MUST READ

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day

 | 

Ivanti warns customers of new EPM flaw enabling remote code execution

 | 

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

 | 

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

 | 

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

 | 

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

 | 

Oracle EBS zero-day used by Clop to breach Barts Health NHS

 | 

AWS: China-linked threat actors weaponized React2Shell hours after disclosure

 | 

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

 | 

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

 | 

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

malware

Pierluigi Paganini August 03, 2017
New TrickBot banking Trojan variant borrows spreading capabilities from Wannacry

A cyber gang is improving its version of the TrickBot banking Trojan by implementing the self-spreading worm-like capabilities used by WannaCry and NotPetya Cybercriminals most of all are capitalizing the lesson from the recent WannaCry and NotPetya ransomware massive attacks. At least one cyber gang is improving its version of the TrickBot banking Trojan by implementing the self-spreading […]

Pierluigi Paganini August 03, 2017
Former Bupa employee offered 1 million customer records for sale on dark web

Former Employee of the Healthcare giant Bupa offered for sale records of 1 Million clients on Dark Web. A former employee of healthcare giant Bupa was selling between 500,000 and 1 million records on the healthcare giant Bupa was selling between 500,000 and 1 million records on the dark web. The former employee whose identity […]

Pierluigi Paganini August 03, 2017
The bateleur backdoor is the new weapon in the Carbank gang’s arsenal

Experts at Proofpoint noticed the infamous cyber crime gang Carbanak has added a new JScript backdoor dubbed Bateleur Backdoor to its arsenal. According to researchers at security firm Proofpoint, the infamous cyber crime gang cyber crime gang Carbanak has added a new JScript backdoor dubbed Bateleur Backdoor to its arsenal. Carbanak, aka Carbanak, aka FIN7, has also used […]

Pierluigi Paganini August 02, 2017
The Svpeng Trojan continues to evolve, the last variant includes keylogger capabilities

Security experts at Kaspersky discovered the dreaded Svpeng Trojan has been recently modified to implement keylogger features. Cyber criminals are becoming even more aggressive and are using new stealth techniques. Security experts at Kaspersky have discovered that one of the most dangerous Android banking Trojan, Svpeng, has been recently modified to implement keylogger features to […]

Pierluigi Paganini August 01, 2017
Pharmaceutical giant Merck confirmed NotPetya attack disrupted operations worldwide

The US pharmaceutical company Merck revealed that the massive NotPetya cyberattack has disrupted its worldwide operations. The US pharmaceutical company Merck revealed that the massive NotPetya cyberattack has disrupted its worldwide operations. The news was part of the Merck’s financial results announcement for the second quarter of 2017, according to the pharmaceutical giant the ransomware destructed operations […]

Pierluigi Paganini August 01, 2017
TOPransom: From eMail Attachment to Powning the Attacker’s Database

TOPransom – Analyzing the entire process from getting an email attachment to powning the ransom server trying to stop the infection. Hi folks, today I want to share a quick but intensive experience in fighting cybercrime. I wish you would appreciate the entire process of getting an email attachment to powning the ransom server trying […]

Pierluigi Paganini August 01, 2017
CopyFish Extension for Chrome Stolen And Updated With Trojan Adware

Crooks recently hacked the popular Google Chrome extension Copyfish after compromising the Chrome Web Store account of German developer team a9t9 software. Trojan malware has been around for a long time. A user installs an application to accomplish one task, but behind the scenes, the application is performing a completely different task — usually unwanted. The […]

Pierluigi Paganini July 31, 2017
OpenAI Gym – A machine learning system creates ‘invisible’ malware

At DEF CON hacking conference experts demonstrated how to abuse a machine learning system dubbed OpenAI Gym to create malware that can avoid detection. We have discussed several times about the impact of Artificial Intelligence (AI) on threat landscape, from a defensive perspective new instruments will allow the early detections of malicious patterns associated with threats, […]

Pierluigi Paganini July 29, 2017
Experts spotted Triada Trojan in firmware of low-cost Android smartphones

Malware researchers at the Russian anti-virus firm Dr.Web have spotted the Triada Trojan in the firmware of several low-cost Android smartphones. Another case of pre-installed malware make the headlines, malware researchers at the Russian anti-virus firm Dr.Web have spotted the Triada Trojan in the firmware of several low-cost Android smartphones, including Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu […]

Pierluigi Paganini July 28, 2017
Malware experts at ESET released a free tool for ICS Malware analysis

Security experts from ESET that spotted the Industroyer malware used against Ukraine’s power grid released a free tool for ICS Malware analysis ESET researchers Robert Lipovsky and Anton Cherepanov have released a free tool for the analysis of ICS malware. The security duo is the same that discovered the CrashOverride/Industroyer malware that targeted the Ukraine’s power […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

Security / December 10, 2025

Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day

Breaking News / December 10, 2025

Ivanti warns customers of new EPM flaw enabling remote code execution

Hacking / December 09, 2025

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

Malware / December 09, 2025

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

Cyber Crime / December 09, 2025