MUST READ

Attackers stole member data from French Soccer Federation

 | 

Thousands of sensitive secrets published on JSONFormatter and CodeBeautify

 | 

New Mirai variant ShadowV2 tests IoT exploits amid AWS disruption

 | 

Asahi says crooks stole data of approximately 2M customers and employees

 | 

OpenAI data may have been exposed after a cyberattack on analytics firm Mixpanel

 | 

New ASUS firmware patches critical AiCloud vulnerability

 | 

For the first time, a RomCom payload has been observed being distributed via SocGholish

 | 

Multiple London councils faced a cyberattack

 | 

Emergency alerts go dark after cyberattack on OnSolve CodeRED

 | 

Dissecting a new malspam chain delivering Purelogs infostealer

 | 

FBI: bank impersonators fuel $262M surge in account takeover fraud

 | 

Morphisec warns StealC V2 malware spread through weaponized blender files

 | 

CISA: Spyware and RATs used to target WhatsApp and Signal Users

 | 

Harvard reports vishing breach exposing alumni and donor contact data

 | 

Delta Dental of Virginia data breach impacts 145,918 customers

 | 

Attackers deliver ShadowPad via newly patched WSUS RCE bug

 | 

AI attack agents are accelerators, not autonomous weapons: the Anthropic attack

 | 

Scattered Spider alleged members deny TfL charges

 | 

Iberia discloses security incident tied to supplier breach

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 72

 | 

ransomware

Pierluigi Paganini May 11, 2020
Sodinokibi ransomware uses MS API to encrypt open and locked files

Researchers warn of a new feature implemented in the Sodinokibi ransomware, the threat can now encrypt open and locked files. The Sodinokibi ransomware (REvil) continues to evolve, operators implemented a new feature that allows the malware to encrypt victim’s files, even if they are opened and locked by another process. Many applications lock files to prevent […]

Pierluigi Paganini May 07, 2020
Snake Ransomware hits Europe’s largest private hospital operator Fresenius during COVID-19 outbreak

Snake Ransomware operators launched a new campaign that has infected numerous companies worldwide including an health care organization. The operators behind the Snake Ransomware have launched a new campaign that targeted companies worldwide and that infected at least one organization in the healthcare industry over the last few days. In January experts observed a new […]

Pierluigi Paganini April 24, 2020
SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

The popular SeaChange video platform is the latest victim of the Sodinokibi Ransomware gang, which is threatening to leak the stolen data. SeaChange International, the multinational supplier of video delivery software solutions, was the victim of the Sodinokibi Ransomware gang. The crew has published images of the data they claim to have stolen before encrypting the […]

Pierluigi Paganini April 22, 2020
DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

The City of Torrance of the Los Angeles metropolitan area, California, is the last victim of the DoppelPaymer Ransomware, hackers also stole its data. On Sunday, the computer systems in the city of Torrance suffered a cyber attack that interrupted access to email accounts and server functions. The City of Torrance is located in the […]

Pierluigi Paganini April 19, 2020
Are Maze operators behind the attack on the IT services giant Cognizant?

IT services giant Cognizant suffered a ransomware attack on Friday, according to BleepingComputer company was hit by the Maze Ransomware crew. Information technologies services giant Cognizant is the last victim of a ransomware attack, according to BleepingComputer the attack was launched by the Maze Ransomware gang. Cognizant is an American multinational corporation that provides IT services, it is […]

Pierluigi Paganini April 14, 2020
Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Experts from Paloalto Unit 42 published a report that analyzes the cross-section between the various types of Coronavirus-themed attacks aimed at organizations in different industries. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that […]

Pierluigi Paganini April 10, 2020
DoppelPaymer crew leaked internal confidential documents belonging to aerospace companies

DoppelPaymer hackers leaked online internal confidential documents belonging to some of the largest aerospace companies in the world. The gang behind the DoppelPaymer ransomware has stolen internal confidential documents belonging to some of the largest aerospace companies in the world from the industrial contractor Visser Precision. Visser Precision is a parts maker for many companies […]

Pierluigi Paganini April 09, 2020
Travelex paid $2.3 Million ransom to restore after a ransomware attack

Travelex reportedly paid a $2.3 million ransom to decrypt its files after being encrypted by the infamous Sodinokibi ransomware. The UK-based currency exchange Travelex currency exchange has been forced offline following a malware attack launched on New Year’s Eve.  The London-based company, which operates more than 1,500 stores globally, suffered the attack on December 31, 2019, […]

Pierluigi Paganini April 08, 2020
Maze ransomware gang discloses data from drug testing firm HMR

The drug testing firm Hammersmith Medicines Research LTD (HMR), which performs live trials of Coronavirus vaccines, discloses a data breach. Hammersmith Medicines Research LTD (HMR), a London-based company that carries out clinical trials for new medicines and that is on standby to perform live trials of Coronavirus vaccines, has suffered a data breach. On March 21, the […]

Pierluigi Paganini April 07, 2020
Interpol warns that crooks are increasingly targeting hospitals

While the Coronavirus outbreak is threatening the world, the INTERPOL warns that crooks are increasingly targeting hospitals with ransomware. The INTERPOL (International Criminal Police Organisation) is warning of ransomware attacks against hospitals despite the currently ongoing Coronavirus outbreak. Attackers are targeting organizations in the healthcare industry via malspam campaigns using malicious attachments. The attachments used […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Attackers stole member data from French Soccer Federation

Data Breach / November 28, 2025

Thousands of sensitive secrets published on JSONFormatter and CodeBeautify

Security / November 28, 2025

New Mirai variant ShadowV2 tests IoT exploits amid AWS disruption

Malware / November 28, 2025

Asahi says crooks stole data of approximately 2M customers and employees

Data Breach / November 27, 2025

OpenAI data may have been exposed after a cyberattack on analytics firm Mixpanel

Data Breach / November 27, 2025