MUST READ

SAP September 2025 Patch Day fixed 4 critical flaws

 | 

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

 | 

LunaLock Ransomware threatens victims by feeding stolen data to AI models

 | 

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

 | 

Canadian investment platform Wealthsimple disclosed a data breach

 | 

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

 | 

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

 | 

Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Qantas cuts executive bonuses by 15% after a July data breach

 | 

MeetC2 - A serverless C2 framework that leverages Google Calendar APIs as a communication channel

 | 

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

 | 

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

 | 

SVG files used in hidden malware campaign impersonating Colombian authorities

 | 

France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules

 | 

$10M reward for Russia's FSB officers accused of hacking US Critical infrastructure

 | 

Severe Hikvision HikCentral product flaws: What You Need to Know

 | 

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

 | 

Google addressed two Android flaws actively exploited in targeted attacks

 | 

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

 | 

malware

Pierluigi Paganini May 18, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 45

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape PupkinStealer : A .NET-Based Info-Stealer  Interlock ransomware evolving under the radar  Technical Analysis of TransferLoader   Sophisticated NPM Attack Leveraging Unicode Steganography and Google Calendar C2   Horabot Unleashed: A Stealthy Phishing Threat High Risk Warning for Windows […]

Pierluigi Paganini May 18, 2025
Security Affairs newsletter Round 524 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials Shields up US […]

Pierluigi Paganini May 16, 2025
New botnet HTTPBot targets gaming and tech industries with surgical attacks

New botnet HTTPBot is targeting China’s gaming, tech, and education sectors, cybersecurity researchers warn. NSFOCUS  cybersecurity discovered a new botnet called HTTPBot that has been used to target the gaming industry, technology firms, and educational institutions in China. HTTPBot is a Go-based botnet first detected in August 2024, however, its activity surged by April 2025. The botnet […]

Pierluigi Paganini May 15, 2025
Coinbase disclosed a data breach after an extortion attempt

Coinbase confirmed rogue contractors stole customer data and demanded a $20M ransom in a breach reported to the SEC. Coinbase said rogue contractors stole data on under 1% of users and demanded $20M; the data breach was disclosed in an SEC filing. On May 11, 2025, the company received a ransom demand from a threat […]

Pierluigi Paganini May 13, 2025
Moldovan Police arrested a 45-year-old foreign man participating in ransomware attacks on Dutch companies

A 45-year-old foreign man has been arrested in Moldova for allegedly participating in ransomware attacks on Dutch companies in 2021. Moldovan police arrested a 45-year-old foreign man as a result of a joint international operation involving Moldovan and Dutch authorities. He is internationally wanted for multiple cybercrime, including ransomware attacks, blackmail, and money laundering, targeting […]

Pierluigi Paganini May 12, 2025
Threat actors use fake AI tools to deliver the information stealer Noodlophile

Threat actors use fake AI tools to trick users into installing the information stealer Noodlophile, Morphisec researchers warn. Morphisec researchers observed attackers exploiting AI hype to spread malware via fake AI tools promoted in viral posts and Facebook groups. Users seeking free AI video tools unknowingly download Noodlophile Stealer, a new malware that steals browser […]

Pierluigi Paganini May 11, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 45

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape iClicker site hack targeted students with malware via fake CAPTCHA New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms Backdoor found in popular ecommerce components   Stealthy Linux backdoor leveraging residential proxies and NHAS reverse SSH   […]

Pierluigi Paganini May 11, 2025
Security Affairs newsletter Round 523 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ascension reveals personal data of 437,329 patients exposed in cyberattack Operation Moonlander dismantled the botnet behind Anyproxy and […]

Pierluigi Paganini May 10, 2025
Operation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals services

Law enforcement dismantled a 20-year botnet behind Anyproxy and 5socks cybercriminals services and arrested four suspects. Authorities dismantled a 20-year-old botnet tied to Anyproxy and 5socks as part of an international operation codenamed “Operation Moonlander”; four men, including three Russians, were indicted for running the illegal proxy networks. The U.S. Justice Department charged Russian nationals, […]

Pierluigi Paganini May 09, 2025
Russia-linked ColdRiver used LostKeys malware in recent attacks

Since early 2025, Russia-linked ColdRiver has used LostKeys malware to steal files in espionage attacks on Western governments and organizations. Google’s Threat Intelligence Group discovered LOSTKEYS, a new malware used by Russia-linked APT COLDRIVER, in recent attacks to steal files and gather system info. The ColdRiver APT (aka “Seaborgium“, “Callisto”, “Star Blizzard”, â€śTA446”) is a Russian cyberespionage group […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SAP September 2025 Patch Day fixed 4 critical flaws

Security / September 09, 2025

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

Security / September 09, 2025

LunaLock Ransomware threatens victims by feeding stolen data to AI models

Malware / September 09, 2025

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

Hacking / September 08, 2025

Canadian investment platform Wealthsimple disclosed a data breach

Data Breach / September 08, 2025