Pierluigi Paganini
January 02, 2023
Threat actors compromised the PyTorch Machine Learning Framework by adding a malicious dependency. The maintainers of the PyTorch package warn of a supply chain attack. Users who have installed PyTorch-nightly on Linux via pip between December 25, 2022 and December 30, 2022, to uninstall it and use the latest binaries. “If you installed PyTorch-nightly on […]
Pierluigi Paganini
January 02, 2023
Poland security agency warns pro-Russian hackers that are continuously targeting the state since the start of the invasion of Ukraine. Since the beginning of the invasion of Ukraine, Poland has been a constant target of cyber attacks conducted by pro-Russian hackers, Poland’s security agency warns. The attacks aimed at almost any entity in Poland, including […]
Pierluigi Paganini
January 01, 2023
The LockBit ransomware group formally apologized for the attack on the Hospital for Sick Children (SickKids) and gave to the victim a decryptor for free. The LockBit ransomware gang formally apologized for the attack on the Hospital for Sick Children (SickKids) and has released a free decryptor for the Hospital. The group is known to […]
Pierluigi Paganini
January 01, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Personal health information of 42M Americans leaked between 2016 and 2021 Malvertising campaign MasquerAds abuses Google […]
Pierluigi Paganini
December 31, 2022
Crooks have had access to the medical records of 42 million Americans since 2016 as the number of hacks on healthcare organizations doubled. Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers. Researchers from Jama Network analyzed trends in ransomware attacks […]
Pierluigi Paganini
December 31, 2022
Experts warn of a new Malvertising Campaign abusing Google Ads that targets users searching for popular software. Guardio Labs researchers uncovered a malvertising campaign, tracked as MasquerAds and attributed to a threat actor known as Vermux, that is abusing Google Ads to target users that are searching for popular software. The campaign aims at delivering […]
Pierluigi Paganini
December 30, 2022
A new Linux malware has been exploiting 30 vulnerabilities in outdated WordPress plugins and themes to deploy malicious JavaScripts. Doctor Web researchers discovered a Linux malware, tracked as Linux.BackDoor.WordPressExploit.1, that compromises WordPress websites by exploiting 30 vulnerabilities in multiple outdated plugins and themes. The malware injects into targeted webpages malicious JavaScripts, then when users click on the compromised […]
Pierluigi Paganini
December 30, 2022
Netgear addressed a high-severity bug affecting multiple WiFi router models, including Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC. Netgear fixed a bug affecting multiple WiFi router models, including Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC router models. The vendor only said that the flaw is a pre-authentication buffer overflow vulnerability and urged […]
Pierluigi Paganini
December 29, 2022
The Lake Charles Memorial Health System (LCMHS) suffered a ransomware attack that impacted 270,000 patients. The Lake Charles Memorial Health System (LCMHS) disclosed a data breach that affected almost 270,000 patients at its medical centers. The Lake Charles Memorial Health System is the largest not-for-profit community healthcare system in Southwest Louisiana. LCMHS reported the incident to the secretary of the U.S. […]
Pierluigi Paganini
December 27, 2022
The pay-per-install (PPI) malware downloader service PrivateLoader is being used to distribute the RisePro info-stealing malware. The pay-per-install (PPI) malware downloader service PrivateLoader is being used to distribute the information-stealing malware dubbed RisePro, Flashpoint warns. Threat actors can pay the Pay-per-install PrivateLoader service to download malicious payloads onto infected systems. Pay-per-install services are not a novel business model […]
