Pierluigi Paganini
December 23, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Digiever DS-2105 Pro flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Digiever DS-2105 Pro vulnerability, tracked as CVE-2023-52163 (CVSS Score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. Digiever DS-2105 Pro is a network video recorder (NVR) device designed […]
Pierluigi Paganini
December 22, 2025
Romania’s national water management authority, Romanian Waters, was hit by a ransomware attack over the weekend. Romanian Waters (Administrația Națională Apele Române), the country’s water management authority, suffered a ransomware attack over the weekend. According to the National Cyber Security Directorate (DNSC), the incident affected around 1,000 computer systems across the central organization and 10 […]
Pierluigi Paganini
December 22, 2025
Ukrainian Artem Stryzhak (35) pleaded guilty in the U.S. for Nefilim ransomware attacks; he was arrested in Spain in 2024, extradited in April 2025. A 35-year-old Ukrainian, Artem Aleksandrovych Stryzhak (35), pleaded guilty in the U.S. for Nefilim ransomware attacks. The Ukrainian citizen was arrested in Spain in 2024 and extradited to the US in […]
Pierluigi Paganini
December 22, 2025
Researchers report renewed activity by Iran-linked Infy (Prince of Persia), showing the hacking group remains active and dangerous after years of silence. SafeBreach researchers have spotted renewed activity from the Iran-linked APT group Infy, also known as Prince of Persia, nearly five years after its last known campaigns in Europe. SafeBreach warns the group remains […]
Pierluigi Paganini
December 22, 2025
Hackers stole personal data of about 27,500 people from the University of Sydney after accessing an online code library, the university confirmed. The University of Sydney disclosed a data breach in which threat actors accessed an online code library and stole personal information linked to about 27,500 individuals, including current and former staff, affiliates, students, […]
Pierluigi Paganini
December 21, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter CyberVolk | A Deep Dive into the Hacktivists, Tools and Ransomware Fueling Pro-Russian Cyber Attacks Operation MoneyMount-ISO — Deploying Phantom Stealer via ISO-Mounted Executables Inside GhostPoster: How a PNG Icon Infected 50,000 Firefox Users […]
Pierluigi Paganini
December 21, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ATM Jackpotting ring busted: 54 indicted by DoJ U.S. CISA adds a flaw in WatchGuard Fireware […]
Pierluigi Paganini
December 20, 2025
The U.S. Department of Justice has indicted 54 individuals over a multi-million-dollar ATM jackpotting fraud scheme. U.S. DoJ indicted 54 people for a nationwide ATM jackpotting scheme that stole millions via malware. The case links the crimes to the cybercrime group Tren de Aragua, including charges of fraud, money laundering, and material support to a […]
Pierluigi Paganini
December 20, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a WatchGuard Fireware OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a WatchGuard Firebox OS vulnerability, tracked as CVE-2025-14733 (CVSS Score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. This flaw is a critical out-of-bounds write vulnerability in WatchGuard Fireware […]
Pierluigi Paganini
December 20, 2025
Denmark has blamed Russia for a destructive cyberattack on a water utility, calling it part of Moscow’s hybrid campaign against Western critical infrastructure. Denmark has accused Russia of orchestrating destructive cyberattacks against a water utility in 2024, framing them as part of broader hybrid attacks on Western critical infrastructure. Denmark’s Defence Intelligence Service attributed a […]
