malware Archives - Page 4 of 554

Pierluigi Paganini June 15, 2025

Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Palo Alto Networks fixed multiple privilege escalation flaws Unusual toolset used in recent Fog Ransomware attack […]

Pierluigi Paganini June 14, 2025

Unusual toolset used in recent Fog Ransomware attack

Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec researchers warn. In May 2025, attackers hit an Asian financial firm with Fog ransomware, using rare tools like Syteca monitoring software and pentesting tools GC2, Adaptix, and Stowaway. Symantec researchers pointed out that the use of these tools is unusual […]

Pierluigi Paganini June 13, 2025

Apple confirmed that Messages app flaw was actively exploited in the wild

Apple confirmed that a security flaw in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. Apple confirmed that a now-patched vulnerability, tracked as CVE-2025-43200, in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. The IT giant addressed the flaw […]

Pierluigi Paganini June 12, 2025

Paragon Graphite Spyware used a zero-day exploit to hack at least two journalists’ iPhones

Security researchers at Citizen Lab revealed that Paragon’s Graphite spyware can hack fully updated iPhones via zero-click attacks. Citizen Lab has confirmed that Paragon’s Graphite spyware was used to hack fully updated iPhones, targeting at least two journalists in Europe. The group found forensic evidence showing the phones had communicated with the same spyware server. […]

Pierluigi Paganini June 12, 2025

U.S. CISA adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: This week, Akamai researchers warned that […]

Pierluigi Paganini June 11, 2025

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

INTERPOL announced that a joint operation code-named Operation Secure took down 20,000+ malicious IPs/domains tied to 69 info-stealers. Between January and April 2025, INTERPOL led Operation Secure, a global effort that took down over 20,000 malicious IPs and domains linked to information-stealing malware. With support from 26 countries and partners like Group-IB, Kaspersky, and Trend […]

Pierluigi Paganini June 10, 2025

Mirai botnets exploit Wazuh RCE, Akamai warned

Mirai botnets are exploiting CVE-2025-24016, a critical remote code execution flaw in Wazuh servers, Akamai warned. Akamai researchers warn that multiple Mirai botnets exploit the critical remote code execution vulnerability CVE-2025-24016 (CVSS score of 9.9) affecting Wazuh servers. Wazuh is an open-source security platform used for threat detection, intrusion detection, log data analysis, and compliance […]

Pierluigi Paganini June 09, 2025

OpenAI bans ChatGPT accounts linked to Russian, Chinese cyber ops

OpenAI banned ChatGPT accounts tied to Russian and Chinese hackers using the tool for malware, social media abuse, and U.S. satellite tech research. OpenAI banned ChatGPT accounts that were used by Russian-speaking threat actors and two Chinese nation-state actors. The blocked accounts were used to assist malware development, social media automation, and research about U.S. […]

Pierluigi Paganini June 09, 2025

New Mirai botnet targets TBK DVRs by exploiting CVE-2024-3721

A new variant of the Mirai botnet exploits CVE-2024-3721 to target DVR systems, using a new infection method. Researchers from Russian cybersecurity firm Kaspersky discovered a new variant of the Mirai botnet that exploits a command injection vulnerability (CVE-2024-3721) in TBK DVR-4104 and DVR-4216 digital video recording devices. During a review of the logs in […]

Pierluigi Paganini June 09, 2025

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

BadBox 2.0 malware has infected millions of IoT devices globally, creating a botnet used for cyber criminal activities, the FBI warns. The FBI published a Public Service Announcement (PSA) to warn that cybercriminals are using the BADBOX 2.0 botnet to exploit IoT devices on home networks, like streaming devices, projectors, and infotainment systems, mostly made […]

malware

Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION

Unusual toolset used in recent Fog Ransomware attack

Apple confirmed that Messages app flaw was actively exploited in the wild

Paragon Graphite Spyware used a zero-day exploit to hack at least two journalists’ iPhones

U.S. CISA adds Wazuh, and WebDAV flaws to its Known Exploited Vulnerabilities catalog

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

Mirai botnets exploit Wazuh RCE, Akamai warned

OpenAI bans ChatGPT accounts linked to Russian, Chinese cyber ops

New Mirai botnet targets TBK DVRs by exploiting CVE-2024-3721

BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

IT Worker arrested for selling access in $100M PIX cyber heist

New Batavia spyware targets Russian industrial enterprises

QUICK LINKS

malware

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!