MUST READ

Singapore CSA warns of maximun severity SmarterMail RCE flaw

 | 

MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs

 | 

Coupang announces $1.17B compensation plan for 33.7M data breach victims

 | 

Mustang Panda deploys ToneShell via signed kernel-mode rootkit driver

 | 

Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems

 | 

U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog

 | 

Romania’s Oltenia Energy Complex suffers major ransomware attack

 | 

Korean Air discloses data breach after the hack of its catering and duty-free supplier

 | 

MongoBleed flaw actively exploited in attacks in the wild

 | 

Evasive Panda cyberespionage campaign uses DNS poisoning to install MgBot backdoor

 | 

Condé Nast faces major data breach: 2.3M WIRED records leaked, 40M more at risk

 | 

Stolen LastPass backups enable crypto theft through 2025

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 77

 | 

Security Affairs newsletter Round 556 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

LangChain core vulnerability allows prompt injection and data exposure

 | 

NPM package with 56,000 downloads compromises WhatsApp accounts

 | 

Trust Wallet warns users to update Chrome extension after $7M security loss

 | 

Pro-Russian group Noname057 claims cyberattack on La Poste services

 | 

Aflac confirms June data breach affecting over 22 million customers

 | 

Spotify cracks down on unlawful scraping of 86 million songs

 | 

Pierluigi Paganini

Pierluigi Paganini March 28, 2020
Hackers target zero-day flaws in enterprise Draytek network devices

Experts from Qihoo 360’s NetLab recently spotted two zero-day campaigns targeting DrayTek enterprise-grade networking devices. Since December 2019, researchers from Qihoo 360 observed two different attack groups that are employing two zero-days exploits to take over DrayTek enterprise routers to eavesdrop on FTP and email traffic inside corporate networks. While Netlab360 has found about ~100,000 devices […]

Pierluigi Paganini March 28, 2020
AMD admits hacker stole source code files related to its GPUs

AMD admitted that a hacker has stolen files related to some of its graphics products, but it downplayed the potential impact of the hack. AMD admitted that a hacker that goes online with the moniker “Palesa” has stolen source code files related to some of its graphics products, but it downplayed the potential impact of […]

Pierluigi Paganini March 27, 2020
Google issued 40,000 alerts of State-Sponsored attacks in 2019

Google announced to have warned users of almost 40,000 alerts of state-sponsored phishing or malware attacks during 2019. Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019. The number of alerts decreased by 25% […]

Pierluigi Paganini March 27, 2020
Ryuk Ransomware operators continue to target hospitals during COVID19 outbreak

Operators behind the Ryuk Ransomware continue to target hospitals even as these organizations are involved in the fight against the Coronavirus pandemic. The threat actors behind the infamous Ryuk Ransomware continue to target hospitals, even as they are involved in containing the Coronavirus outbreak. The decision of the operators is not aligned with principal ransomware […]

Pierluigi Paganini March 26, 2020
Operation Poisoned News: Hong Kong iOS users targeted with watering hole attacks

Operation Poisoned News – Experts observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to spy on them. Security experts at Trend Micro have observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor tracked as lightSpy. […]

Pierluigi Paganini March 26, 2020
Stealing videos from VLC

An unauthenticated insecure direct object reference (IDOR) issue in VLC for iOS could allow a local attacker to steal media from the storage. VLC for iOS was vulnerable to an unauthenticated insecure direct object reference (IDOR) which could allow a local attacker to steal media from the storage by just navigating to the source URL/IP. […]

Pierluigi Paganini March 26, 2020
Hackers hijack D-Link and Linksys routers to point users to coronavirus-themed sites serving malware

The number of Coronavirus-themed attacks continues to increase, crooks hijack D-Link and Linksys routers to redirect users to sites spreading COVID19-themed malware. Crooks continue to launch Coronavirus-themed attacks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware. Hackers compromiseD-Link and Linksys routers and change DNS settings to redirect […]

Pierluigi Paganini March 26, 2020
FBI shuts down the Russian-based hacker platform DEER.IO

The FBI shuts down Deer.io, a Russian-based online platform that has been hosting hundreds of online shops where illegal products and services were being sold, The Department of Justice announced on Tuesday, that the Federal Bureau of Investigation has recently taken down the Russian-based online platform DEER.IO that is hosting various cybercrime products and services […]

Pierluigi Paganini March 26, 2020
WordPress WP-VCD malware delivered via pirated Coronavirus plugins

Crooks behind the WordPress WP-VCD malware are distributing pirated versions of the Coronavirus plugins that inject a backdoor into websites. behind the WordPress WP-VCD malware are distributing pirated versions of the Coronavirus plugins that inject a backdoor into websites The malware was first spotted in July 2017 by the Italian security expert Manuel D’Orso who noticed that the malicious code was […]

Pierluigi Paganini March 25, 2020
China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

The China-linked group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and ManageEngine in a campaign on a global scale. The China-linked cyberespionage group tracked as APT41 exploited vulnerabilities in Citrix, Cisco, and Zoho ManageEngine in a campaign on a global scale. The campaign was uncovered by FireEye, threat actor targeted many organizations worldwide the […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Singapore CSA warns of maximun severity SmarterMail RCE flaw

Security / December 31, 2025

MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs

Hacking / December 31, 2025

Coupang announces $1.17B compensation plan for 33.7M data breach victims

Security / December 30, 2025

Mustang Panda deploys ToneShell via signed kernel-mode rootkit driver

Security / December 30, 2025

Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems

Malware / December 30, 2025