information security news Archives

Pierluigi Paganini August 10, 2025

Google confirms Salesforce CRM breach, faces extortion threat

Google disclosed a Salesforce Customer Relationship Management (CRM) breach exposing data of some prospective Google Ads customers. Google confirmed a breach in a Salesforce CRM instance affecting the data of prospective Google Ads customers. The website Databreaches.net reported that the attackers have sent an extortion demand to the Tech giant. Google Threat Intelligence Group confirmed that […]

Pierluigi Paganini August 10, 2025

BadCam: Linux-based Lenovo webcam bugs enable BadUSB attacks

Lenovo webcam flaws, dubbed BadCam, let attackers turn them into BadUSB devices to inject keystrokes and launch OS-independent attacks. Eclypsium researchers found vulnerabilities in some Lenovo webcams, collectively dubbed BadCam, that could let attackers turn them into BadUSB devices to inject keystrokes and launch OS-independent attacks. Principal security researchers Jesse Michael and Mickey Shkatov demonstrated […]

Pierluigi Paganini August 10, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 57

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Arctic Wolf Observes July 2025 Uptick in Akira Ransomware Activity Targeting SonicWall SSL VPN The State of Ransomware – Q2 2025 Malware 101: a comprehensive guide Behind Random Words: DoubleTrouble Mobile Banking Trojan Revealed […]

Pierluigi Paganini August 10, 2025

Security Affairs newsletter Round 536 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Embargo Ransomware nets $34.2M in crypto since April 2024 Germany limits police spyware use to serious […]

Pierluigi Paganini August 09, 2025

Embargo Ransomware nets $34.2M in crypto since April 2024

Embargo ransomware, likely a BlackCat/Alphv successor, has netted $34.2M in crypto since mid-2024, researchers say. The Embargo ransomware group has processed $34.2M in crypto since emerging in April 2024, researchers from Blockchain intelligence company TRM Labs report. “TRM Labs has identified approximately USD 34.2 million in incoming transaction volume likely associated with the group, with […]

Pierluigi Paganini August 09, 2025

Germany limits police spyware use to serious crimes

Germany’s top court ruled police can use spyware only for crimes punishable by at least three years in prison. Germany’s top court ruled that police may only use spyware to monitor devices in cases involving crimes with a maximum sentence of at least three years. “The interference with both the fundamental right protecting IT-systems and Art. 10(1) of […]

Pierluigi Paganini August 09, 2025

Phishing attacks exploit WinRAR flaw CVE-2025-8088 to install RomCom

WinRAR flaw CVE-2025-8088, fixed in v7.13, was exploited as a zero-day in phishing attacks to install RomCom malware. The WinRAR flaw CVE-2025-8088, a directory traversal bug fixed in version 7.13, was exploited as a zero-day in phishing attacks to deliver RomCom malware, Bleeping Computer first reported. The flaw is a path traversal vulnerability affecting the […]

Pierluigi Paganini August 08, 2025

French firm Bouygues Telecom suffered a data breach impacting 6.4M customers

Bouygues Telecom suffered a cyberattack that compromised the personal information of 6.4 million customers. French telecommunications company Bouygues Telecom suffered a cyberattack that resulted in the compromise of personal information of 6.4 million customers. Bouygues Telecom, part of the Bouygues industrial group, is one of France’s leading telecom providers, offering mobile, internet, and IPTV services. […]

Pierluigi Paganini August 08, 2025

Columbia University data breach impacted 868,969 people

Columbia University was hit by a cyberattack, exposing personal data of over 860,000 students, applicants, and employees. Columbia University suffered a cyberattack that exposed the personal data of students, applicants, and employees. According to the data breach notification sent to the Maine Attorney’s General Office, the incident impacted 868,969 people. The organization quickly notified law enforcement. […]

Pierluigi Paganini August 08, 2025

SonicWall dismisses zero-day fears after Ransomware probe

SonicWall found no evidence of a new vulnerability after probing reports of a zero-day used in ransomware attacks. SonicWall investigated claims of a zero-day being used in ransomware attacks but found no evidence of any new vulnerability in its products. SonicWall launched the investigation after a surge in Akira ransomware attacks targeting Gen 7 firewalls with SSLVPN […]