MUST READ

Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.

 | 

Infy Returns: Iran-linked hacking group shows renewed activity

 | 

University of Sydney discloses a data breach impacting 27,000 people

 | 

Waymo suspends service after power outage hit San Francisco

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76

 | 

Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ATM Jackpotting ring busted: 54 indicted by DoJ

 | 

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

 | 

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

 | 

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

 | 

SonicWall warns of actively exploited flaw in SMA 100 AMC

 | 

GNV ferry Fantastic under cyberattack probe amid remote hijack fears

 | 

Askul data breach exposed over 700,000 records after ransomware attack

 | 

Russian state hackers targeted Western critical infrastructure for years, Amazon says

 | 

IT Information Security

Pierluigi Paganini September 06, 2022
China accuses the US of cyberattacks

China accuses the United States of conducting tens of thousands of cyberattacks on its country, including cyberespionage campaigns. The Government of Beijing accused the United States of launching tens of thousands of cyberattacks on China. The attacks aimed at stealing sensitive data from government entities and universities. In the past, the US Government has accused […]

Pierluigi Paganini September 06, 2022
Interpol dismantled sextortion ring in Asia

Interpol arrested 12 individuals which are suspected to be core members of a transnational sextortion ring. Interpol announced the arrest of 12 individuals suspected to be core members of a transnational sextortion ring. The arrests took place in July and August as a result of a joint investigation conducted by Interpol’s cybercrime division and police […]

Pierluigi Paganini September 05, 2022
QNAP warns new Deadbolt ransomware attacks exploiting zero-day

QNAP warns customers of ongoing DeadBolt ransomware attacks that are exploiting a zero-day vulnerability in Photo Station. QNAP warns customers of an ongoing wave of DeadBolt ransomware attacks, threat actors are exploiting a zero-day vulnerability in Photo Station. The attacks started on Saturday meantime the Taiwanese vendor has addressed the vulnerability. “QNAP Systems, Inc. today […]

Pierluigi Paganini September 05, 2022
TikTok denies data breach following leak of user data

Threat actors published a sample of data allegedly stolen from TikTok, but the company denies it was breached. The hacking collective AgainstTheWest recently published a post on Breach Forums message board claiming to have hacked TikTok and stolen source code and user data. The group published screenshots of an alleged stolen data, it claims to […]

Pierluigi Paganini September 05, 2022
Windows Defender identified Chromium, Electron apps as Hive Ransomware

Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus to identify Chromium, Electron, as malware Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus software to identify the app based on the Chromium browser engine or the Electron JavaScript framework as malware. Multiple users reported […]

Pierluigi Paganini September 05, 2022
EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Original post: https://resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns targeting users worldwide. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in the Dark […]

Pierluigi Paganini September 05, 2022
A new SharkBot variant bypassed Google Play checks again

Experts spotted an upgraded version of the SharkBot malware that was uploaded to the official Google Play Store. Fox IT researchers have spotted an upgraded version of a SharkBot dropper that was uploaded to the official Google Play Store. While previous variants of the dropper relied on Accessibility permissions to automatically install the Sharkbot malware, […]

Pierluigi Paganini September 04, 2022
A new phishing scam targets American Express cardholders

Cybersecurity firm Armorblox discovered a new phishing campaign aimed at American Express customers. Armorblox researchers uncovered a new phishing campaign that is targeting American Express customers. The messages use a malicious attachment and their content attempt to trick cardholders into opening it. The subject of the emails reads “Important Notification About Your Account” in an attempt to urge recipients […]

Pierluigi Paganini September 04, 2022
Anonymous hacked Yandex taxi causing a massive traffic jam in Moscow

The popular collective Anonymous and the IT Army of Ukraine hacked the Yandex Taxi app causing a massive traffic jam in Moscow. This week Anonymous announced to have hacked the Yandex Taxi app, the largest taxi service in Russia, and used it to cause a massive traffic jam in Moscow. The threat actors ordered all […]

Pierluigi Paganini September 04, 2022
IRS mistakenly published confidential info for roughly 120K taxpayers

The Internal Revenue Service (IRS) mistakenly leaked confidential information for approximately 120,000 taxpayers. Bad news for approximately 120,000 taxpayers who filed a form 990-T as part of their tax returns, the Internal Revenue Service has accidentally leaked their confidential information. Form 990-T is a form that a tax exempt organization files with the IRS to report its unrelated business income and to figure the tax owed on that income. On Friday, the IRS announced it has […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.

Cyber Crime / December 22, 2025

Infy Returns: Iran-linked hacking group shows renewed activity

Security / December 22, 2025

University of Sydney discloses a data breach impacting 27,000 people

Breaking News / December 22, 2025

Waymo suspends service after power outage hit San Francisco

Security / December 22, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76

Malware / December 21, 2025