Pierluigi Paganini
November 13, 2025
Malicious Chrome extension “Safery: Ethereum Wallet” steals users’ seed phrases while posing as a legit crypto wallet still available online. Socket’s Threat Research Team discovered a malicious Chrome extension called “Safery: Ethereum Wallet,” posing as a legitimate crypto wallet but designed to steal users’ seed phrases. The Chrome extension was uploaded to the Chrome Web […]
Pierluigi Paganini
November 13, 2025
Europol’s Operation Endgame dismantles Rhadamanthys, Venom RAT, and Elysium botnet in a global crackdown on cybercriminal infrastructures. Europol and Eurojust have launched a new phase of Operation Endgame, carried out between November 10 and 13, 2025, dismantling major malware families including Rhadamanthys Stealer, Venom RAT, and the Elysium botnet as part of a global effort […]
Pierluigi Paganini
November 13, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: In mid-October, […]
Pierluigi Paganini
November 13, 2025
Amazon warns that an advanced threat actor exploited zero-days in Cisco ISE and Citrix NetScaler to deploy custom malware. Amazon’s threat intelligence researchers spotted an advanced threat actor exploiting two previously undisclosed zero-day flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC to deliver custom malware. Attackers also exploited multiple undisclosed vulnerabilities. Amazon’s […]
Pierluigi Paganini
November 12, 2025
DanaBot returns after 6 months with a new Windows variant (v669), marking its comeback after being disrupted by Operation Endgame in May. DanaBot has resurfaced with a new variant (version 669) targeting Windows systems, six months after Operation Endgame disrupted its activity in May, according to Zscaler ThreatLabz. The researchers identified a set of command […]
Pierluigi Paganini
November 12, 2025
Australia’s spy chief warns China-linked actors are probing critical infrastructure and preparing for cyber sabotage and espionage. Australia’s intelligence chief Mike Burgess warned that China-linked threat actors are probing critical infrastructure and, in some cases, have gained access. He said at least two Chinese state-sponsored groups are positioning themselves for future sabotage and espionage operations […]
Pierluigi Paganini
November 12, 2025
Synology fixed a critical BeeStation RCE flaw (CVE-2025-12686) shown at Pwn2Own, caused by unchecked buffer input allowing code execution. Synology patched a critical remote code execution (RCE) flaw, tracked as CVE-2025-12686 (CVSS score 9.8), in BeeStation, demonstrated during the hacking competition Pwn2Own Ireland 2025. BeeStation is a plug-and-play device that turns traditional storage into a […]
Pierluigi Paganini
November 12, 2025
“Bitcoin Queen” Zhimin Qian gets 11 years in London for laundering $7.3B from a crypto scam that defrauded 128K victims in China. A British court sentenced a Chinese woman, Zhimin Qian (47), also known as the “Bitcoin Queen,” to 11 years and eight months in jail for laundering $7.3B from a crypto scam that defrauded 128K […]
Pierluigi Paganini
November 12, 2025
Microsoft fixed over 60 flaws, including an actively exploited Windows kernel zero-day, in its latest Patch Tuesday updates. Microsoft’s Patch Tuesday security updates for November 2025 addressed 63 vulnerabilities impacting Windows and Windows Components, Office and Office Components, Microsoft Edge (Chromium-based), Azure Monitor Agent, Dynamics 365, Hyper-V, SQL Server, and the Windows Subsystem for Linux […]
Pierluigi Paganini
November 11, 2025
SAP fixed 19 security issues, including a critical flaw in SQL Anywhere Monitor with hardcoded credentials that could enable remote code execution. SAP addressed 19 security vulnerabilities, including a critical flaw in SQL Anywhere Monitor, with the release of November 2025 notes. The vulnerability, tracked as CVE-2025-42890 (CVSS score of 10/10), is an insecure key […]
Data Breach / November 19, 2025
