MUST READ

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

Researchers expose MalTerminal, an LLM-enabled malware pioneer

 | 

Beware: GitHub repos distributing Atomic Infostealer on macOS

 | 

ESET uncovers Gamaredon–Turla collaboration in Ukraine cyberattacks

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 63

 | 

Security Affairs newsletter Round 542 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

A cyberattack on Collins Aerospace disrupted operations at major European airports

 | 

Fortra addressed a maximum severity flaw in GoAnywhere MFT software

 | 

UK police arrested two teen Scattered Spider members linked to the 2024 attack on Transport for London

 | 

ShadowLeak: Radware Uncovers Zero-Click Attack on ChatGPT

 | 

Pierluigi Paganini

Pierluigi Paganini September 24, 2025
SolarWinds fixed a critical RCE flaw in its Web Help Desk software

SolarWinds fixed a critical flaw in its Web Help Desk software that could allow attackers to execute arbitrary commands on vulnerable systems. SolarWinds has released hot fixes to address a critical flaw, tracked as CVE-2025-26399 (CVSS score: 9.8), affecting its Web Help Desk software. An attacker could exploit the flaw to execute arbitrary commands on susceptible […]

Pierluigi Paganini September 24, 2025
How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

US CISA revealed that threat actors exploited an unpatched vulnerability in GeoServer to breach a U.S. federal civilian agency’s network. Threat actors breached a U.S. federal agency via unpatched GeoServer flaw, tracked as CVE-2024-36401 (CVSS score of 9.8), which is a critical remote code execution (RCE) issue. In mid-July 2024, the U.S. Cybersecurity and Infrastructure […]

Pierluigi Paganini September 24, 2025
Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

Cloudflare blocked a new record-breaking DDoS attack peaking at 22.2 Tbps and 10.6 billion packets per second. Cloudflare announced it has mitigated a new record-breaking distributed denial-of-service (DDoS) attack that peaked at a record-breaking 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps). Cloudflare has not shared other technical details about the […]

Pierluigi Paganini September 23, 2025
U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium flaw, tracked as CVE-2025-10585, to its Known Exploited Vulnerabilities (KEV) catalog. In mid-September, Google released security updates to address four vulnerabilities in the Chrome web browser, including CVE-2025-10585, which […]

Pierluigi Paganini September 23, 2025
US Secret Service dismantled covert communications network near the U.N. in New York

Secret Service seizes a covert communications network near U.N. composed of sophisticated equipment, including 100K SIMs and 300 servers The U.S. Secret Service uncovered a covert communications network near the U.N. in New York, seizing 100,000 SIM cards and 300 servers. The operation, capable of sending 30 million texts per minute, could disable cellular towers […]

Pierluigi Paganini September 23, 2025
A suspected Scattered Spider member suspect detained for casino network attacks

A suspected Scattered Spider member linked to cyber attacks on Las Vegas casinos was arrested on September 17. The Las Vegas Metropolitan Police Department arrested on September 17 a suspected Scattered Spider member linked to attacks on Las Vegas casinos for computer intrusion, extortion, and identity theft. Between August and October 2023, multiple Las Vegas […]

Pierluigi Paganini September 23, 2025
$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

Researchers earned $150K for “L1TF Reloaded,” combining L1TF and half-Spectre to leak VM memory from public clouds despite mitigations. Researchers from Vrije Universiteit Amsterdam earned $150K for exploiting L1TF Reloaded, a flaw combining L1TF (Foreshadow) and half-Spectre. The attack bypasses prior mitigations, showing that transient CPU vulnerabilities remain practical and can leak memory from VMs […]

Pierluigi Paganini September 23, 2025
Canada’s RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

RCMP shuts down TradeOgre, seizing $40M from crime, the first crypto exchange closure and largest asset seizure in Canada’s history. The Royal Canadian Mounted Police shut down the crypto exchange TradeOgre and seized $40M worth of crypto assets. This is the first crypto exchange shut down by the Canadian authorities. “RCMP Federal Policing – Eastern […]

Pierluigi Paganini September 22, 2025
Stellantis probes data breach linked to third-party provider

Stellantis is investigating a data breach after unauthorized access to a third-party provider’s platform potentially exposed customer data. Car maker giant Stellantis announced it is investigating a data breach following unauthorized access to a third-party provider’s platform that supports North American customer service operations. The company did not name the impacted third-party provider. Stellantis N.V. […]

Pierluigi Paganini September 22, 2025
FBI alerts public to spoofed IC3 site used in fraud schemes

The FBI warns that criminals are spoofing the IC3 site to steal personal data and commit fraud targeting cybercrime reporters. The FBI warned that attackers are spoofing the official Crime Complaint Center (IC3) website to steal personal data and commit financial fraud, targeting users who report cybercrimes. The fake websites mimic the real IC3 domain […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

Security / September 24, 2025

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

Hacking / September 24, 2025

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

Security / September 24, 2025

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

Security / September 23, 2025

US Secret Service dismantled covert communications network near the U.N. in New York

Intelligence / September 23, 2025