MUST READ

China-linked APT UNC3886 targets Singapore telcos

 | 

Critical Fortinet FortiClientEMS flaw allows remote code execution

 | 

BeyondTrust fixes critical pre-auth bug allowing remote code execution

 | 

European Commission probes cyberattack on mobile device management system

 | 

Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

 | 

Romania’s national oil pipeline firm Conpet reports cyberattack

 | 

Flickr moves to contain data exposure, warns users of phishing

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83

 | 

Security Affairs newsletter Round 562 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

DKnife toolkit abuses routers to spy and deliver malware since 2019

 | 

Italian university La Sapienza still offline to mitigate recent cyber attack

 | 

CISA pushes Federal agencies to retire end-of-support edge devices

 | 

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

Security Affairs

Pierluigi Paganini September 08, 2020
Adobe fixes critical flaws in Adobe InDesign, Framemaker, and Experience Manager

Adobe has released security updates to address 12 critical vulnerabilities in Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager. Adobe has released security updates to address twelve critical vulnerabilities that could be exploited by attackers to execute arbitrary code on systems running vulnerable versions of Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager. “Adobe has […]

Pierluigi Paganini September 08, 2020
Expert found multiple critical issues in MoFi routers

Researchers found multiple vulnerabilities in MoFi Network routers, including critical flaws that can be exploited to remotely hack a device. The researchers Rich Mirch from CRITICALSTART discovered ten vulnerabilities MOFI4500 MoFi Network routers. The expert reported the issues to the vendor in May but some of the flaws have yet to be patched. Most of […]

Pierluigi Paganini September 08, 2020
Newcastle University infected with DoppelPaymer Ransomware

UK research university Newcastle University suffered a DoppelPaymer ransomware attack and took its systems offline in response to the attack. UK research university Newcastle University was infected with the DoppelPaymer ransomware, in response to the incident it was forced to take systems offline on the morning of August 30th. The Newcastle University did not provide […]

Pierluigi Paganini September 08, 2020
France national cyber-security agency warns of a surge in Emotet attacks

The French national cyber-security agency warns of a surge in Emotet attacks targeting the private sector and public administration entities. The French national cyber-security agency published an alert to warn of a significant increase of Emotet attacks targeting the private sector and public administration entities in France. The Emotet banking trojan has been active at least […]

Pierluigi Paganini September 07, 2020
Chilean bank BancoEstado hit by REVil ransomware

Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. The ransomware encrypted most of the company servers and workstations. […]

Pierluigi Paganini September 07, 2020
Russian national indicted for attempting to recruit Tesla employee to install malware

US authorities have indicted a Russian national for conspiring to recruit a Tesla employee to install malware onto the company’s infrastructure. Russian national Egor Igorevich Kriuchkov (27) has been indicted in the United States for conspiring to recruit a Tesla employee to install malware onto the company’s network. In August, US authorities arrested the Russian […]

Pierluigi Paganini September 07, 2020
Epic Manchego gang uses Excel docs that avoid detection

A recently discovered cybercrime gang, tracked as Epic Manchego, is using a new technique to create weaponized Excel files that are able to bypass security checks Security experts from NVISO Labs recently spotted the activity of a new malware gang, tracked as Epic Manchego, that is actively targeting companies across the world with phishing emails since […]

Pierluigi Paganini September 06, 2020
Visa warns of new sophisticated credit card skimmer dubbed Baka

Visa issued a warning regarding a new credit card JavaScript skimmer, tracked as Baka, that implements new features to evade detection. Visa issued a warning regarding a new e-skimmer known as Baka that removes itself from memory after having exfiltrating payment card details. The e-skimmer was first spotted by experts with Visa’s Payment Fraud Disruption […]

Pierluigi Paganini September 06, 2020
Security Affairs newsletter Round 280

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Emotet botnet has begun to use a new ‘Red Dawn template Malicious npm package ‘fallguys removed from the official repository US DoJ wants the funds stored by North Korea in […]

Pierluigi Paganini September 06, 2020
WhatsApp discloses six previously undisclosed flaws

WhatsApp addressed six previously undisclosed flaws in its app and disclosed them on a new dedicated security advisory site. WhatsApp announced more transparency about the vulnerabilities affecting its app and will publicly disclose them to the users. The company addressed six previously undisclosed flaws in its app and disclosed them on a new dedicated web site. Some […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

China-linked APT UNC3886 targets Singapore telcos

APT / February 10, 2026

Critical Fortinet FortiClientEMS flaw allows remote code execution

Security / February 09, 2026

BeyondTrust fixes critical pre-auth bug allowing remote code execution

Security / February 09, 2026

European Commission probes cyberattack on mobile device management system

Data Breach / February 09, 2026

Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

Security / February 09, 2026