MUST READ

Five-year-old Fortinet FortiOS SSL VPN vulnerability actively exploited

 | 

High-severity MongoDB flaw CVE-2025-14847 could lead to server takeover

 | 

FBI seized ‘web3adspanels.org’ hosting stolen logins

 | 

U.S. Federal Communications Commission (FCC) bans foreign-made drones over national security concerns

 | 

Italian regulator rules Apple’s ATT feature limits competition

 | 

La Poste outage after a cyber attack disrupts digital banking and online services

 | 

Red Hat GitLab breach exposes data of 21,000 Nissan customers

 | 

Critical n8n flaw could enable arbitrary code execution

 | 

Why Third-Party Access Remains the Weak Link in Supply Chain Security

 | 

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

 | 

Romanian Waters confirms cyberattack, critical water operations unaffected

 | 

Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.

 | 

Infy Returns: Iran-linked hacking group shows renewed activity

 | 

University of Sydney discloses a data breach impacting 27,000 people

 | 

Waymo suspends service after power outage hit San Francisco

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76

 | 

Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ATM Jackpotting ring busted: 54 indicted by DoJ

 | 

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

 | 

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

 | 

Pierluigi Paganini

Pierluigi Paganini February 09, 2022
Master decryption keys for Maze, Egregor, and Sekhmet ransomware leaked online

The master decryption keys for the Maze, Egregor, and Sekhmet ransomware operations were released last night on the BleepingComputer forums. The master decryption keys for the Maze, Egregor, and Sekhmet ransomware families were released on the BleepingComputer forums by the alleged malware developer. The Maze group was considered one of the most prominent ransomware operations […]

Pierluigi Paganini February 09, 2022
Microsoft February 2022 Patch Tuesday security updates fix a zero-day

Microsoft February 2022 Patch Tuesday security updates addressed 51 flaws in multiple products, including a zero-day bug. Microsoft February 2022 Patch Tuesday security updates addressed 51 flaws in multiple products including Microsoft Windows and Windows Components, Azure Data Explorer, Kestrel Web Server, Microsoft Edge (Chromium-based), Windows Codecs Library, Microsoft Dynamics, Microsoft Dynamics GP, Microsoft Office […]

Pierluigi Paganini February 08, 2022
US seizes $3.6 billion worth of cryptocurrency stolen in 2016 Bitfinex hack

The law enforcement seized $3.6 billion worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack. Ilya Lichtenstein (34) and his wife, Heather Morgan (31), were arrested for alleged conspiracy to launder $4.5 Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex. Law enforcement also seized over $3.6 billion in cryptocurrency linked to […]

Pierluigi Paganini February 08, 2022
Vodafone Portugal hit by a massive cyberattack

A cyberattack hit Vodafone Portugal causing severe outages in the country of its communication and television services. Vodafone Portugal suffered a major cyberattack that caused service outages in the country, media reported the temporary disruption of 4G/5G communications and television services. “Vodafone was the target of a network disruption that began on the night of […]

Pierluigi Paganini February 08, 2022
Data of +6K Puma employees stolen in December Kronos Ransomware attack

Data belonging to 6,632 Puma employees was stolen in a December 2021 ransomware attack that hit Ultimate Kronos Group (UKG). Data of 6,632 Puma employees was stolen in a ransomware attack that hit HR management platform Ultimate Kronos Group (UKG) in December. Potentially exposed data includes names, Social Security numbers, and other personal information. The […]

Pierluigi Paganini February 08, 2022
Russian police arrested six people involved in the theft and selling of stolen credit cards

Russian police arrested six people individuals, allegedly members of a crime ring involved in the theft and selling of stolen credit cards. Another success of Russian police that arrested six people allegedly members of a crime gang involved in the theft and selling of stolen credit cards. The arrests were ordered by the Ministry of […]

Pierluigi Paganini February 08, 2022
Roaming Mantis SMSishing campaign now targets Europe

The Roaming Mantis SMS phishing campaign is now targeting Android and iPhone users in Europe with malicious apps and phishing pages. Roaming Mantis surfaced in March 2018 when hacked routers in Japan redirecting users to compromised websites. Roaming Mantis is a credential theft and malware campaign that leverages smishing to distribute malicious Android apps in the format of […]

Pierluigi Paganini February 07, 2022
Avast released a free decryptor for TargetCompany ransomware

Cybersecurity firm Avast has released a decryption tool to allow victims of TargetCompany ransomware to recover their files for free. Czech cybersecurity software firm Avast has released a decryption tool that could allow victims of the TargetCompany ransomware to recover their files for free under certain circumstances. The experts warn that the decryptor consumes most of the […]

Pierluigi Paganini February 07, 2022
Microsoft disables the ms-appinstaller protocol because it was abused to spread malware

Microsoft temporarily disabled the ms-appinstaller protocol for MSIX because it was abused by malware, such as Emotet. Microsoft announced to have temporarily disabled the ms-appinstaller protocol for MSIX because it was abused by malware, such as Emotet. In December, Microsoft addressed a vulnerability, tracked as CVE-2021-43890, in AppX installer that affects Microsoft Windows which is under active exploitation. “We have […]

Pierluigi Paganini February 07, 2022
US Telecom providers requested $5.6B to replace Chinese equipment

The Federal Communications Commission (FCC) says that small telecom providers have requested $5.6 billion to replace Chinese gear. The U.S. government has requested telecom providers to replace Chinese equipment in their networks due to security issues and allocated $1.9 billion to support the companies in the transaction. The Federal Communications Commission (FCC) said that the […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Five-year-old Fortinet FortiOS SSL VPN vulnerability actively exploited

Security / December 25, 2025

High-severity MongoDB flaw CVE-2025-14847 could lead to server takeover

Security / December 25, 2025

FBI seized ‘web3adspanels.org’ hosting stolen logins

Cyber Crime / December 24, 2025

U.S. Federal Communications Commission (FCC) bans foreign-made drones over national security concerns

Laws and regulations / December 24, 2025

Italian regulator rules Apple’s ATT feature limits competition

Laws and regulations / December 24, 2025