Pierluigi Paganini
September 15, 2025
Fairmont Federal Credit Union alerts 187K people that a 2023 breach exposed personal, financial, and medical data. Fairmont Federal Credit Union (FFCU) is a not-for-profit financial cooperative in West Virginia. It offers services like personal and business loans, mortgages, checking accounts, and financial aid, operating nine regional branches to serve its members. Fairmont Federal Credit […]
Pierluigi Paganini
September 15, 2025
UK ICO reports students caused over half of school data breaches, showing kids are shaping cybersecurity in unexpected ways. The UK Information Commissioner’s Office (ICO), students were responsible for most of the data breaches suffered by the schools in the country. The U.K.’s independent regulator for data protection and information rights also reported that nearly […]
Pierluigi Paganini
September 15, 2025
Panama’s Ministry of Economy and Finance disclosed a security breach impacting a computer in its infrastructure. Panama’s Ministry of Economy and Finance (MEF) announced that threat actors likely compromised one of its computers. The Ministry immediately activated its security protocols to contain the threat. Panama’s Ministry pointed out that critical systems vital to operations remain […]
Pierluigi Paganini
September 14, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter npm debug and chalk packages compromised GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe Trojanized ScreenConnect installers evolve, dropping multiple RATs on a single machine Salt […]
Pierluigi Paganini
September 14, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups HybridPetya ransomware bypasses UEFI Secure Boot […]
Pierluigi Paganini
September 14, 2025
Vietnam’s National Credit Information Center (CIC) was hit by a ShinyHunters cyberattack, with VNCERT confirming signs of unauthorized access to steal personal data. Authorities are investigating a cyber-attack against National Credit Information Center (CIC) of Vietnam by ShinyHunters. As confirmed by the Vietnam Cyber Emergency Response Team (VNCERT), signs of unauthorised access aimed at stealing […]
Pierluigi Paganini
September 13, 2025
The U.S. FBI issued a flash alert to warn of malicious activities carried out by two cybercriminal groups tracked as UNC6040 and UNC6395. The FBI issued a FLASH alert with IOCs for cybercriminal groups UNC6040 and UNC6395, which are increasingly targeting Salesforce platforms for data theft and extortion. “The Federal Bureau of Investigation (FBI) is […]
Pierluigi Paganini
September 13, 2025
HybridPetya ransomware bypasses UEFI Secure Boot to infect EFI partitions, echoing the infamous Petya/NotPetya attacks of 2016–2017. ESET researchers discovered a new ransomware called HybridPetya on the platform VirusTotal. The malware echoes the infamous Petya/NotPetya malware, supporting additional capabilities, such as compromising UEFI-based systems and exploiting CVE‑2024‑7344 to bypass UEFI Secure Boot on outdated systems. “Interestingly, the […]
Pierluigi Paganini
September 12, 2025
Cisco addressed multiple high-severity IOS XR vulnerabilities that can allow ISO image verification bypass and trigger DoS conditions. Cisco addressed multiple vulnerabilities in IOS XR software as part of its semiannual Software Security Advisory Bundled Publication published on September 10, 2025. Below are the vulnerabilities addressed by the network giant: The following table identifies Cisco […]
Pierluigi Paganini
September 12, 2025
Samsung fixed the remote code execution flaw CVE-2025-21043 that was exploited in zero-day attacks against Android devices. Samsung addressed the remote code execution vulnerability, tracked as CVE-2025-21043, that was exploited in zero-day attacks against Android users. The vulnerability is an out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1. A remote attacker can exploit […]
