MUST READ

CISA pushes Federal agencies to retire end-of-support edge devices

 | 

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

MoltBot Skills exploited to distribute 400+ malware packages in days

 | 

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

 | 

Hackers exploit unsecured MongoDB instances to wipe data and demand ransom

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

 | 

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

 | 

Security Affairs

Pierluigi Paganini September 15, 2025
Fairmont Federal Credit Union 2023 data breach impacted 187K people

Fairmont Federal Credit Union alerts 187K people that a 2023 breach exposed personal, financial, and medical data. Fairmont Federal Credit Union (FFCU) is a not-for-profit financial cooperative in West Virginia. It offers services like personal and business loans, mortgages, checking accounts, and financial aid, operating nine regional branches to serve its members. Fairmont Federal Credit […]

Pierluigi Paganini September 15, 2025
UK ICO finds students behind majority of school data breaches

UK ICO reports students caused over half of school data breaches, showing kids are shaping cybersecurity in unexpected ways. The UK Information Commissioner’s Office (ICO), students were responsible for most of the data breaches suffered by the schools in the country. The U.K.’s independent regulator for data protection and information rights also reported that nearly […]

Pierluigi Paganini September 15, 2025
INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

Panama’s Ministry of Economy and Finance disclosed a security breach impacting a computer in its infrastructure. Panama’s Ministry of Economy and Finance (MEF) announced that threat actors likely compromised one of its computers. The Ministry immediately activated its security protocols to contain the threat. Panama’s Ministry pointed out that critical systems vital to operations remain […]

Pierluigi Paganini September 14, 2025
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter npm debug and chalk packages compromised  GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe Trojanized ScreenConnect installers evolve, dropping multiple RATs on a single machine Salt […]

Pierluigi Paganini September 14, 2025
Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups HybridPetya ransomware bypasses UEFI Secure Boot […]

Pierluigi Paganini September 13, 2025
HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

HybridPetya ransomware bypasses UEFI Secure Boot to infect EFI partitions, echoing the infamous Petya/NotPetya attacks of 2016–2017. ESET researchers discovered a new ransomware called HybridPetya on the platform VirusTotal. The malware echoes the infamous Petya/NotPetya malware, supporting additional capabilities, such as compromising UEFI-based systems and exploiting CVE‑2024‑7344 to bypass UEFI Secure Boot on outdated systems. “Interestingly, the […]

Pierluigi Paganini September 12, 2025
Samsung fixed actively exploited zero-day

Samsung fixed the remote code execution flaw CVE-2025-21043 that was exploited in zero-day attacks against Android devices. Samsung addressed the remote code execution vulnerability, tracked as CVE-2025-21043, that was exploited in zero-day attacks against Android users. The vulnerability is an out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1. A remote attacker can exploit […]

Pierluigi Paganini September 12, 2025
UK train operator LNER (London North Eastern Railway) discloses a data breach

LNER warns of a data breach via a third-party supplier, exposing customer contact details and other personal information. UK train operator LNER (London North Eastern Railway) reported a data breach through a third-party supplier, compromising customer contact details and other personal information. LNER (London North Eastern Railway) is a British train operator running passenger services […]

Pierluigi Paganini September 12, 2025
Apple issues spyware warnings as CERT-FR confirms attacks

Apple warned users of a spyware campaign; France’s cyber agency confirmed targeted iCloud-linked devices may be compromised. Apple warned customers last week about new spyware attacks, the French national Computer Emergency Response Team (CERT-FR) said. The agency confirmed at least four such alerts since early 2025. Apple sent spyware alerts on March 5, April 29, […]

Pierluigi Paganini September 12, 2025
U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Dassault Systèmes DELMIA Apriso flaw, tracked as CVE-2025-5086 (CVSS score of 9.0), to its Known Exploited Vulnerabilities (KEV) catalog. Dassault Systèmes DELMIA Apriso is a Manufacturing Operations Management (MOM) software platform […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

CISA pushes Federal agencies to retire end-of-support edge devices

Security / February 07, 2026

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

Security / February 06, 2026

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

Security / February 06, 2026

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Uncategorized / February 05, 2026

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Hacktivism / February 05, 2026