Pierluigi Paganini
April 16, 2025
Resecurity warns of rising cyberattacks on the energy sector, some linked to large-scale campaigns targeting national infrastructure for geopolitical aims. Resecurity warns about the increase in targeted cyberattacks against enterprises in the energy sector worldwide. Some of these attacks represent much larger campaigns designed to target country-level infrastructure, acting as tools for geopolitical influence. It is […]
Pierluigi Paganini
April 15, 2025
Hertz Corporation disclosed a data breach after customer data was stolen via Cleo zero-day exploits in late 2024, affecting Hertz, Thrifty, and Dollar brands. Car rental giant Hertz Corporation disclosed a data breach that impacted its Hertz, Thrifty, and Dollar brands. Threat actors gained access to customer data via Cleo zero-day exploits in late 2024. […]
Pierluigi Paganini
April 14, 2025
New malware ‘ResolverRAT’ is targeting healthcare and pharmaceutical firms, using advanced capabilities to steal sensitive data. Morphisec researchers discovered a new malware dubbed ‘ResolverRAT’ that is targeting healthcare and pharmaceutical firms, using advanced capabilities to steal sensitive data. ResolverRAT spreads via phishing emails using localized languages and legal lures. Victims download a malicious file triggering […]
Pierluigi Paganini
April 14, 2025
The operators of the Phishing-as-a-Service (PhaaS) platform Tycoon2FA have rolled out significant updates to enhance its evasion capabilities. Tycoon2FA, a phishing kit discovered in 2023 by cybersecurity firm Sekoia, was recently updated to improve its evasion capabilities. The phishing kit now uses advanced evasion tactics such as a custom CAPTCHA via HTML5 canvas, invisible Unicode […]
Pierluigi Paganini
April 14, 2025
Cell C, one of the biggest telecom providers in South Africa confirms a data breach following a 2024 cyberattack. Cell C is the fourth-largest mobile network operator in South Africa, ,after Vodacom, MTN, and Telkom. The company founded in 2001 offers prepaid and postpaid mobile plans, data bundles and internet services, fiber broadband, roaming and […]
Pierluigi Paganini
April 10, 2025
AkiraBot, a CAPTCHA-evading Python framework, has spammed over 80,000 websites with AI-generated messages, targeting small and medium-sized businesses. SentinelOne’s SentinelLabs researchers warn that AkiraBot, a spam framework, targets websites’ chats and contact forms to promote low-quality SEO services, AkiraBot has already targeted more than 400,000 websites and successfully spammed at least 80,000 websites since September […]
Pierluigi Paganini
April 07, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Apache Tomcat path equivalence vulnerability, tracked as CVE-2025-22457, to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability CVE-2025-22457 is a stack-based buffer overflow […]
Pierluigi Paganini
April 07, 2025
Microsoft credited controversial actor EncryptHub, a lone actor with ties to cybercrime, for reporting two Windows flaws. Microsoft credited the likely lone actor behind the EncryptHub alias (also known as SkorikARI) for reporting two Windows security flaws, highlighting a “conflicted” figure balancing ethical cybersecurity work with cybercriminal activity. Outpost24 KrakenLabs published a detailed analysis of […]
Pierluigi Paganini
April 07, 2025
A campaign named PoisonSeed uses stolen CRM and bulk email credentials to send crypto seed scams, aiming to empty victims’ digital wallets. Silent Push researchers warn of a malicious PoisonSeed campaign that uses stolen CRM and bulk email provider credentials to send crypto seed phrase spam. Victims are tricked into importing compromised seed phrases into […]
Pierluigi Paganini
April 07, 2025
Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as “EDR-as-a-Service,” is taking hold in the cybersecurity landscape. In a nutshell, some criminal groups are exploiting compromised accounts belonging to law enforcement […]
