Pierluigi Paganini
July 24, 2025
New Coyote malware uses Windows UI Automation to steal banking credentials, targeting Brazilian users across 75 banks and crypto platforms. Coyote malware is now the first to exploit Microsoft’s UI Automation framework in the wild, validating prior warnings from Akamai researchers in December 2024. The UI Automation (UIA) framework is a Microsoft accessibility framework that […]
Pierluigi Paganini
July 24, 2025
SonicWall addressed a critical vulnerability, tracked as CVE-2025-40599 (CVSS score of 9.1), in SMA 100 appliances SonicWall addressed a critical vulnerability, tracked as CVE-2025-40599 (CVSS score of 9.1), in SMA 100 appliances. Experts warn customers to check their installs for Indicators of Compromise (IoCs) associated with Overstep malware attacks. The issue is an authenticated arbitrary […]
Pierluigi Paganini
July 24, 2025
The DSPM market hit around $1.2 billion in 2024 and should grow to $4.5 billion by 2033 (≈16.5% CAGR). The AI sector is projected to swell from $189 billion in 2023 to $4.8 trillion by 2033. The tech realm is continually evolving. New tools are invented every day, and certain technologies are reaching market valuations that have never been seen before. This tectonic shift […]
Pierluigi Paganini
July 24, 2025
A new stealth backdoor has been discovered in the WordPress mu-plugins folder, granting attackers persistent access and control over compromised sites. Sucuri researchers found a stealthy backdoor hidden in WordPress’s “mu-plugins” folder. These plugins auto-run and allow attackers to stay hidden in admin, and maintain persistence. “must-use plugins” are special WordPress plugins that cannot be […]
Pierluigi Paganini
July 24, 2025
U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: This week CrushFTP warned of a zero-day, tracked as CVE-2025-54309 (CVSS score of 9.0), […]
Pierluigi Paganini
July 23, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds two Microsoft SharePoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Microsoft SharePoint flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: This week, Microsoft warned of a SharePoint zero-day vulnerability, tracked as […]
Pierluigi Paganini
July 23, 2025
Sophos addressed five Sophos Firewall vulnerabilities that could allow remote attackers to execute arbitrary code. Sophos has fixed five vulnerabilities (CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-13974, CVE-2024-13973) in Sophos Firewall that could allow an attacker to remotely execute arbitrary code. “Sophos has resolved five independent security vulnerabilities in Sophos Firewall. Every Critical and High severity vulnerability was […]
Pierluigi Paganini
July 23, 2025
French authorities announced the arrest in Ukraine of an alleged administrator of the long-running cybercrime forum XSS.is. A joint investigation conducted by French police, Ukrainian authorities, and Europol led to the arrest of the suspected administrator of the major Russian-speaking cybercrime forum xss.is. “The Paris prosecutor’s office announced on Wednesday, July 23, that an individual […]
Pierluigi Paganini
July 23, 2025
Microsoft linked SharePoint exploits to China-nexus groups Linen Typhoon, Violet Typhoon, and Storm-2603, active since July 7, 2025. Microsoft confirmed that China-linked groups Linen Typhoon, Violet Typhoon, and Storm-2603 exploited SharePoint flaws for initial access as early as July 7, 2025. “As of this writing, Microsoft has observed two named Chinese nation-state actors, Linen Typhoon […]
Pierluigi Paganini
July 22, 2025
Cisco warns of active exploits targeting Identity Services Engine (ISE) and ISE-PIC flaws, first observed in July 2025. Cisco confirmed attempted exploitation in the wild of recently disclosed ISE and ISE-PIC flaws (CVE-2025-20281, CVE-2025-20282, CVE-2025-20337), updating its advisory after detecting attacks in July 2025. “Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE […]
