MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75

 | 

Security Affairs newsletter Round 554 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Experts found an unsecured 16TB database containing 4.3B professional records

 | 

Germany calls in Russian Ambassador over air traffic control hack claims

 | 

U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog

 | 

Emergency fixes deployed by Google and Apple after targeted attacks

 | 

Notepad++ fixed updater bugs that allowed malicious update hijacking

 | 

Elastic detects stealthy NANOREMOTE malware using Google Drive as C2

 | 

U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Gogs zero-day under attack, 700 servers hacked

 | 

GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

 | 

Google fixed a new actively exploited Chrome zero-day

 | 

Pro-Russia Hacktivist Support: Ukrainian Faces US Charges

 | 

Fortinet fixed two critical authentication-bypass vulnerabilities

 | 

New EtherRAT backdoor surfaces in React2Shell attacks tied to North Korea

 | 

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day

 | 

Ivanti warns customers of new EPM flaw enabling remote code execution

 | 

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

 | 

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

 | 

Security Affairs

Pierluigi Paganini July 12, 2022
The President of European Central Bank Christine Lagarde targeted by hackers

Christine Lagarde, the president of the European Central Bank, was the target of a failed hacking attempt. The European Central Bank confirmed that its President, Christine Lagarde, was the target of a failed hacking attempt. The European Central Bank revealed that the hacking attempt took place recently, but the good news it that its experts […]

Pierluigi Paganini July 12, 2022
Flaws in the ExpressLRS Protocol allow the takeover of drones

The protocol for radio-controlled (RC) drones, named ExpressLRS, is affected by vulnerabilities that can allow device takeover. Researchers warn of vulnerabilities that affect the protocol for radio-controlled (RC) drones, named ExpressLRS, which can be exploited to take over unmanned vehicles. ExpressLRS is a high-performance open-source radio control link that provides a low latency radio control […]

Pierluigi Paganini July 12, 2022
Microsoft announced the general availability of Windows Autopatch feature

Microsoft announced the general availability of a feature called Autopatch that automatically updates Windows and Office software. Microsoft announced the general availability of a service called Autopatch that automates the process of managing and rolling out updates to Windows and Office software. The feature is available for Windows Enterprise E3 and E5 licenses, but Windows Education (A3) or Windows […]

Pierluigi Paganini July 12, 2022
Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Researchers investigated cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs. Researchers from Trend Micro published a report that details cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs and the threat actors behind them. Threat actors are attempting to compromise a large number of cloud-based systems to mine cryptocurrency with a significant […]

Pierluigi Paganini July 11, 2022
A fake job offer via LinkedIn allowed to steal $540M from Axie Infinity

Threat actors used a fake job offer on LinkedIn to target an employee at Axie Infinity that resulted in the theft of $540 Million. In March, threat actors stole almost $625 million in Ethereum and USDC (a U.S. dollar pegged stablecoin) tokens from Axie Infinity’s Ronin network bridge. The attack took place on March 23rd, but […]

Pierluigi Paganini July 11, 2022
Anubis Networks is back with new C2 server

A large-scale phishing campaign leveraging the Anubis Network is targeting Brazil and Portugal since March 2022. A large-scale phishing campaign is targeting Internet-end users in Brazil and Portugal since March 2022. Anubis Network is a C2 portal developed to control fake portals and aims to steal credentials to fully access the real systems. This C2 […]

Pierluigi Paganini July 11, 2022
BlackCat (aka ALPHV) Ransomware is Increasing Stakes up to $2,5M in Demands

BlackCat (aka ALPHV) Ransomware gang introduced an advanced search by stolen victim’s passwords, and confidential documents. The notorious cybercriminal syndicate BlackCat competes with Conti and Lockbit 3.0. They introduced an advanced search by stolen victim’s passwords, and confidential documents leaked in the TOR network Resecurity (USA), a Los Angeles-based cybersecurity company protecting Fortune 500 companies, […]

Pierluigi Paganini July 10, 2022
Experts demonstrate how to unlock several Honda models via Rolling-PWN attack

Bad news for the owners of several Honda models, the Rolling-PWN Attack vulnerability can allow unlocking their vehicles. A team of security Researchers Kevin2600 and Wesley Li from Star-V Lab independently discovered a flaw in Honda models, named the Rolling-PWN Attack vulnerability (CVE-2021-46145), that can allow unlocking their vehicles- A remote keyless entry system (RKE) […]

Pierluigi Paganini July 10, 2022
French telephone operator La Poste Mobile suffered a ransomware attack

French virtual mobile telephone operator La Poste Mobile was hit by a ransomware attack that impacted administrative and management services.  The ransomware attack hit the virtual mobile telephone operator La Poste Mobile on July 4 and paralyzed administrative and management services.  The company pointed out that threat actors may have accessed data of its customers, […]

Pierluigi Paganini July 10, 2022
Security Affairs newsletter Round 373 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. Apple Lockdown Mode will protect users against highly targeted cyberattacks Fortinet addressed multiple vulnerabilities in several products Rozena backdoor delivered by exploiting the Follina bug Ongoing Raspberry Robin campaign leverages […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75

Malware / December 14, 2025

Security Affairs newsletter Round 554 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / December 14, 2025

Experts found an unsecured 16TB database containing 4.3B professional records

Data Breach / December 14, 2025

Germany calls in Russian Ambassador over air traffic control hack claims

APT / December 13, 2025

U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog

Security / December 13, 2025