Pierluigi Paganini
July 13, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. McDonald’s job app exposes data of 64 Million applicants Athlete or Hacker? Russian basketball player accused […]
Pierluigi Paganini
July 12, 2025
Vulnerabilities in McDonald’s McHire chatbot exposed data from 64 million job applicants due to insecure internal APIs. Security researchers Ian Carroll and Sam Curry discovered multiple vulnerabilities in the McDonald’s chatbot recruitment platform McHire that exposed the personal information of over 64 million job applicants. The security duo found that McDonald’s hiring bot, built by […]
Pierluigi Paganini
July 11, 2025
Russian basketball player arrested in France over alleged ties to a ransomware group accused of targeting U.S. firms and federal institutions. Russian basketball player Daniil Kasatkin (26) was arrested in France in June at the request of the U.S. over alleged ties to a ransomware group targeting hundreds of U.S. companies and federal entities. He […]
Pierluigi Paganini
July 11, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler ADC and Gateway flaw, tracked as CVE-2025-5777, to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2025-5777 flaw, dubbed ‘CitrixBleed 2‘ (CVSS v4.0 Base Score of 9.3), […]
Pierluigi Paganini
July 10, 2025
NCA arrested four people in UK, including three teens, over cyberattacks on M&S, Co-op, and Harrods, per its investigation. The British National Crime Agency (NCA) arrested four individuals in the country following an investigation into the recent wave of attacks targeting Co-op, M&S, and Harrods. On July 10, Law enforcement arrested 4 youths, aged 17–20, […]
Pierluigi Paganini
July 10, 2025
Researchers found critical PerfektBlue flaws in OpenSynergy BlueSDK, allowing remote code execution to hack millions of vehicles’ systems. Researchers at PCA Cyber Security identified a set of critical vulnerabilities, collectively tracked as PerfektBlue, in OpenSynergy BlueSDK Bluetooth stack. The exploitation of the flaws potentially allows remote code execution in millions of vehicles. These flaws could […]
Pierluigi Paganini
July 10, 2025
Australia’s largest airline Qantas has confirmed that the recent data breach impacted 5.7 million individuals. Early this month, Australian airline Qantas disclosed a cyberattack after hackers accessed a third-party platform used by a call centre, stealing significant customer data. The breach, linked to ongoing Scattered Spider activity, was detected and contained on Monday. Qantas confirmed that while […]
Pierluigi Paganini
July 10, 2025
DoNot APT, likely an India-linked cyberespionage group, targets European foreign ministries with LoptikMod malware. The DoNot APT group, likely linked to India, has expanded its operations and is targeting European foreign ministries with a new malware, called LoptikMod. The Donot Team (also known as APT-C-35 and Origami Elephant) has been active since 2016, focusing on government entities, foreign […]
Pierluigi Paganini
July 09, 2025
Nippon Steel Solutions reported a data breach caused by hackers exploiting a zero-day vulnerability in their network equipment. Nippon Steel Solutions, a subsidiary of Japan’s Nippon Steel, disclosed a data breach, attackers exploited a zero-day vulnerability. The company provides cloud and cybersecurity services. On March 7, 2025, Nippon Steel Solutions detected suspicious server activity and […]
Pierluigi Paganini
July 09, 2025
An Iranian ransomware group, Pay2Key.I2P, has intensified attacks on U.S. and Israeli targets, offering affiliates higher profits. The Iranian ransomware group Pay2Key.I2P is stepping up attacks on U.S. and Israeli targets, luring affiliates with higher profit shares. The ransomware gang is the successor to the original Pay2Key group and experts linked it to the Iran-nexus […]
