MUST READ

SimonMed Imaging discloses a data breach impacting over 1.2 million people

 | 

Microsoft revamps Internet Explorer Mode in Edge after August attacks

 | 

Astaroth Trojan abuses GitHub to host configs and evade takedowns

 | 

Google, Mandiant expose malware and zero-day behind Oracle EBS extortion

 | 

Stealit Malware spreads via fake game & VPN installers on Mediafire and Discord

 | 

Security Affairs newsletter Round 545 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66

 | 

CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack

 | 

Cybercrime ring GXC Team dismantled in Spain, 25-year-old leader detained

 | 

Attackers exploit valid logins in SonicWall SSL VPN compromise

 | 

Apple doubles maximum bug bounty to $2M for zero-click RCEs

 | 

Juniper patched nine critical flaws in Junos Space

 | 

Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors

 | 

U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog

 | 

RondoDox Botnet targets 56 flaws across 30+ device types worldwide

 | 

ClayRat campaign uses Telegram and phishing sites to distribute Android spyware

 | 

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

 | 

Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users

 | 

Discord denies massive breach, confirms limited exposure of 70K ID photos

 | 

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi

 | 

IT Information Security

Pierluigi Paganini July 07, 2025
Taiwan flags security risks in popular Chinese apps after official probe

Taiwan warns Chinese apps like TikTok and WeChat pose security risks due to excessive data collection and data transfers to China. Taiwan National Security Bureau (NSB) warns that Chinese apps like TikTok, WeChat, Weibo, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China, following an official inspection with […]

Pierluigi Paganini July 07, 2025
U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chromium V8 vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Chromium V8 vulnerability, tracked as CVE-2025-6554, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, Google released security patches to address the Chrome vulnerability CVE-2025-6554 for which an exploit is […]

Pierluigi Paganini July 06, 2025
Hunters International ransomware gang shuts down and offers free decryption keys to all victims

Hunters International ransomware gang announced its shutdown, citing unspecified “recent developments” and acknowledging its impact. The ransomware group Hunters International announced on its dark web site that it is shutting down, citing “recent developments” without specifying details. The group stated the decision was made after careful consideration and acknowledged the impact on affected organizations. “We, […]

Pierluigi Paganini July 06, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape 10 Things I Hate About Attribution: RomCom vs. TransferLoader  macOS NimDoor | DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware  Warning Against Distribution of Malware Disguised as Research Papers (Kimsuky Group)  Dissecting Kimsuky’s […]

Pierluigi Paganini July 06, 2025
Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates Critical Sudo bugs expose […]

Pierluigi Paganini July 05, 2025
North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

North Korea-linked hackers use fake Zoom updates to spread macOS NimDoor malware, targeting crypto firms with stealthy backdoors. North Korea-linked threat actors are targeting Web3 and crypto firms with NimDoor, a rare macOS backdoor disguised as a fake Zoom update. Victims are tricked into installing the malware through phishing links sent via Calendly or Telegram. […]

Pierluigi Paganini July 04, 2025
Critical Sudo bugs expose major Linux distros to local Root exploits

Critical Sudo flaws let local users gain root access on Linux systems, the vulnerabilities affect major Linux distributions. Cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities to escalate privileges to root on affected systems. Sudo (short for “superuser do”) is a […]

Pierluigi Paganini July 04, 2025
Google fined $314M for misusing idle Android users’ data

Google must pay $314M after a California court ruled it misused idle Android users’ data. The case ends a class-action suit filed in August 2019. A San Jose jury ruled that Google misused Android users’ cell phone data and must pay over $314.6 million in damages to affected users in California. Google is liable for […]

Pierluigi Paganini July 03, 2025
China-linked group Houken hit French organizations using zero-days

China-linked group Houken hit French govt, telecom, media, finance and transport sectors using Ivanti CSA zero-days, says France’s ANSSI. France’s cyber agency ANSSI revealed that a Chinese hacking group used Ivanti CSA zero-days to target government, telecom, media, finance, and transport sectors. The campaign, active since September 2024, is linked to the Houken intrusion set, […]

Pierluigi Paganini July 03, 2025
Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach

Resecurity found a breach in Brazil’s CIEE One platform, exposing PII and documents, later sold by data broker “888” on the dark web. Resecurity identified a data breach of one of the major platforms in Brazil connecting businesses and trainees called CIEE One – leading to the compromise of sensitive PII, including ID records, contact […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SimonMed Imaging discloses a data breach impacting over 1.2 million people

Uncategorized / October 13, 2025

Microsoft revamps Internet Explorer Mode in Edge after August attacks

Security / October 13, 2025

Astaroth Trojan abuses GitHub to host configs and evade takedowns

Cyber Crime / October 13, 2025

Google, Mandiant expose malware and zero-day behind Oracle EBS extortion

Hacking / October 13, 2025

Stealit Malware spreads via fake game & VPN installers on Mediafire and Discord

Malware / October 13, 2025