MUST READ

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

 | 

French Interior Minister says hackers breached its email servers

 | 

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

 | 

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

 | 

CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75

 | 

Security Affairs newsletter Round 554 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Experts found an unsecured 16TB database containing 4.3B professional records

 | 

Germany calls in Russian Ambassador over air traffic control hack claims

 | 

U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog

 | 

Emergency fixes deployed by Google and Apple after targeted attacks

 | 

Notepad++ fixed updater bugs that allowed malicious update hijacking

 | 

Elastic detects stealthy NANOREMOTE malware using Google Drive as C2

 | 

U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Gogs zero-day under attack, 700 servers hacked

 | 

GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

 | 

Google fixed a new actively exploited Chrome zero-day

 | 

Pro-Russia Hacktivist Support: Ukrainian Faces US Charges

 | 

Fortinet fixed two critical authentication-bypass vulnerabilities

 | 

Pierluigi Paganini

Pierluigi Paganini October 30, 2022
Security Affairs newsletter Round 391

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Twilio discloses another security incident that took place in June A massive cyberattack hit Slovak and […]

Pierluigi Paganini October 29, 2022
Twilio discloses another security incident that took place in June

Twilio suffered another brief security incident in June 2022, the attack was conducted by the same threat actor of the August hack. The Communications company Twilio announced that it suffered another “brief security incident” on June 29, 2022, the attack was conducted by the same threat actor that in August compromised the company and gained access to […]

Pierluigi Paganini October 29, 2022
A massive cyberattack hit Slovak and Polish Parliaments

The Slovak and Polish parliaments were hit by a massive cyber attack, and the voting system in Slovakia’s legislature was brought down. A massive cyber attack hit the Slovak and Polish parliaments, reported the authorities. The cyber attack brought down the voting system in Slovakia’s legislature. “The attack was multi-directional, including from inside the Russian […]

Pierluigi Paganini October 29, 2022
How will Twitter change under Elon Musk?

Cybhorus CEO Pierluigi Paganini talks to TRT World about Elon Musk completing his $44 billion deal to buy Twitter and what changes he will make to the social media platform. Of course, the first impact will be on the leadership, Elon Musk was critical in the past with Agrawal’s leadership. Musk will also take action […]

Pierluigi Paganini October 28, 2022
Multiple vulnerabilities affect the Juniper Junos OS

Juniper Networks devices are affected by multiple high-severity issues, including code execution vulnerabilities. Multiple high-severity security vulnerabilities have been discovered in Juniper Networks devices. “Multiple vulnerabilities have been found in the J-Web component of Juniper Networks Junos OS. One or more of these issues could lead to unauthorized local file access, cross-site scripting attacks, path […]

Pierluigi Paganini October 28, 2022
Google fixes a new actively exploited Chrome zero-day, it is the seventh one this year

Google Thursday released an emergency patch for Chrome 107 to address the actively exploited zero-day vulnerability CVE-2022-3723. Google released an emergency update for the Chrome 107 to address an actively exploited zero-day vulnerability tracked as CVE-2022-3723. The CVE-2022-3723 flaw is a type confusion issue that resides in the Chrome V8 Javascript engine. The flaw has been reported […]

Pierluigi Paganini October 28, 2022
Apple backports fixes for CVE-2022-42827 zero-day to older iPhones, iPads

Apple released updates to backport the recently released security patches for CVE-2022-42827 zero-day to older iPhones and iPads. Apple has released new security updates to backport security patches released this week to address actively exploited CVE-2022-42827 in older iPhones and iPads, addressing an actively exploited zero-day bug. Early this week, Apple addressed the ninth zero-day […]

Pierluigi Paganini October 28, 2022
New York Post hacked? No, the culprit is an employee

Threat actors hacked the website and Twitter account of the New York Post and published offensive messages against US politicians. New York Post confirmed that it was hacked, its website and Twitter account were used by the attackers to publish offensive messages targeting US politicians and a call for the assassination of US President Joe […]

Pierluigi Paganini October 27, 2022
Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. Microsoft has discovered recent activity that links the Raspberry Robin worm to human-operated ransomware attacks.  Data collected by Microsoft Defender for Endpoint shows that nearly 3,000 devices in almost 1,000 organizations have seen at least one RaspberryRobin […]

Pierluigi Paganini October 27, 2022
Thomson Reuters collected and leaked at least 3TB of sensitive data

The multinational media conglomerate Thomson Reuters left a database with sensitive customer and corporate data exposed online Original post at https://cybernews.com/security/thomson-reuters-leaked-terabytes-sensitive-data/ Thomson Reuters, a multinational media conglomerate, left an open database with sensitive customer and corporate data, including third-party server passwords in plaintext format. Attackers could use the details for a supply-chain attack. The Cybernews […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

Data Breach / December 16, 2025

French Interior Minister says hackers breached its email servers

Hacking / December 16, 2025

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

Hacking / December 15, 2025

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

Security / December 15, 2025

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

Data Breach / December 15, 2025