Pierluigi Paganini
August 24, 2025
Mirai-based Gayfemboy botnet resurfaces, evolving to target systems worldwide; Fortinet researchers provided details about the new campaign. FortiGuard Labs researchers tracked a new Gayfemboy botnet campaign, the malware exploits known flaws in DrayTek, TP-Link, Raisecom, and Cisco, showing evolved tactics and renewed activity. The Gayfemboy botnet was first identified in February 2024, it borrows the […]
Pierluigi Paganini
August 24, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hunt.io Exposes and Analyzes ERMAC V3.0 Banking Trojan Full Source Code Leak Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824 Supply Chain Risk in Python: Termncolor and Colorinal Explained Noodlophile […]
Pierluigi Paganini
August 24, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Kidney dialysis firm DaVita confirms ransomware attack compromised data of 2.7M people China-linked Silk Typhoon APT […]
Pierluigi Paganini
August 23, 2025
China-linked Silk Typhoon APT group ramp up North America attacks, exploiting n-day and zero-day flaws for system access, CrowdStrike warns. China-linked Silk Typhoon APT group (aka Murky Panda) targets organizations in North America exploiting n-day and zero-day flaws for system access, CrowdStrike warns. This Chinese APT has one of the widest targeting scopes. In March, […]
Pierluigi Paganini
August 23, 2025
Over 300 entities hit by the Atomic macOS Stealer via malvertising campaign between June and August, CrowdStrike warns. From June and August, over 300 entities were hit by a variant of the Atomic macOS Stealer (AMOS) called SHAMOS, reports CrowdStrike. The Atomic macOS Stealer lets operators steal diverse information from infected machines. This includes Keychain […]
Pierluigi Paganini
August 22, 2025
INTERPOL arrested 1,209 cybercriminals in 18 African nations seizing $97.4M, and dismantling 11,432 malicious infrastructures. INTERPOL announced the result of the second phase of ongoing law enforcement Operation Serengeti (June to August 2025) that led to 1,209 arrests across 18 nations in Africa. The authorities are aiding 88,000 victims, seizing $97.4M, and dismantling 11,432 cybercrime […]
Pierluigi Paganini
August 22, 2025
Microsoft halts PoC exploit sharing with Chinese firms after SharePoint zero-day leaks, giving only written bug details to curb future abuse. Microsoft has reportedly stopped giving Chinese firms proof-of-concept exploit code through its Microsoft Active Protections Program (MAPP) program after July’s mass exploitation of SharePoint flaws, believed linked to a leak of early bug disclosures. […]
Pierluigi Paganini
August 22, 2025
Ex-developer jailed 4 years for sabotaging Ohio employer with kill-switch malware that locked employees out after his account was disabled. Ex-developer Davis Lu (55) was sentenced to 4 years for sabotaging Ohio employer with kill-switch malware that locked staff out after his account was disabled. The Chinese national was also sentenced to three years of […]
Pierluigi Paganini
August 22, 2025
Colt Technology Services confirmed a data breach by the WarLock ransomware group; the company is working to restore disrupted systems. Colt Technology Services confirmed that threat actors breached its systems and stole some data. The telecoms company is working to restore disrupted systems. Colt, officially known as Colt Technology Services Group Limited, is a multinational telecommunications […]
Pierluigi Paganini
August 22, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS, iPadOS, and macOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple iOS, iPadOS, and macOS flaw, tracked as CVE-2025-43300, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Apple addressed the actively exploited zero-day CVE-2025-43300 in iOS, iPadOS, and […]
Hacking / November 06, 2025
