MUST READ

Hackers are exploiting critical Fortinet flaws days after patch release

 | 

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

 | 

French Interior Minister says hackers breached its email servers

 | 

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

 | 

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

 | 

CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75

 | 

Security Affairs newsletter Round 554 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Experts found an unsecured 16TB database containing 4.3B professional records

 | 

Germany calls in Russian Ambassador over air traffic control hack claims

 | 

U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog

 | 

Emergency fixes deployed by Google and Apple after targeted attacks

 | 

Notepad++ fixed updater bugs that allowed malicious update hijacking

 | 

Elastic detects stealthy NANOREMOTE malware using Google Drive as C2

 | 

U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Gogs zero-day under attack, 700 servers hacked

 | 

GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

 | 

Google fixed a new actively exploited Chrome zero-day

 | 

Pro-Russia Hacktivist Support: Ukrainian Faces US Charges

 | 

IT Information Security

Pierluigi Paganini December 16, 2021
Multiple Nation-State actors are exploiting Log4Shell flaw

Nation-state actors from China, Iran, North Korea, and Turkey are attempting to exploit the Log4Shell vulnerability to in attacks in the wild. Microsoft researchers reported that Nation-state actors from China, Iran, North Korea, and Turkey are now abusing the Log4Shell (CVE-2021-44228) in the Log4J library in their campaigns. Some of the groups exploiting the vulnerability are China-linked Hafnium and […]

Pierluigi Paganini December 16, 2021
Owowa, a malicious IIS Server module used to steal Microsoft Exchange credentials

Threat actors are using a malicious Internet Information Services (IIS) Server module, dubbed Owowa, to steal Microsoft Exchange credentials. Kaspersky researchers spotted malicious actors while deploying a previously undiscovered binary, an Internet Information Services (IIS) webserver module dubbed “Owowa,” on Microsoft Exchange Outlook Web Access servers to steal credentials and for remote code execution. “Owowa […]

Pierluigi Paganini December 15, 2021
Iran-linked Seedworm APT targets Telecoms organizations across the Middle East and Asia

Researchers uncovered a new Seedworm campaign targeting telecommunication and IT service providers in the Middle East and Asia. Iran-linked APT group Seedworm (aka MERCURY, MuddyWater, TEMP.Zagros, or Static Kitten) is behind a new cyberespionage campaign targeting telecommunication and IT service providers in the Middle East and Asia, Symantec warns. The Seedworm has been active since at least […]

Pierluigi Paganini December 14, 2021
Adobe addresses over 60 vulnerabilities in multiple products

Adobe warns of threat actors that could exploit critical vulnerabilities in multiple products running on Windows and macOS systems. Adobe has issued critical warnings for more than 60 vulnerabilities in multiple products running on Windows and macOS machines. The vulnerabilities can be exploited by threat actors for code execution, privilege escalation and denial-of-service attacks. The […]

Pierluigi Paganini December 14, 2021
Hackers exploit Log4Shell to drop Khonsari Ransomware on Windows systems

Bitdefender researchers discovered that threat actors are attempting to exploit the Log4Shell flaw to deliver the new Khonsari ransomware on Windows machines. Bitdefender researchers discovered that threat actors are attempting to exploit the Log4Shell vulnerability (CVE-2021-44228) to deliver the new Khonsari ransomware on Windows machines. Experts warn that threat actors are attempting to exploit the Log4Shell flaw […]

Pierluigi Paganini December 14, 2021
Google fixed the 17th zero-day in Chrome since the start of the year

Google has released Chrome 96.0.4664.110 to address a high-severity zero-day vulnerability, tracked as CVE-2021-4102, exploited in the wild. Google released security updates to address five vulnerabilities in the Chrome web browser, including a high-severity zero-day flaw, tracked as CVE-2021-4102, exploited in the wild. The CVE-2021-4102 flaw is a use-after-free issue in the V8 JavaScript and WebAssembly engine, its exploitation could lead to the execution […]

Pierluigi Paganini December 14, 2021
TinyNuke banking malware targets French organizations

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke. The attackers used invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and […]

Pierluigi Paganini December 13, 2021
Practical coexistence attacks on billions of WiFi chips allow data theft and traffic manipulation

Boffins discovered bugs in WiFi chips that can be exploited to extract passwords and manipulate traffic by targeting a device’s Bluetooth component. A group of researchers from the University of Darmstadt, University of Brescia, CNIT, and the Secure Mobile Networking Lab, have discovered security vulnerabilities in WiFi chips that can be exploited to extract passwords […]

Pierluigi Paganini December 13, 2021
Log4Shell was in the wild at least nine days before public disclosure

Threat actors are already abusing Log4Shell vulnerability in the Log4j library for malicious purposes such as deploying malware. A few hours ago, researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. The attempts were carried out by Muhstik and Mirai botnets in […]

Pierluigi Paganini December 13, 2021
Two Linux botnets already exploit Log4Shell flaw in Log4j

Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets. Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. The attempts were carried out by Muhstik and […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Hackers are exploiting critical Fortinet flaws days after patch release

Security / December 16, 2025

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

Data Breach / December 16, 2025

French Interior Minister says hackers breached its email servers

Hacking / December 16, 2025

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

Hacking / December 15, 2025

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

Security / December 15, 2025