information security news Archives - Page 2 of 814

Pierluigi Paganini July 08, 2025

IT Worker arrested for selling access in $100M PIX cyber heist

Brazil arrests IT worker João Roque for aiding $100M PIX cyber heist, one of Brazil’s biggest banking system breaches. Brazilian police arrested João Roque (48), an IT employee at C&M, for allegedly aiding a cyberattack that stole over 540 million reais (~$100 million) via the PIX banking system. The company C&M links smaller banks to […]

Pierluigi Paganini July 07, 2025

New Batavia spyware targets Russian industrial enterprises

Since March 2025, fake contract emails have been spreading Batavia spyware in targeted attacks on Russian organizations. Since March 2025, a targeted phishing campaign against Russian organizations has used fake contract-themed emails to spread the Batavia spyware, a new malware designed to steal internal documents. The attack, ongoing since July 2024, begins with links to […]

Pierluigi Paganini July 07, 2025

Taiwan flags security risks in popular Chinese apps after official probe

Taiwan warns Chinese apps like TikTok and WeChat pose security risks due to excessive data collection and data transfers to China. Taiwan National Security Bureau (NSB) warns that Chinese apps like TikTok, WeChat, Weibo, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China, following an official inspection with […]

Pierluigi Paganini July 07, 2025

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chromium V8 vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Chromium V8 vulnerability, tracked as CVE-2025-6554, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, Google released security patches to address the Chrome vulnerability CVE-2025-6554 for which an exploit is […]

Pierluigi Paganini July 06, 2025

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

Hunters International ransomware gang announced its shutdown, citing unspecified “recent developments” and acknowledging its impact. The ransomware group Hunters International announced on its dark web site that it is shutting down, citing “recent developments” without specifying details. The group stated the decision was made after careful consideration and acknowledged the impact on affected organizations. “We, […]

Pierluigi Paganini July 06, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape 10 Things I Hate About Attribution: RomCom vs. TransferLoader macOS NimDoor | DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware Warning Against Distribution of Malware Disguised as Research Papers (Kimsuky Group) Dissecting Kimsuky’s […]

Pierluigi Paganini July 05, 2025

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

North Korea-linked hackers use fake Zoom updates to spread macOS NimDoor malware, targeting crypto firms with stealthy backdoors. North Korea-linked threat actors are targeting Web3 and crypto firms with NimDoor, a rare macOS backdoor disguised as a fake Zoom update. Victims are tricked into installing the malware through phishing links sent via Calendly or Telegram. […]

Pierluigi Paganini July 04, 2025

Critical Sudo bugs expose major Linux distros to local Root exploits

Critical Sudo flaws let local users gain root access on Linux systems, the vulnerabilities affect major Linux distributions. Cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities to escalate privileges to root on affected systems. Sudo (short for “superuser do”) is a […]

Pierluigi Paganini July 04, 2025

Google fined $314M for misusing idle Android users’ data

Google must pay $314M after a California court ruled it misused idle Android users’ data. The case ends a class-action suit filed in August 2019. A San Jose jury ruled that Google misused Android users’ cell phone data and must pay over $314.6 million in damages to affected users in California. Google is liable for […]

Pierluigi Paganini July 04, 2025

A flaw in Catwatchful spyware exposed logins of +62,000 users

A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported. Security researcher Eric Daigle first discovered […]