MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

 | 

Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ohio’s Union County suffers ransomware attack impacting 45,000 people

 | 

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

 | 

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Hacking

Pierluigi Paganini September 15, 2017
CVE-2017-5638 Apache Struts vulnerability is the root cause behind Equifax data breach

It’s official, the Equifax data breach case was caused by the exploitation of the CVE-2017-5638 Apache Struts vulnerability. The Equifax data breach case was solved, that incident was caused by the exploitation of the CVE-2017-5638 Apache Struts vulnerability. The vulnerability affects the Jakarta Multipart parser upload function in Apache and could be exploited by an […]

Pierluigi Paganini September 15, 2017
Backdoored Display Widgets Plugin potentially affects 200,000 WordPress installs abusing them to spam content

Around 200,000 WordPress websites using the Display Widgets Plugin were impacted after it was updated to include malicious code. According to security firm Wordfence, roughly 200,000 WordPress websites were impacted after a plugin they were using was updated to include a backdoor. “If you have a plugin called “Display Widgets” on your WordPress website, remove it […]

Pierluigi Paganini September 14, 2017
Thousands of Elasticsearch installs compromised to host PoS Malware

Experts discovered 4,000 compromised installations on Amazon AWS of open source analytics and search tool Elasticsearch that were running PoS malware. Security researchers from the firm Kromtech have discovered 4,000 compromised instances of open source analytics and search tool Elasticsearch that were running PoS malware. According to Kromtech, this is just a portion of the overall number of compromised […]

Pierluigi Paganini September 14, 2017
Zerodium is offers $1 Million for Tor Browser Exploits

The company ZERODIUM announced it will pay up to $1 million for fully working zero day exploits for Tor Browser on Tails Linux and Windows OSs. The zero-day broker Zerodium offers $1 million for Tor Browser exploits with the intent to unmask Tor users. The controversial firm will then resell the zero-day exploit for Tor […]

Pierluigi Paganini September 14, 2017
Kaspersky Lab solutions banned from US government agencies

The US Department of Homeland security banned government agencies for using software products developed by Kaspersky Lab Bad news for security firm Kaspersky, the US Department of Homeland security banned government agencies for using software products developed by Kaspersky Labs. The ban was the response to the concerns about possible ties between Kaspersky and Russian […]

Pierluigi Paganini September 13, 2017
September Patch Tuesday, patch your Windows now to avoid ugly surprises

Microsoft has just released the September Patch Tuesday, a huge batch of security updates to address 81 vulnerabilities including Blueborne issue. Microsoft has just released the September Patch Tuesday, a huge batch of security updates to address 81 vulnerabilities in almost any supported versions of Windows and other MS products. The batch includes security update to addresses […]

Pierluigi Paganini September 13, 2017
Adobe patches only two critical vulnerabilities in Flash Player in September

This month, Adobe has patched only two vulnerabilities in Flash Player, both are critical issues that could be exploited for remote code execution. The vulnerabilities are tracked as CVE-2017-11281 and CVE-2017-11282, they were discovered by Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero. Both vulnerabilities are caused by memory corruption issues and affect the Flash Player […]

Pierluigi Paganini September 12, 2017
Brute Force 900k + Attempts on a New Server

Brute Force Attack Report – This article is going to cover an attack we have had on a new network from the second it was connected to the internet. Instantly we were collecting data showing the determination of people trying to gain “root” access to our Server. Our data shows us that on the 21/August/2017 […]

Pierluigi Paganini September 12, 2017
MongoDB improves security amid new wave of ransom-attacks

MongoDB company implements new data security features in response to the recent wave of ransom attacks that hit installations worldwide. You have to admit that the bad actors are very good at leveraging a vulnerability into a lucrative opportunity. The latest example comes from MongoDB,  a popular, open source database commonly deployed for big data applications on […]

Pierluigi Paganini September 11, 2017
Expert disclosed 10 zero-day vulnerabilities in D-Link DIR 850L wireless routers

The security researcher Pierre Kim has discovered ten critical zero-day vulnerabilities in D-Link DIR 850L routers and invites users to stop using them. The security researcher Pierre Kim has discovered ten critical zero-day vulnerabilities in routers from networking equipment manufacturer D-Link that open owners to cyber attacks. The flawed devices are the D-Link DIR 850L wireless AC1200 dual-band […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

Malware / September 28, 2025

Security Affairs newsletter Round 543 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / September 28, 2025

Ohio’s Union County suffers ransomware attack impacting 45,000 people

Uncategorized / September 27, 2025

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

Hacking / September 27, 2025

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Malware / September 26, 2025