MUST READ

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

MoltBot Skills exploited to distribute 400+ malware packages in days

 | 

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

 | 

Hackers exploit unsecured MongoDB instances to wipe data and demand ransom

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

 | 

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

 | 

Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

malware

Pierluigi Paganini November 23, 2017
Artificial Intelligence is Important for Cybersecurity, But It’s Not Enough

The advent of Artificial Intelligence has brought with it a new scope for cybersecurity. Why the artificial intelligence is important for cybersecurity? In my last blog, I discussed AI and Big Data. Now, I am going to explain about AI and Cybersecurity. The advent of Artificial Intelligence has brought with it a new scope for […]

Pierluigi Paganini November 23, 2017
Crooks set up a fake Symantec Blog to spread the macOS Proton malware

A new strain of the notorious macOS Proton malware is spreading through a blog spoofing the legitimate blog of the security firm Symantec. The attackers used the same domain registration information of the original site, except for the email address. The SSL digital certificate for the site is a legitimate certificate issued by Comodo instead of the […]

Pierluigi Paganini November 19, 2017
A second variant of the new Cryptomix Ransomware released in a few days

Malware researchers at MalwareHunterTeam discovered a new variant of the CryptoMix ransomware, the second one in just a few days. A new variant of the CryptoMix ransomware was recently discovered by the experts at the MalwareHunterTeam, it is the second release of new variants this week. The latest variant appends the. 0000 extension to encrypted files and uses new contact emails, for example, […]

Pierluigi Paganini November 18, 2017
A new EMOTET Trojan variant improves evasion techniques

Security experts at Trend Micro had recently observed a new variant of the EMOTET banking Trojan that implements new evasion features. EMOTET, aka Geodo, is linked to the dreaded Dridex and Feodo (Cridex, Bugat)  malware families. In past campaigns, EMOTET was used by crooks to steal banking credentials and as a malicious payload downloader. The experts observed […]

Pierluigi Paganini November 18, 2017
City of Spring Hill in Tennessee still hasn’t recovered from ransomware attack

In early November, the City of Spring Hill, Tenn, suffered a ransomware attack, but it still hasn’t recovered from attack attack. In early November, the City of Spring Hill, Tenn, suffered a ransomware attack, but government officials refused to pay a $250,000 ransom demanded by the crooks and attempted to restore the database recovering the content […]

Pierluigi Paganini November 16, 2017
Terdot Banking Trojan is back and it now implements espionage capabilities

The Terdot banking Trojan isn’t a novelty in the threat landscape, it has been around since mid-2016, and now it is reappearing on the scenes. According to Bitdefender experts, vxers have improved the threat across the years, implementing credential harvesting features as well as social media account monitoring functionality. The Terdot banking Trojan is based on the Zeus […]

Pierluigi Paganini November 16, 2017
Multi-Stage Android/TrojanDropper.Agent.BKY Malware bypasses Google Play detection once again

Researchers from security firm ESET, discovered a multi-stage Malware dubbed Android/TrojanDropper.Agent.BKY that evaded Google Play detection. Security experts at ESET have discovered a multi-stage Android malware, tracked as Android/TrojanDropper.Agent.BKY, that was available for download in the official Google Play store. The researchers have found eight malicious applications in the official application store (MEX Tools, Clear Android, Cleaner for […]

Pierluigi Paganini November 14, 2017
IcedID, a new sophisticated banking Trojan doesn’t borrow code from other banking malware

Researchers at IBM have spotted a new banking malware dubbed IcedID has capabilities similar to other financial threats like Gozi, Zeus, and Dridex. Malware researchers at IBM X-Force have spotted a new strain of banking malware dubbed IcedID has capabilities similar to other financial threats like Gozi, Zeus, and Dridex. IcedID does not borrow code from other banking malware, but it […]

Pierluigi Paganini November 12, 2017
Avira spotted a new strain of the dreaded Locky Ransomware in the wild

Avira firm detected a new strain of the Locky ransomware that is spreading through malicious attachments disguised as legitimate Libre and Office documents. Researchers at Avira Virus Lab detected a new strain of the Locky ransomware that is spreading through malicious attachments disguised as legitimate documents from productivity applications like Microsoft Word and Libre Office. The new Lock […]

Pierluigi Paganini November 10, 2017
Experts explain the Return on Investments in the cybercriminal underground

How much is the return on investment in the cybercriminal underground? Let’s dig a report recently published by threat intelligence firm Recorded Future to find the answer. Cybercrime is a profitable business and the returns of investments can be enormous, this is what emerged from another interesting research of the threat intelligence firm Recorded Future. […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

Security / February 06, 2026

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

Security / February 06, 2026

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Uncategorized / February 05, 2026

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Hacktivism / February 05, 2026

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

APT / February 05, 2026