MUST READ

A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations

 | 

Hackers are exploiting critical Fortinet flaws days after patch release

 | 

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

 | 

French Interior Minister says hackers breached its email servers

 | 

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

 | 

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

 | 

CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75

 | 

Security Affairs newsletter Round 554 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Experts found an unsecured 16TB database containing 4.3B professional records

 | 

Germany calls in Russian Ambassador over air traffic control hack claims

 | 

U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog

 | 

Emergency fixes deployed by Google and Apple after targeted attacks

 | 

Notepad++ fixed updater bugs that allowed malicious update hijacking

 | 

Elastic detects stealthy NANOREMOTE malware using Google Drive as C2

 | 

U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Gogs zero-day under attack, 700 servers hacked

 | 

GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

 | 

Google fixed a new actively exploited Chrome zero-day

 | 

Security Affairs

Pierluigi Paganini September 12, 2022
Google announced the completion of the acquisition of Mandiant for $5.4 billion

Google completed the acquisition of the threat intelligence firm Mandiant, the IT giant will pay $5.4 billion. Google announced the completion of the $5.4 billion acquisition of threat intelligence firm Mandiant. The acquisition was announced in March 2022 by both companies: “RESTON, Va., March 8, 2022 – Mandiant, Inc. (NASDAQ: MNDT) today announced that it has entered into […]

Pierluigi Paganini September 12, 2022
Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems

Cisco confirmed the May attack and that the data leaked by the Yanluowang ransomware group was stolen from its systems. In August, Cisco disclosed a security breach, the Yanluowang ransomware gang breached its corporate network in late May and stole internal data. The investigation conducted by Cisco Security Incident Response (CSIRT) and Cisco Talos revealed […]

Pierluigi Paganini September 12, 2022
Some firmware bugs in HP business devices are yet to be fixed

Six high-severity firmware bugs affecting several HP Enterprise devices are yet to be patched, some of them since July 2021. The Binarly security research team reported several HP Enterprise devices are affected by six high-severity firmware vulnerabilities that are yet to be patched, and some of them have been disclosed more than a year ago. […]

Pierluigi Paganini September 11, 2022
Albania was hit by a new cyberattack and blames Iran

Albania blamed Iran for a new cyberattack that hit computer systems used by the state police on Friday. Albania blamed the government of Teheran for a new cyberattack that hit computer systems used by the state police on Saturday. “The national police’s computer systems were hit Friday by a cyberattack which, according to initial information, […]

Pierluigi Paganini September 11, 2022
Security Affairs newsletter Round 383

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. IHG suffered a cyberattack that severely impacted its booking process China-Linked BRONZE PRESIDENT APT targets Government […]

Pierluigi Paganini September 11, 2022
Iran-linked APT42 is behind over 30 espionage attacks

Iran-linked APT42 (formerly UNC788) is suspected to be the actor behind over 30 cyber espionage attacks against activists and dissidents. Experts attribute over 30 cyber espionage attacks against activists and dissidents to the Iran-linked APT42 (formerly UNC788). The campaigns have been conducted since 2015 and are aimed at conducting information collection and surveillance operations against […]

Pierluigi Paganini September 10, 2022
China-Linked BRONZE PRESIDENT APT targets Government officials worldwide

China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. Secureworks researchers reported that China-linked APT group BRONZE PRESIDENT conducted a new campaign aimed at government officials in Europe, the Middle East, and South America with the PlugX malware. Attacks part of this campaign were spotted […]

Pierluigi Paganini September 10, 2022
Scammers live-streamed on YouTube a fake Apple crypto event

Scammers live-streamed on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it. Cybercriminals were live-streaming on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens of thousands of users viewed it. The interview […]

Pierluigi Paganini September 09, 2022
US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack

The U.S. Treasury Department sanctioned Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the Albania cyberattack. The U.S. Treasury Department announced sanctions against Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the cyber attack that hit Albania in July. MOIS is the primary intelligence […]

Pierluigi Paganini September 09, 2022
Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices

Iran-linked APT group DEV-0270 (aka Nemesis Kitten) is abusing the BitLocker Windows feature to encrypt victims’ devices. Microsoft Security Threat Intelligence researchers reported that Iran-linked APT group DEV-0270 (Nemesis Kitten) has been abusing the BitLocker Windows feature to encrypt victims’ devices. The researchers tracked multiple ransomware attacks conducted by the DEV-0270 group, which is a […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations

Security / December 16, 2025

Hackers are exploiting critical Fortinet flaws days after patch release

Security / December 16, 2025

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

Data Breach / December 16, 2025

French Interior Minister says hackers breached its email servers

Hacking / December 16, 2025

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

Hacking / December 15, 2025