MUST READ

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

 | 

U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

 | 

Nine arrested in €600M crypto laundering bust across Europe

 | 

Google fixed a critical remote code execution in Android

 | 

SesameOp: New backdoor exploits OpenAI API for covert C2

 | 

Google Big Sleep found five vulnerabilities in Safari

 | 

Jabber Zeus developer ‘MrICQ’ extradited to US from Italy

 | 

Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

 | 

malware

Pierluigi Paganini June 24, 2025
Russia-linked APT28 use Signal chats to target Ukraine official with malware

Russia-linked group APT28 uses Signal chats as an attack vector to phish Ukrainian officials with new malware strains. Russia-linked cyberespionage group APT28 is targeting Ukrainian government officials using Signal chats to deliver two new types of malware, tracked as BeardShell and SlimAgent. While Signal itself remains secure, attackers are exploiting its growing popularity in official […]

Pierluigi Paganini June 23, 2025
The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

UK’s Cyber Monitoring Centre (CMC) labels Marks & Spencer and Co-op cyberattacks a Category 2 event, estimating financial impact at £270M–£440M. The Cyber Monitoring Centre (CMC) has labeled the recent cyberattacks on Marks & Spencer and Co-op as a Category 2 systemic event, estimating losses between £270M and £440M. In early May, the attackers behind […]

Pierluigi Paganini June 22, 2025
Qilin ransomware gang now offers a “Call Lawyer” feature to pressure victims

Qilin ransomware gang now offers a “Call Lawyer” feature to help affiliates pressure victims into paying, per Cybereason. The Qilin ransomware group is now offering legal support to its affiliates through a “Call Lawyer” feature to pressure victims into paying. This move, reported by cybersecurity firm Cybereason, shows Qilin stepping up its operations and trying […]

Pierluigi Paganini June 22, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet   Predator Still Active, with New Client and Corporate Links Identified Threat Group Targets Companies in Taiwan  Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion  Anubis: A […]

Pierluigi Paganini June 22, 2025
Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Iran confirmed it shut down internet to protect the country against cyberattacks Godfather Android trojan uses […]

Pierluigi Paganini June 21, 2025
Godfather Android trojan uses virtualization to hijack banking and crypto apps

Godfather Android trojan uses virtualization to hijack banking and crypto apps, stealing user funds, warns mobile security firm Zimperium. Zimperium zLabs has uncovered a major evolution of the GodFather Android trojan, which uses on-device virtualization to hijack real banking and crypto apps. Instead of using fake overlays, the malware creates a sandbox on the victim’s […]

Pierluigi Paganini June 20, 2025
A ransomware attack pushed the German napkin firm Fasana into insolvency

A cyberattack pushed the German napkin firm Fasana into insolvency, likely worsening existing financial troubles and serving as the final blow. German napkin maker Fasana filed for insolvency after a major cyberattack on May 19 paralyzed its systems, halting over €250K in orders the next day. The napkin factory is located in Stotzheim, Germany, and […]

Pierluigi Paganini June 19, 2025
Researchers discovered the largest data breach ever, exposing 16 billion login credentials

Researchers discovered the largest data breach ever, exposing 16 billion login credentials, likely due to multiple infostealers. Researchers announced the discovery of what appears to be the largest data breach ever recorded, with an astonishing 16 billion login credentials exposed. The ongoing investigation, which began earlier this year, suggests that the credentials were collected through […]

Pierluigi Paganini June 19, 2025
Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

Java-based malware targets Minecraft users via fake cheat tools, utilizing the Stargazers Ghost Network distribution-as-a-service (DaaS). Check Point researchers found a multi-stage malware on GitHub targeting Minecraft users via Stargazers DaaS, using Java/.NET stealers disguised as cheat tools. Minecraft, one of the world’s most popular games with over 200 million monthly players and 300 million […]

Pierluigi Paganini June 18, 2025
News Flodrix botnet targets vulnerable Langflow servers

Attackers exploit CVE-2025-3248 in Langflow servers to deliver Flodrix botnet via downloader scripts, Trend Research reports. Trend Research uncovered an ongoing campaign exploiting the vulnerability CVE-2025-3248 to deliver the Flodrix botnet. Attackers exploit the flaw to run scripts on Langflow servers, downloading and installing Flodrix malware. “If the vulnerability is successfully exploited, threat actors behind […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

Hacking / November 09, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

Malware / November 09, 2025

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / November 09, 2025

China-linked hackers target U.S. non-profit in long-term espionage campaign

APT / November 08, 2025

A new Italian citizen was targeted with Paragon’s Graphite spyware. We have a serious problem

Security / November 08, 2025