Pierluigi Paganini
July 12, 2025
Vulnerabilities in McDonald’s McHire chatbot exposed data from 64 million job applicants due to insecure internal APIs. Security researchers Ian Carroll and Sam Curry discovered multiple vulnerabilities in the McDonald’s chatbot recruitment platform McHire that exposed the personal information of over 64 million job applicants. The security duo found that McDonald’s hiring bot, built by […]
Pierluigi Paganini
July 11, 2025
Russian basketball player arrested in France over alleged ties to a ransomware group accused of targeting U.S. firms and federal institutions. Russian basketball player Daniil Kasatkin (26) was arrested in France in June at the request of the U.S. over alleged ties to a ransomware group targeting hundreds of U.S. companies and federal entities. He […]
Pierluigi Paganini
July 11, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler ADC and Gateway flaw, tracked as CVE-2025-5777, to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2025-5777 flaw, dubbed ‘CitrixBleed 2‘ (CVSS v4.0 Base Score of 9.3), […]
Pierluigi Paganini
July 10, 2025
NCA arrested four people in UK, including three teens, over cyberattacks on M&S, Co-op, and Harrods, per its investigation. The British National Crime Agency (NCA) arrested four individuals in the country following an investigation into the recent wave of attacks targeting Co-op, M&S, and Harrods. On July 10, Law enforcement arrested 4 youths, aged 17–20, […]
Pierluigi Paganini
July 10, 2025
Researchers found critical PerfektBlue flaws in OpenSynergy BlueSDK, allowing remote code execution to hack millions of vehicles’ systems. Researchers at PCA Cyber Security identified a set of critical vulnerabilities, collectively tracked as PerfektBlue, in OpenSynergy BlueSDK Bluetooth stack. The exploitation of the flaws potentially allows remote code execution in millions of vehicles. These flaws could […]
Pierluigi Paganini
July 10, 2025
DoNot APT, likely an India-linked cyberespionage group, targets European foreign ministries with LoptikMod malware. The DoNot APT group, likely linked to India, has expanded its operations and is targeting European foreign ministries with a new malware, called LoptikMod. The Donot Team (also known as APT-C-35 and Origami Elephant) has been active since 2016, focusing on government entities, foreign […]
Pierluigi Paganini
July 08, 2025
Microsoft released Patch Tuesday security updates for July 2025, which addressed 130 flaws, including one a Microsoft SQL Server zero-day. Microsoft Patch Tuesday security updates for July 2025 addressed 130 vulnerabilities in Windows and Windows Components, Office and Office Components, .NET and Visual Studio, Azure, Teams, Hyper-V, Windows BitLocker, Microsoft Edge (Chromium-based), and the Windows […]
Pierluigi Paganini
July 08, 2025
Italian police arrested a Chinese national linked to Silk Typhoon APT group at Milan’s Malpensa Airport on a U.S. warrant. Italian police arrested a Chinese national, Zewei Xu (33), at Milan’s Malpensa Airport on a U.S. warrant. Xu was arrested at Malpensa Airport on July 3rd after arriving on a flight from China. Authorities accused […]
Pierluigi Paganini
July 08, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS) flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS) flaws to […]
Pierluigi Paganini
July 08, 2025
Brazil arrests IT worker João Roque for aiding $100M PIX cyber heist, one of Brazil’s biggest banking system breaches. Brazilian police arrested João Roque (48), an IT employee at C&M, for allegedly aiding a cyberattack that stole over 540 million reais (~$100 million) via the PIX banking system. The company C&M links smaller banks to […]
