV configuration

 | 

GlassWorm malware has resurfaced on the Open VSX registry

 | 

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

 | 

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

 | 

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

 | 

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Hacking

Pierluigi Paganini May 10, 2016
Researcher arrested and charged for hacking elections websites

The security expert David Levin was arrested and charged after discovering  serious security flaws on a couple of election websites in Florida. The security researcher David Levin, the owner of Vanguard Cybersecurity, was arrested and charged after discovering  serious security flaws on a couple of elections websites in Florida. In December Levin discovered that the elections website […]

Pierluigi Paganini May 09, 2016
The hidden information behind 12,000 PoC Exploits shared online

A study conducted by Recorded Future on PoC exploits shared online over the last year shows that social media is the main distribution channel. Security experts at the threat intelligence firm Recorded Future have conducted an interesting study on the proof-of-concept exploits shared online (e.g. On Twitter, on forum linking to personal blogs, GitHub, or Pastebin) last year. […]

Pierluigi Paganini May 09, 2016
Hackers can break into a facility by spending $700 on Amazon or eBay

Hackers demonstrated to the Tech Insider how to break into any office by purchasing from Amazon and eBay $700 worth of electronic parts to clone access cards. Breaking into a company could be very easy and cheap for hackers, it could be sufficient to buy from Amazon and eBay $700 worth of parts. “We watched a […]

Pierluigi Paganini May 08, 2016
How terrorists abuse online services for propaganda?

Researchers at TrendMicro have analyzed online activities of terrorists identifying the techniques and tools used for their propaganda. Using vulnerabilities in software, websites, and web applications as attack vectors, hosting malicious components in cloud services. Other than this if there’s any service getting launched in the future, there will be always chances of abuse. Experts […]

Pierluigi Paganini May 06, 2016
Three-quarters of Android devices affected by the Qualcomm software flaw

Mandiant – FireEye has disclosed the details of a serious information disclosure vulnerability affecting one of the Qualcomm software package widely used. Security researchers from the Mandiant firm have discovered a “high severity” vulnerability in the Qualcomm tethering controller (CVE-2016-2060) that could be exploited by a malicious application to access user information. Recently Google released an Android update that addresses […]

Pierluigi Paganini May 05, 2016
How a modern car thief can steal a vehicle by clicking a button

The Channel 2 journalist and Consumer Investigator Jim Strickland investigated a mysterious car theft after he received home security camera footage showing a car thief in action. The Channel 2 journalist and Consumer Investigator Jim Strickland investigated a mysterious car theft after he received home security camera footage from a viewer in Walton County. It seems […]

Pierluigi Paganini May 05, 2016
A High-Severity flaw in OpenSSL allows the HTTPS Traffic decryption

OpenSSL has the patches for six flaws including two high-severity bugs that could allow attackers to decrypt HTTPS traffic and execute malicious code on the server. OpenSSL just released several patches to fix vulnerabilities in the open-source cryptographic library, including a couple of high-severity flaws (CVE-2016-2107, CVE-2016-2108) that could be exploited to decrypt HTTPS Traffic. The CVE-2016-2107 could […]

Pierluigi Paganini May 05, 2016
Attackers can hack CISCO TelePresence boxes with an HTTP request

Cisco Systems has found and fixed a critical vulnerability tied to its CISCO TelePresence hardware that allowed attackers to access it via an API bug. Cisco announced it has patched a critical flaw (CVE-2016-1387) affecting its TelePresence systems that allowed unauthorized third-parties to access them by exploiting an API bug. The vulnerability has been rated as […]

Pierluigi Paganini May 05, 2016
272 Million login credentials found in the criminal underground

Hundreds of millions of hacked login credentials for email accounts and other websites are available in the Russian criminal underworld. Security researchers at the Hold Security firm have discovered a young Russian hacker claiming to have acquired 1.17 billion stolen credential records. Alex Hold, the founder and chief information security officer at Hold Security, explained he shocked when […]

Pierluigi Paganini May 04, 2016
The Infy malware, a long running threat from Iran

Researchers at Palo Alto Networks have come across a new threat used by alleged Iran-linked Hackers in attacks since 2007. Security experts at Palo Alto Networks discovered a new malware, named Infy, that has been likely used by hackers from Iran in cyber espionage operations at least since 2007. The researchers discovered the Infy malware […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

Intelligence / November 11, 2025

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

Hacking / November 11, 2025

Critical Triofox bug exploited to run malicious payloads via AV configuration

Hacking / November 11, 2025

GlassWorm malware has resurfaced on the Open VSX registry

Malware / November 10, 2025

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

Security / November 10, 2025