Pierluigi Paganini
August 04, 2025
A January 2025 breach at Northwest Radiologists exposed data of 350,000 Washington State residents, the company confirmed. A data breach at Northwest Radiologists in January 2025 has exposed the personal information of 350,000 residents of Washington State, the company has confirmed. The security breach occurred on January 25, 2025 and caused “network disruption” at the […]
Pierluigi Paganini
August 04, 2025
PlayPraetor Android RAT has hit 11K+ devices, spreading fast via campaigns targeting Spanish and French speakers, say Cleafy researchers. Cleafy researchers have identified a new Android RAT called PlayPraetor, which has infected over 11,000 devices, mainly in Portugal, Spain, France, Morocco, Peru, and Hong Kong. The malware is spreading rapidly, with more than 2,000 new […]
Pierluigi Paganini
August 04, 2025
Lovense fixed bugs exposing emails and allowing account takeovers. Company CEO may take legal action after the flaws were publicly disclosed. Lovense, a manufacturer of internet-connected sex toys, fixed two vulnerabilities that exposed users’ emails and allowed remote account takeovers. A researcher known as BobDaHacker recently disclosed the flaws after Lovense claimed it would take […]
Pierluigi Paganini
August 04, 2025
State-backed group CL-STA-0969 hit Southeast Asian telecoms in 2024, targeting critical infrastructure, says Palo Alto Networks’ Unit 42. Palo Alto Networks reported that a nation-state actor, tracked as CL-STA-0969, targeted telecom firms in Southeast Asia, with attacks on critical infrastructure from February to November 2024. Threat actor CL-STA-0969 overlaps with the China-linked cyber espionage group […]
Pierluigi Paganini
August 03, 2025
Akira ransomware targets fully patched SonicWall VPNs in suspected zero-day attacks, with multiple intrusions seen in late July 2025. Arctic Wolf Labs researchers reported that Akira ransomware is exploiting SonicWall SSL VPNs in a likely zero-day attack, targeting even fully patched devices. Arctic Wolf Labs observed multiple intrusions via VPN access in late July 2025. […]
Pierluigi Paganini
August 03, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New Linux backdoor Plague bypasses auth via malicious PAM module China Presses Nvidia Over Alleged Backdoors […]
Pierluigi Paganini
August 02, 2025
A stealthy Linux backdoor named Plague, hidden as a malicious PAM module, allows attackers to bypass auth and maintain persistent SSH access. Nextron Systems researchers discovered a new stealthy Linux backdoor called Plague, hidden as a malicious PAM (Pluggable Authentication Module) module. It silently bypasses authentication and grants persistent SSH access. A Pluggable Authentication Module […]
Pierluigi Paganini
August 02, 2025
China questioned Nvidia over suspected backdoors in its H20 chips, adding to rising tensions in the tech fight between the U.S. and Beijing. China’s internet watchdog has summoned Nvidia over concerns that its H20 AI chips may contain hidden backdoors. Nvidia H20 chips are AI GPUs tailored for the Chinese market, based on Hopper architecture. […]
Pierluigi Paganini
August 01, 2025
AI-generated npm package @kodane/patch-manager drained Solana wallets; 1,500+ downloads before takedown on July 28, 2025. AI-generated npm package @kodane/patch-manager was flagged for hiding malicious software to drain Solana wallets. The package was uploaded on July 28, 2025, and it was downloaded more than 1,500 times before takedown. “The package @kodane/patch-manager, is a sophisticated cryptocurrency wallet […]
Pierluigi Paganini
August 01, 2025
Meta backs Pwn2Own Ireland 2025 in Cork, offering up to $1M for WhatsApp exploits; targets include phones and wearables, Oct 21–24 via Zero Day Initiative. Meta is sponsoring ZDI’s Pwn2Own Ireland 2025 hacking competition, where participants can earn big prizes for smartphone, WhatsApp and wearable device exploits. Participants can earn up to $1 million for […]
Security / September 23, 2025
