MUST READ

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

 | 

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

 | 

CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75

 | 

Security Affairs newsletter Round 554 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Experts found an unsecured 16TB database containing 4.3B professional records

 | 

Germany calls in Russian Ambassador over air traffic control hack claims

 | 

U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog

 | 

Emergency fixes deployed by Google and Apple after targeted attacks

 | 

Notepad++ fixed updater bugs that allowed malicious update hijacking

 | 

Elastic detects stealthy NANOREMOTE malware using Google Drive as C2

 | 

U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Gogs zero-day under attack, 700 servers hacked

 | 

GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

 | 

Google fixed a new actively exploited Chrome zero-day

 | 

Pro-Russia Hacktivist Support: Ukrainian Faces US Charges

 | 

Fortinet fixed two critical authentication-bypass vulnerabilities

 | 

New EtherRAT backdoor surfaces in React2Shell attacks tied to North Korea

 | 

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

 | 

Security Affairs

Pierluigi Paganini September 11, 2018
Zerodium disclose exploit for NoScript bug in version 7 of Tor Browser

Zero-day broker Zerodium has disclosed a NoScript vulnerability that could be exploited by attackers to execute arbitrary JavaScript code in the Tor Browser. Zero-day broker Zerodium has disclosed a NoScript vulnerability that could be exploited by attackers to execute arbitrary JavaScript code in the Tor Browser. NoScript is a popular Firefox extension that protects users against malicious scripts, it only allows […]

Pierluigi Paganini September 11, 2018
Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Thousands of unpatched MikroTik Routers are involved in new cryptocurrency mining campaigns. The exploit code for the CVE-2018-14847 vulnerabilities is becoming a commodity in the hacking underground, just after its disclosure crooks started using it to compromise MikroTik routers. Thousands of unpatched devices are mining for cryptocurrency at the moment. Earlier August, experts uncovered a massive […]

Pierluigi Paganini September 10, 2018
Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

Security experts observed the LuckyMouse APT group using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. Security experts from Kaspersky have observed the LuckyMouse APT group (aka Emissary Panda, APT27 and Threat Group 3390) using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. The APT group […]

Pierluigi Paganini September 10, 2018
GAO Report shed the lights on the failures behind the Equifax hack

A new report from the U.S. Government Accountability Office (GAO) provides detailed information of the Equifax hack. The Equifax hack occurred in May 2017 when attackers exploited the CVE-2017-5638 Apache Struts vulnerability in the Jakarta Multipart parser upload function. The flaw allowed the attacker to make a maliciously crafted request to an Apache web server and gain access […]

Pierluigi Paganini September 10, 2018
Mirai and Gafgyt target Apache Struts and SonicWall to hit enterprises

Security experts with Unit 42 at Palo Alto Networks have discovered new variants of the Mirai and Gafgyt IoT malware targeting enterprises. Both botnets appear very interesting for two main reasons: The new Mirai variant targets the same Apache Struts vulnerability exploited in the 2017 Equifax data breach. The vulnerability affects the Jakarta Multipart parser upload […]

Pierluigi Paganini September 10, 2018
A growing number of iOS apps collect and sell location data

A growing number of iOS apps currently collect location data, WiFi network IDs and other data, from iPhone users and sell them to monetization firms. A group of security researchers that developed the popular Guardian mobile firewall app revealed that a growing number of iOS apps currently collect location data, WiFi network IDs and other data, from […]

Pierluigi Paganini September 10, 2018
Fallout exploit kit appeared in the threat landscape in malvertising campaigns

At the end of August, security experts discovered a new exploit kit called Fallout that is being used to distribute the GandCrab ransomware. At the end of August, the threat analyst nao_sec discovered a new exploit kit called Fallout that is being used to distribute the GandCrab ransomware and other malicious codes, including droppers and potentially unwanted […]

Pierluigi Paganini September 09, 2018
The main source of infection on ICS systems was the internet in H1 2018

Researchers from Kaspersky have published a new report on the attacks on ICS systems observed by its products in the first half of 2018. Kaspersky Lab experts have published a new report titled “Threat Landscape for Industrial Automation Systems” report for H1 2018, that includes interesting data related to attacks against the ICS systems. The security […]

Pierluigi Paganini September 09, 2018
Security Affairs newsletter Round 179 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·      John McAfees Bitfi cryptocurrency wallet was hacked by […]

Pierluigi Paganini September 08, 2018
Russian citizen behind JPMorgan Chase and Dow Jones attacks has been extradited to US

Andrei Tyurin, the man that is accused to be the responsible for major cyber attacks against financial institutions, including JPMorgan Chase, was extradited to the United States from Georgia. The Russian citizen Andrei Tyurin (35) was extradited to the United States from Georgia on Friday, the man charged over the massive theft of customer data from JPMorgan Chase […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

Hacking / December 15, 2025

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

Security / December 15, 2025

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

Data Breach / December 15, 2025

CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use

Hacking / December 15, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75

Malware / December 14, 2025