Google disclosed a Salesforce Customer Relationship Management (CRM) breach exposing data of some prospective Google Ads customers. Google confirmed a breach in a Salesforce CRM instance affecting the data of prospective Google Ads customers. The website Databreaches.net reported that the attackers have sent an extortion demand to the Tech giant. Google Threat Intelligence Group confirmed that […]
Lenovo webcam flaws, dubbed BadCam, let attackers turn them into BadUSB devices to inject keystrokes and launch OS-independent attacks. Eclypsium researchers found vulnerabilities in some Lenovo webcams, collectively dubbed BadCam, that could let attackers turn them into BadUSB devices to inject keystrokes and launch OS-independent attacks. Principal security researchers Jesse Michael and Mickey Shkatov demonstrated […]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN The State of Ransomware – Q2 2025 Malware 101: a comprehensive guide Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed […]
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Embargo Ransomware nets $34.2M in crypto since April 2024 Germany limits police spyware use to serious […]
Embargo ransomware, likely a BlackCat/Alphv successor, has netted $34.2M in crypto since mid-2024, researchers say. The Embargo ransomware group has processed $34.2M in crypto since emerging in April 2024, researchers from Blockchain intelligence company TRM Labs report. “TRM Labs has identified approximately USD 34.2 million in incoming transaction volume likely associated with the group, with […]
Germany’s top court ruled police can use spyware only for crimes punishable by at least three years in prison. Germany’s top court ruled that police may only use spyware to monitor devices in cases involving crimes with a maximum sentence of at least three years. “The interference with both the fundamental right protecting IT-systems and Art. 10(1) of […]
WinRAR flaw CVE-2025-8088, fixed in v7.13, was exploited as a zero-day in phishing attacks to install RomCom malware. The WinRAR flaw CVE-2025-8088, a directory traversal bug fixed in version 7.13, was exploited as a zero-day in phishing attacks to deliver RomCom malware, Bleeping Computer first reported. The flaw is a path traversal vulnerability affecting the […]
Bouygues Telecom suffered a cyberattack that compromised the personal information of 6.4 million customers. French telecommunications company Bouygues Telecom suffered a cyberattack that resulted in the compromise of personal information of 6.4 million customers. Bouygues Telecom, part of the Bouygues industrial group, is one of France’s leading telecom providers, offering mobile, internet, and IPTV services. […]
Columbia University was hit by a cyberattack, exposing personal data of over 860,000 students, applicants, and employees. Columbia University suffered a cyberattack that exposed the personal data of students, applicants, and employees. According to the data breach notification sent to the Maine Attorney’s General Office, the incident impacted 868,969 people. The organization quickly notified law enforcement. […]
SonicWall found no evidence of a new vulnerability after probing reports of a zero-day used in ransomware attacks. SonicWall investigated claims of a zero-day being used in ransomware attacks but found no evidence of any new vulnerability in its products. SonicWall launched the investigation after a surge in Akira ransomware attacks targeting Gen 7 firewalls with SSLVPN […]