MUST READ

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

 | 

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

 | 

CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75

 | 

Security Affairs newsletter Round 554 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Experts found an unsecured 16TB database containing 4.3B professional records

 | 

Germany calls in Russian Ambassador over air traffic control hack claims

 | 

U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog

 | 

Emergency fixes deployed by Google and Apple after targeted attacks

 | 

Notepad++ fixed updater bugs that allowed malicious update hijacking

 | 

Elastic detects stealthy NANOREMOTE malware using Google Drive as C2

 | 

U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Gogs zero-day under attack, 700 servers hacked

 | 

GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

 | 

Google fixed a new actively exploited Chrome zero-day

 | 

Pro-Russia Hacktivist Support: Ukrainian Faces US Charges

 | 

Fortinet fixed two critical authentication-bypass vulnerabilities

 | 

New EtherRAT backdoor surfaces in React2Shell attacks tied to North Korea

 | 

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

 | 

Pierluigi Paganini

Pierluigi Paganini November 01, 2022
Ransomware activity and network access sales in Q3 2022

Ransomware activity report: Threat actors are selling access to hundreds of organizations, with a cumulative requested price of around $4M. Research published by threat intelligence firm KELA related to ransomware activity in Q3 reveals a stable activity in the sector of initial access sales, but experts observed a rise in the value of the offerings. […]

Pierluigi Paganini November 01, 2022
Samsung Galaxy Store flaw could have allowed installing malicious apps on target devices

A security flaw in the Galaxy Store app for Samsung devices could have potentially allowed remote command execution on affected phones. A now-patched vulnerability in the Galaxy Store app for Samsung devices could have potentially triggered remote command execution on affected phones. The flaw is a cross-site scripting (XSS) bug that can be triggered when […]

Pierluigi Paganini October 31, 2022
Snatch group claims to have hacked military provider HENSOLDT France

The Snatch ransomware group claims to have hacked HENSOLDT France, a company specializing in military and defense electronics. The Snatch ransomware group claims to have hacked the French company HENSOLDT France. HENSOLDT is a company specializing in military and defense electronics. HENSOLDT France offers a wide range of critical electronics solutions, products and services for the aeronautical, defence, energy and transport sectors, […]

Pierluigi Paganini October 31, 2022
GitHub flaw could have allowed attackers to takeover repositories of other users

A critical flaw in the cloud-based repository hosting service GitHub could’ve allowed attackers to takeover other repositories. The cloud-based repository hosting service GitHub has addressed a vulnerability that could have been exploited by threat actors to takeover the repositories of other users. The vulnerability was discovered by Checkmarx that called the attack technique RepoJacking. The […]

Pierluigi Paganini October 31, 2022
Malicious dropper apps on Play Store totaled 30.000+ installations

ThreatFabric researchers discovered five malicious dropper apps on Google Play Store with more than 130,000 downloads. Researchers at ThreatFabric have discovered five malicious dropper apps on the official Google Play Store. The malicious dropper apps are designed to deliver banking trojans, such as SharkBot and Vultur, that already totaled over 130,000 installations. “Droppers on Google Play went […]

Pierluigi Paganini October 30, 2022
Former British Prime Minister Liz Truss ‘s phone was allegedly hacked by Russian spies

According to the Daily Mail, Former British Prime Minister Liz Truss ‘s personal phone was hacked by Russian spies. The personal mobile phone of British Prime Minister Liz Truss was hacked by cyber spies suspected of working for the Kremlin, the Daily Mail reported. According to the British tabloid, the cyber-spies are believed to have […]

Pierluigi Paganini October 30, 2022
BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. Asahi Group Holdings, Ltd. is a precision metal manufacturing and metal solution provider, for more than 40 years, the company has been delivering end-to-end services in the industries of precision metals and thin-film coatings with different teams […]

Pierluigi Paganini October 30, 2022
Air New Zealand warns of an ongoing credential stuffing attack

Air New Zealand suffered a security breach, multiple customers have been locked out of their accounts after the incident. Air New Zealand suffered a security breach, threat actors attempted to access customers’ accounts by carrying out credential-stuffing attacks. What is credential stuffing? “Credential stuffing is a type of attack in which hackers use automation and lists […]

Pierluigi Paganini October 30, 2022
Security Affairs newsletter Round 391

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Twilio discloses another security incident that took place in June A massive cyberattack hit Slovak and […]

Pierluigi Paganini October 29, 2022
Twilio discloses another security incident that took place in June

Twilio suffered another brief security incident in June 2022, the attack was conducted by the same threat actor of the August hack. The Communications company Twilio announced that it suffered another “brief security incident” on June 29, 2022, the attack was conducted by the same threat actor that in August compromised the company and gained access to […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

Hacking / December 15, 2025

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

Security / December 15, 2025

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

Data Breach / December 15, 2025

CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use

Hacking / December 15, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75

Malware / December 14, 2025