MUST READ

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

 | 

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

 | 

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

 | 

King Addons flaw lets anyone become WordPress admin

 | 

University of Pennsylvania and University of Phoenix disclose data breaches

 | 

Researchers spotted Lazarus’s remote IT workers in action

 | 

India mandates SIM-linked messaging apps to fight rising fraud

 | 

U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog

 | 

MuddyWater strikes Israel with advanced MuddyViper malware

 | 

'Korea’s Amazon' Coupang discloses a data breach impacting 34M customers

 | 

Google’s latest Android security update fixes two actively exploited flaws

 | 

Newsletter

Pierluigi Paganini December 07, 2025
Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs Maximum-severity XXE vulnerability discovered in Apache […]

Pierluigi Paganini November 30, 2025
Security Affairs newsletter Round 552 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers stole member data from French Soccer Federation Thousands of sensitive secrets published on JSONFormatter and […]

Pierluigi Paganini November 23, 2025
Security Affairs newsletter Round 551 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks U.S. CISA adds an Oracle […]

Pierluigi Paganini November 16, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter 9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads GlassWorm Returns: New Wave Strikes as We Expose Attacker Infrastructure Gootloader Returns: What Goodies Did They Bring? Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector […]

Pierluigi Paganini November 16, 2025
Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Multiple Vulnerabilities in GoSign Desktop lead to Remote Code Execution U.S. CISA adds Fortinet FortiWeb flaw to […]

Pierluigi Paganini November 09, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter SesameOp: Novel backdoor uses OpenAI Assistants API for command and control   Weaponized Military Documents Deliver Advanced SSH-Tor Backdoor to Defense Sector   Gootloader Returns: What Goodies Did They Bring?  Ransomvibing appears in VS Code extensions  […]

Pierluigi Paganini November 09, 2025
Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. China-linked hackers target U.S. non-profit in long-term espionage campaign A new Italian citizen was targeted with […]

Pierluigi Paganini November 02, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Agenda Ransomware Deploys Linux Variant on Windows Systems Through Remote Management Tools and BYOVD Techniques Uncovering Qilin attack methods exposed through multiple cases     Mem3nt0 mori – The Hacking Team is back!  Insider Threats Loom […]

Pierluigi Paganini November 02, 2025
Security Affairs newsletter Round 548 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government China-linked UNC6384 exploits Windows zero-day […]

Pierluigi Paganini October 19, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 67

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Astaroth: Banking Trojan Abusing GitHub for Resilience  North Korea’s Contagious Interview Campaign Escalates: 338 Malicious npm Packages, 50,000 Downloads New Rust Malware “ChaosBot” Uses Discord for Command and Control  Weaponizing Discord for Command and […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

Security / December 08, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

Malware / December 07, 2025

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

Uncategorized / December 07, 2025

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

Security / December 07, 2025

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

Hacking / December 06, 2025