MUST READ

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

MoltBot Skills exploited to distribute 400+ malware packages in days

 | 

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

 | 

Hackers exploit unsecured MongoDB instances to wipe data and demand ransom

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

 | 

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

 | 

Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

malware

Pierluigi Paganini September 21, 2016
Italian security firm spotted BadEpilogue: The Perfect Evasion

Security firm Certego has been detecting multiple viral spam campaigns leveraging a new malware evasion technique it called BadEpilogue. Starting from May 2016, Certego Threat Intelligence platform has been detecting multiple viral spam campaigns using a new evasion technique. These attacks are able to hide malicious attachments inside a specific area of the MIME/Multipart structure and […]

Pierluigi Paganini September 19, 2016
Vawtrak v2, a close look at the cybercriminal groups behind the threat

Security experts from the cyber threat intelligence firm Blueliv have published a report on the banking Trojan Vawtrak v2 its criminal ecosystem. Security experts from the cyber threat intelligence firm Blueliv have conducted a technical investigation on the banking Trojan Vawtrak v2 and activities of the cybercriminal groups behind the threat. Vawtrak is a threat that has been […]

Pierluigi Paganini September 18, 2016
Hacking industrial processes with and undetectable PLC Rootkit

Two security researchers have developed an undetectable PLC rootkit that will present at the upcoming Black Hat Europe 2016. The energy industry is under unceasing attack, cyber criminals, and state-sponsored hackers continue to target the systems of the companies in the sector. The Stuxnet case has demonstrated to the IT community the danger of cyber attacks, […]

Pierluigi Paganini September 12, 2016
Motherboard shows us how surveillance software works

Surveillance is a profitable business, Motherboard has published a never-before-seen 10-minute video showing a live demo of a surveillance software. Recently, the iPhone hack carried out with the NSO Group‘s Pegasus raised the debate about the use of surveillance software. Who uses them? How? Are we able to defend our machines from a so invasive surveillance? NSO Group is […]

Pierluigi Paganini September 12, 2016
Mal/Miner-C mining malware leverages NAS devices to spread itself

Experts from Sophos discovered Mal/Miner-C, a malware designed to abuse resources of the infected machine to mine Monero (XMR) cryptocurrency. Malware researchers from security firm Sophos have analyzed a new strain of malware detected as Mal/Miner-C that was designed to abuse resources of the infected machine to mine Monero (XMR) cryptocurrency. The experts discovered that the new […]

Pierluigi Paganini September 11, 2016
LuaBot is the first Linux DDoS botnet written in Lua Language

The researcher MalwareMustDie discovered LuaBot, a trojan completely coded in Lua language that is targeting Linux platforms to recruit them in DDoS botnet. Let’s continue our tour in Linux security, focusing on malicious code specifically designed to target such systems. The popular security researcher MalwareMustDie, who recently reported the new ELF trojan backdoorLinux/Mirai, also discovered a […]

Pierluigi Paganini September 10, 2016
Doctor Web discovers the first Linux Trojan that is written in Rust language

Experts from Dr Web discovered a new Linux Trojan called Linux.BackDoor.Irc.16 that is written in the Rust programming language. It is a prolific period for Vxers working on Linux Trojan, a new strain was recently spotted by experts from Doctor Web. The new Linux Trojan has been named Linux.BackDoor.Irc.16 and is written in the Rust programming language.Rust […]

Pierluigi Paganini September 08, 2016
Cross-platform Mokes backdoor OS X exists and is spreading in the wild

Malware researchers from Kaspersky Lab confirmed the existence of an OS X variant of the Mokes backdoor discovered in January by Kaspersky. Malware researchers from Kaspersky Lab confirmed the existence of an OS X variant of a recently discovered family of cross-platform backdoors. The backdoors family was named Mokes and a strain of malware was […]

Pierluigi Paganini September 06, 2016
Pokemon-fan VXer developed the Linux Umbreon rootkit

Security researchers from TrendMicro have published an interesting analysis on the Linux Umbreon rootkit, a new malware developed by a Pokemon-fan VXer. Malware researchers from TrendMicro have obtained samples of a new strain of Linux rootkit from one of its trusted partners. The new rootkit family was called Umbreon (ELF_UMBREON family), from the name of one of […]

Pierluigi Paganini September 05, 2016
Linux/Mirai ELF, when malware is recycled could be still dangerous

Experts from MalwareMustDie spotted a new ELF trojan backdoor, dubbed ELF Linux/Mirai,  which is now targeting IoT devices. Experts from MalwareMustDie have analyzed in August samples of a particular ELF trojan backdoor, dubbed ELF Linux/Mirai,  which is now targeting IoT devices. The name of the malware is the same of the binary,”mirai.*,” and according to the […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

Security / February 06, 2026

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

Security / February 06, 2026

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Uncategorized / February 05, 2026

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Hacktivism / February 05, 2026

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

APT / February 05, 2026