Pierluigi Paganini
March 27, 2025
Cybercriminals are exploiting the popularity of DeepSeek by using fake sponsored Google ads to distribute malware. While DeepSeek is rising in popularity, threat actors are attempting to exploit it by using fake sponsored Google ads to distribute malware, Malwarebytes researchers warn. Crooks are using DeepSeek as a lure to trap unsuspecting Google searchers. “Unfortunately, we […]
Pierluigi Paganini
March 27, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Sitecore CMS and XP, and GitHub Action flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added [1,2] the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2019-9875 (CVSS score of 8.8) is a Deserialization of Untrusted Data in the anti […]
Pierluigi Paganini
March 27, 2025
Arkana Security, a new ransomware group, claims to have breached the telecommunications provider WideOpenWest (WOW!). The new ransomware group Arkana Security claims to have hacked US telecom provider WOW!, stealing customer data. WideOpenWest (WOW!) is a US-based telecommunications company that provides broadband internet, cable TV, and phone services. It operates mainly in the Midwest and […]
Pierluigi Paganini
March 26, 2025
New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. ReaderUpdate is a macOS malware loader that has been active since 2020, the malicious code […]
Pierluigi Paganini
March 26, 2025
Resecurity found an LFI flaw in the leak site of BlackLock ransomware, exposing clearnet IPs and server details. Resecurity has identified a Local File Include (LFI) vulnerability in Data Leak Site (DLS) of BlackLock Ransomware. Cybersecurity experts were able to exploit misconfiguration in vulnerable web-app used by ransomware operators to publish victims’ data – leading […]
Pierluigi Paganini
March 26, 2025
Google fixed a flaw in the Chrome browser for Windows that was actively exploited in attacks targeting organizations in Russia. Google has released out-of-band fixes to address a high-severity security vulnerability, tracked as CVE-2025-2783, in Chrome browser for Windows. The flaw was actively exploited in attacks targeting organizations in Russia. The vulnerability is an incorrect handle […]
Pierluigi Paganini
March 26, 2025
Broadcom addressed a high-severity authentication bypass vulnerability, tracked as CVE-2025-22230, in VMware Tools for Windows. Broadcom released security updates to address a high-severity authentication bypass vulnerability, tracked as CVE-2025-22230 (CVSS score 9.8), impacting VMware Tools for Windows. VMware Tools for Windows is a suite of utilities that enhances the performance and usability of virtual machines […]
Pierluigi Paganini
March 25, 2025
Researchers warn of a new Android malware that uses .NET MAUI to mimic legit services and evade detection. McAfee researchers warn of Android malware campaigns using .NET MAUI to evade detection. These threats disguise themselves as legitimate services to steal sensitive information from users. .NET MAUI (Multi-platform App UI) is a cross-platform framework by Microsoft […]
Pierluigi Paganini
March 25, 2025
Astral Foods, South Africa’s largest poultry producer, lost over $1M due to a cyberattack disrupting deliveries and impacting operations. Astral Foods is a South African integrated poultry producer and one of the country’s largest food companies. It specializes in poultry production, animal feed, and related agricultural operations. The company supplies chicken products to retail, wholesale, […]
Pierluigi Paganini
March 25, 2025
A cyberattack on Ukraine’s national railway operator Ukrzaliznytsia disrupted online ticket services, causing long lines at Kyiv’s station. The Record Media first reported the news of a cyber attack on Ukraine’s national railway operator Ukrzaliznytsia that disrupted online ticket services, causing long lines at Kyiv’s station. The incident led to overcrowding and long delays as […]
