Pierluigi Paganini
August 25, 2025
New Android spyware Android.Backdoor.916.origin is disguised as an antivirus linked to Russia’s intelligence agency FSB, and targets business executives. Doctor Web researchers observed a multifunctional backdoor Android.Backdoor.916.origin targeting Android devices belonging to representatives of Russian businesses. The malware executes attacker commands, enabling surveillance, keylogging, and theft of chats, browser data, and even live camera/audio streams. […]
Pierluigi Paganini
August 25, 2025
Electronics manufacturer Data I/O reports a ransomware attack to SEC, the company was forced to take offline operational systems. Electronics manufacturer Data I/O reported a ransomware attack to the US Securities and Exchange Commission (SEC). The company was forced to take offline operational systems following the attack. Data I/O is a leading provider of manual […]
Pierluigi Paganini
August 24, 2025
Mirai-based Gayfemboy botnet resurfaces, evolving to target systems worldwide; Fortinet researchers provided details about the new campaign. FortiGuard Labs researchers tracked a new Gayfemboy botnet campaign, the malware exploits known flaws in DrayTek, TP-Link, Raisecom, and Cisco, showing evolved tactics and renewed activity. The Gayfemboy botnet was first identified in February 2024, it borrows the […]
Pierluigi Paganini
August 24, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hunt.io Exposes and Analyzes ERMAC V3.0 Banking Trojan Full Source Code Leak Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824 Supply Chain Risk in Python: Termncolor and Colorinal Explained Noodlophile […]
Pierluigi Paganini
August 24, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Kidney dialysis firm DaVita confirms ransomware attack compromised data of 2.7M people China-linked Silk Typhoon APT […]
Pierluigi Paganini
August 23, 2025
Kidney dialysis firm DaVita confirms ransomware breach exposed personal and health data of nearly 2.7M individuals. Kidney dialysis firm DaVita disclosed a data breach after a ransomware attack, the incident exposed personal and health information of nearly 2.7 million individuals. The number of impacted individuals reported by the Department of Health’s Office for Civil Rights […]
Pierluigi Paganini
August 23, 2025
China-linked Silk Typhoon APT group ramp up North America attacks, exploiting n-day and zero-day flaws for system access, CrowdStrike warns. China-linked Silk Typhoon APT group (aka Murky Panda) targets organizations in North America exploiting n-day and zero-day flaws for system access, CrowdStrike warns. This Chinese APT has one of the widest targeting scopes. In March, […]
Pierluigi Paganini
August 23, 2025
Over 300 entities hit by the Atomic macOS Stealer via malvertising campaign between June and August, CrowdStrike warns. From June and August, over 300 entities were hit by a variant of the Atomic macOS Stealer (AMOS) called SHAMOS, reports CrowdStrike. The Atomic macOS Stealer lets operators steal diverse information from infected machines. This includes Keychain […]
Pierluigi Paganini
August 22, 2025
INTERPOL arrested 1,209 cybercriminals in 18 African nations seizing $97.4M, and dismantling 11,432 malicious infrastructures. INTERPOL announced the result of the second phase of ongoing law enforcement Operation Serengeti (June to August 2025) that led to 1,209 arrests across 18 nations in Africa. The authorities are aiding 88,000 victims, seizing $97.4M, and dismantling 11,432 cybercrime […]
Pierluigi Paganini
August 22, 2025
Microsoft halts PoC exploit sharing with Chinese firms after SharePoint zero-day leaks, giving only written bug details to curb future abuse. Microsoft has reportedly stopped giving Chinese firms proof-of-concept exploit code through its Microsoft Active Protections Program (MAPP) program after July’s mass exploitation of SharePoint flaws, believed linked to a leak of early bug disclosures. […]
