MUST READ

PhantomCaptcha targets Ukraine relief groups with WebSocket RAT in October 2025

 | 

TP-Link urges immediate updates for Omada Gateways after critical flaws discovery

 | 

TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

 | 

Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure

 | 

Japanese retailer Muji halted online sales after a ransomware attack on logistics partner

 | 

U.S. CISA adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog

 | 

China-Linked Salt Typhoon breaches European Telecom via Citrix exploit

 | 

Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases

 | 

CAPI Backdoor targets Russia’s auto and e-commerce sectors

 | 

F5 breach exposes 262,000 BIG-IP systems worldwide

 | 

China finds “irrefutable evidence” of US NSA cyberattacks on time Authority

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 67

 | 

Security Affairs newsletter Round 546 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Winos 4.0 hackers expand to Japan and Malaysia with new malware

 | 

From Airport chaos to cyber intrigue: Everest Gang takes credit for Collins Aerospace breach

 | 

SIMCARTEL operation: Europol takes down SIM-Box ring linked to 3,200 scams

 | 

A critical WatchGuard Fireware flaw could allow unauthenticated code execution

 | 

Prosper disclosed a data breach impacting 17.6 million accounts

 | 

Microsoft revokes 200+ certificates abused by Vanilla Tempest in fake Teams campaign

 | 

PowerSchool hacker got four years in prison

 | 

Microsoft Windows

Pierluigi Paganini October 16, 2025
U.S. CISA adds SKYSEA Client View, Rapid7 Velociraptor, Microsoft Windows, and IGEL OS flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds OracSKYSEA Client View, Rapid7 Velociraptor, Microsoft Windows, and IGEL OS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added OracSKYSEA Client View, Rapid7 Velociraptor, Microsoft Windows, and IGEL OS flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions […]

Pierluigi Paganini May 20, 2020
Researchers disclose five Microsoft Windows zero-days

Security experts have disclosed five unpatched vulnerabilities in Microsoft Windows, four of which rated as high-risk severity. Security experts from Trend Micro’s Zero Day Initiative (ZDI) have published information on five unpatched vulnerabilities in Microsoft Windows. Four vulnerabilities are classified as high-risk severity, three of them are zero-day vulnerabilities tracked as CVE-2020-0916, CVE-2020-0986, and CVE-2020-0915. The flaws […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

PhantomCaptcha targets Ukraine relief groups with WebSocket RAT in October 2025

APT / October 22, 2025

TP-Link urges immediate updates for Omada Gateways after critical flaws discovery

Security / October 22, 2025

TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

Hacking / October 22, 2025

Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure

APT / October 22, 2025

Japanese retailer Muji halted online sales after a ransomware attack on logistics partner

Breaking News / October 21, 2025