MUST READ

Red Hat GitLab breach exposes data of 21,000 Nissan customers

 | 

Critical n8n flaw could enable arbitrary code execution

 | 

Why Third-Party Access Remains the Weak Link in Supply Chain Security

 | 

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

 | 

Romanian Waters confirms cyberattack, critical water operations unaffected

 | 

Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.

 | 

Infy Returns: Iran-linked hacking group shows renewed activity

 | 

University of Sydney discloses a data breach impacting 27,000 people

 | 

Waymo suspends service after power outage hit San Francisco

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76

 | 

Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ATM Jackpotting ring busted: 54 indicted by DoJ

 | 

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

 | 

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

 | 

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

Pierluigi Paganini

Pierluigi Paganini August 29, 2019
Expert releases Metasploit modules for Cisco UCS flaws

An expert published technical details of recently disclosed Cisco Unified Computing System (UCS) flaws that can be exploited to take complete control of vulnerable systems. Security researcher Pedro Ribeiro, aka “bashis,” has released the details of three the recently addressed vulnerabilities in the Cisco Unified Computing System (UCS) products along with Metasploit modules for their exploitation. […]

Pierluigi Paganini August 28, 2019
Magecart hackers compromise another 80 eCommerce sites

Security experts at Aite Group and Arxan Technologies have discovered that hackers under the Magecart umbrella have compromised 80 more eCommerce sites. Security experts at Aite Group and Arxan Technologies have discovered that Magecart hackers continue to target online stores to steal credit card data, in recent operations, they have compromised 80 more eCommerce sites. […]

Pierluigi Paganini August 28, 2019
French Police remotely disinfected 850,000 PCs from RETADUP bot

The French police force, National Gendarmerie, announced to have neutralized the Retadup malware on over 850,000 computers taking over its C2 server. The French police force, National Gendarmerie, announced the successful takedown of a huge RETADUP botnet after it has taken the control of its command and control (C2) server. The operation allowed the France law enforcement […]

Pierluigi Paganini August 27, 2019
Imperva data Breach: WAF customers’ data exposed

Security firm Imperva revealed it has suffered a data breach that affecting some customers of its Cloud Web Application Firewall (WAF) product. Cybersecurity firm Imperva disclosed a data breach that has exposed sensitive information for some customers of its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula. Incapsula, is a CDN service designed […]

Pierluigi Paganini August 27, 2019
Kaspersky found malware in popular CamScanner app. Remove it now from your phone!

Security experts from Kaspersky spotted a malware in the free version of the popular PDF creator application CamScanner app. CamScanner is a very popular Phone PDF creator app with more than 100 million downloads on Google Play Store. Experts from Kaspersky have discovered malware in the free Android version of the CamScanner app that could […]

Pierluigi Paganini August 27, 2019
Lyceum APT made the headlines with attacks in Middle East

A recently reported APT group dubbed Lyceum group targets Oil and Gas organizations in the Middle East with simple techniques. The activity of the Lyceum APT group was first documented earlier in August by researchers at ICS security firm Dragos that tracked it as Hexane. Security experts at Dragos Inc. reported that Hexane is targeting organizations […]

Pierluigi Paganini August 27, 2019
Code Execution and DoS flaw addressed in QEMU

The open-source emulator QEMU is affected by a flaw that could be exploited to trigger a (DoS) condition or gain arbitrary code execution. QEMU (short for Quick Emulator) is a free and open-source emulator that performs hardware virtualization. It emulates the machine’s processor through dynamic binary translation and provides a set of different hardware and device models for the machine, enabling it to run a […]

Pierluigi Paganini August 27, 2019
Experts uncovered an advanced phishing campaign delivering the Quasar RAT

Researchers at Cofense uncovered an advanced phishing campaign delivering Quasar RAT via fake resumes. Experts at security firm Cofense observed an advanced phishing campaign delivering Quasar RAT via fake resumes. The use of multiple anti-analysis methods to camouflage the attack vectors is the main characteristic of this campaign. Quasar RAT is available as an open-source […]

Pierluigi Paganini August 27, 2019
White hat hacker demonstrated how to hack a million Instagram accounts

A researcher was awarded $10,000 by Facebook for the discovery of a critical vulnerability that could have been exploited to hack Instagram accounts. The white-hat hacker Laxman Muthiyah has discovered a critical vulnerability that could have been exploited to hack Instagram accounts. The process affected Instagram’s password recovery process for mobile devices that leverages on […]

Pierluigi Paganini August 26, 2019
Apple released an emergency patch to address CVE-2019-8605 iOS flaw

Apple has released an emergency patch in iOS 12.4.1 that addresses the CVE-2019-8605 use-after-free vulnerability that allowed iPhone jailbreak. Recently, Apple accidentally unpatched a vulnerability it had already fixed, making current versions of iOS vulnerable to hackers and allowing the jailbreak of the devices. Experts discovered that the iOS version 12.4 released in June has reintroduced a security […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Red Hat GitLab breach exposes data of 21,000 Nissan customers

Data Breach / December 23, 2025

Critical n8n flaw could enable arbitrary code execution

Hacking / December 23, 2025

Why Third-Party Access Remains the Weak Link in Supply Chain Security

Security / December 23, 2025

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

Security / December 23, 2025

Romanian Waters confirms cyberattack, critical water operations unaffected

Cyber Crime / December 22, 2025