MUST READ

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day

 | 

Ivanti warns customers of new EPM flaw enabling remote code execution

 | 

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

 | 

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

 | 

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

 | 

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

 | 

Oracle EBS zero-day used by Clop to breach Barts Health NHS

 | 

AWS: China-linked threat actors weaponized React2Shell hours after disclosure

 | 

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

 | 

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

 | 

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

malware

Pierluigi Paganini July 18, 2017
Two CryptoMix Ransomware variants emerged in a few days

Two CryptoMix Ransomware variants emerged in a few days, a circumstance that suggests the operators behind the threat are very active. Malwarebytes’ researcher Marcelo Rivero has spotted a new variant of the CryptoMix ransomware. #CryptoMix #Ransomware adds ext ".EXTE" to encrypted files, and the note "_HELP_INSTRUCTION.TXT" – md5: 1059676fbb9d811e88af96716cc1ffb5 pic.twitter.com/Ha4jeRMPEv — Marcelo Rivero (@MarceloRivero) July 13, […]

Pierluigi Paganini July 18, 2017
Android Backdoor GhostCtrl can spy on victims and take over Windows Systems

The GhostCtrl backdoor, is an OmniRAT-Based Android malware that can spy on victims, steal data and take over Windows System using the RETADUP infostealer. Today’s smartphones are as powerful as the computers of only a few years ago. Unfortunately, that also means that Android phones have as many instances of malware as desktop and laptop […]

Pierluigi Paganini July 13, 2017
Eternal Blues scanner allowed to find 50,000 EternalBlue-vulnerable host

The Eternal Blues scanner allowed administrators worldwide to discover more than 50,000 computers vulnerable to the NSA-linked EternalBlue exploit. Recently the security researcher Elad Erez developed Eternal Blues, a free EternalBlue vulnerability scanner that could be used by administrators to assess networks. Now Elad Erez published data collected by the Eternal Blues over the two weeks, the […]

Pierluigi Paganini July 12, 2017
Following NotPetya NATO Increases Support for Ukraine’s Cyber Defenses

Following the massive NotPetya attack, NATO Increases Support for Ukrainian Cyber Defenses, Ukraine Considers Joining NATO. “Critical Infrastructure” is one of the most sensitive elements of any country’s economy. Recent attacks against Ukraine’s infrastructure have many other countries taking note and have encouraged NATO to pitch in and help bolster Ukrainian cyber defenses. In December […]

Pierluigi Paganini July 11, 2017
Calling Artificial Intelligence to Counter Ransomware Attacks

The progression in Artificial Intelligence have incited intense debate worldwide, some experts are calling AI to counter malware attacks In a short span of six weeks, the world was hit twice by major ransomware attacks — malicious software that seizes the data stored on your computer systems and would only release it to you upon […]

Pierluigi Paganini July 11, 2017
Adwind RAT is back, crooks are targeting Aerospace industries in many countries

Security experts at TrendMicro discovered that the notorious Adwind RAT has resurfaced targeting enterprises in the Aerospace industries worldwide. Crooks are even more opportunists, they continually innovate their TTPs to maximize their profits to target the largest number of victims. Security experts at TrendMicro have discovered that the notorious Adwind RAT has resurfaced and cyber criminals are using it […]

Pierluigi Paganini July 10, 2017
US Food Payment Kiosk Vendor Avanti Markets Hacked, Biometric data stolen

US payment kiosk vendor Avanti Markets that installs its self-service payment devices in corporate breakrooms across America suffered a security breach. The US payment kiosk vendor Avanti Markets that installs its self-service payment devices in thousands of corporate breakrooms across America suffered a security breach. According to the popular investigator Brian Krebs who first reported the news, the systems of the company were infected […]

Pierluigi Paganini July 09, 2017
Android SpyDealer Trojan is able to spy on more than 40 apps

Security experts at Palo Alto Networks have discovered a new Android Trojan dubbed SpyDealer that can steal data from more than 40 applications. Malware researchers at Palo Alto Networks have spotted a new  Android Trojan, dubbed SpyDealer that can exfiltrate data from more than 40 applications, including WeChat, Facebook, WhatsApp, Skype, Line, Viber, QQ, Tango, Telegram, Sina Weibo, Tencent Weibo, […]

Pierluigi Paganini July 08, 2017
Hard Rock and Loews hotel chains notified guests of security breaches

Hard Rock and Loews hotel chains notified guests of security breaches, the incidents are linked to hack of the SynXis platform provided by the Sabre firm. It has happened again, the Hard Rock Hotels and Casinos franchise is alerting guests about a possible data breach. Customers have to monitor their bank account for suspicious activity […]

Pierluigi Paganini July 07, 2017
The author of the original Petya ransomware released the master key

The author of the original variant of the Petya ransomware has made the master key available online, all the victims can decrypt their files for free. Janus, the author of the original variant of Petya ransomware (that isn’t the NotPetya variant used in the recent massive attack) has made the master key available online. All the victims of the […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

Security / December 10, 2025

Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day

Breaking News / December 10, 2025

Ivanti warns customers of new EPM flaw enabling remote code execution

Hacking / December 09, 2025

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

Malware / December 09, 2025

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

Cyber Crime / December 09, 2025