MUST READ

ATM Jackpotting ring busted: 54 indicted by DoJ

 | 

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

 | 

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

 | 

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

 | 

SonicWall warns of actively exploited flaw in SMA 100 AMC

 | 

GNV ferry Fantastic under cyberattack probe amid remote hijack fears

 | 

Askul data breach exposed over 700,000 records after ransomware attack

 | 

Russian state hackers targeted Western critical infrastructure for years, Amazon says

 | 

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

 | 

A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations

 | 

Hackers are exploiting critical Fortinet flaws days after patch release

 | 

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

 | 

French Interior Minister says hackers breached its email servers

 | 

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

information security news

Pierluigi Paganini April 01, 2025
CrushFTP CVE-2025-2825 flaw actively exploited in the wild

Attackers exploit CrushFTP CVE-2025-2825 flaw, enabling unauthenticated access to unpatched devices using public proof-of-concept code. Threat actors are exploiting a critical authentication bypass vulnerability, tracked as CVE-2025-2825, in the CrushFTP file transfer software. Attackers are using exploits based on publicly available proof-of-concept exploit code. The vulnerability impacts CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0, it […]

Pierluigi Paganini April 01, 2025
France’s antitrust authority fines Apple €150M for issues related to its App Tracking Transparency

France fines Apple €150M for abusing its dominance in ATT consent practices on iOS and iPadOS from 2021 to 2023. France’s Autorité de la concurrence fined Apple €150M for abusing its dominance in App Tracking Transparency (ATT) consent practices on iOS and iPadOS between April 26, 2021 and July 25, 2023. Apple launched ATT with […]

Pierluigi Paganini April 01, 2025
Hiding WordPress malware in the mu-plugins directory to avoid detection

Sucuri researchers spotted threat actors deploying WordPress malware in the mu-plugins directory to evade security checks. In February, Sucuri warned of threat actors exploiting WordPress mu-plugins, which auto-load without activation, to maintain persistence and evade detection by hiding backdoors in the plugin directory. “Unlike regular plugins, must-use plugins are automatically loaded on every page load, […]

Pierluigi Paganini March 31, 2025
U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Smart Licensing Utility vulnerability, tracked as CVE-2024-20439, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, Cisco disclosed two vulnerabilities in its Smart Licensing Utility: CVE-2024-20439, […]

Pierluigi Paganini March 31, 2025
Russia-linked Gamaredon targets Ukraine with Remcos RAT

Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, ACTINIUM, Callisto) targets Ukraine with a phishing campaign. The cyberespionage group is behind a long series of spear-phishing attacks targeting Ukrainian entities, and organizations related […]

Pierluigi Paganini March 31, 2025
Morphing Meerkat phishing kits exploit DNS MX records

Morphing Meerkat phishing kits exploit DNS MX records to deliver spoofed login pages, targeting over 100 brands. Infoblox researchers discovered a new phishing-as-a-service (PhaaS) platform that generated multiple phishing kits, called Morphing Meerkat, using DNS mail exchange (MX) records to deliver fake login pages and targeting over 100 brands. Threat actors are exploiting DNS techniques […]

Pierluigi Paganini March 30, 2025
CISA warns of RESURGE malware exploiting Ivanti flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) on a new malware called RESURGE. The malicious code has been used in attacks targeting the flaw CVE-2025-0282 in Ivanti Connect […]

Pierluigi Paganini March 30, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 39

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Microsoft Trusted Signing service abused to code-sign malware Shedding light on the ABYSSWORKER driver  VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI   Raspberry Robin: Copy […]

Pierluigi Paganini March 30, 2025
Security Affairs newsletter Round 517 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. FBI and DOJ seize $8.2 Million in romance baiting crypto fraud scheme Experts warn of the new sophisticate […]

Pierluigi Paganini March 29, 2025
FBI and DOJ seize $8.2 Million in romance baiting crypto fraud scheme

The U.S. DOJ seized over $8.2 million in USDT stolen through ‘romance baiting’ scams, where victims are tricked into fake investments promising high returns. On February 27, 2025, the U.S. Attorney’s Office in Ohio filed a civil forfeiture complaint for $8.2M in USDT (Tether) linked to a ‘romance baiting’ scam. Fraudsters used anonymous messaging apps […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

ATM Jackpotting ring busted: 54 indicted by DoJ

Cyber Crime / December 20, 2025

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

Hacking / December 20, 2025

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

Hacking / December 20, 2025

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

Cyber Crime / December 19, 2025

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

Security / December 19, 2025