Pierluigi Paganini
March 04, 2025
US CISA confirms no change in defense against Russian cyber threats despite the Trump administration’s pause on offensive operations. US CISA stated there is no change in defending against Russian cyber threats, despite the Trump administration’s temporary pause on offensive cyber operations. US Defense Secretary Pete Hegseth has recently ordered US Cyber Command to pause […]
Pierluigi Paganini
March 03, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Below are the descriptions for […]
Pierluigi Paganini
March 03, 2025
U.S. authorities have recovered $31 million in cryptocurrency stolen during the 2021 cyberattacks on Uranium Finance. U.S. authorities recovered $31 million in cryptocurrency stolen in 2021 cyberattacks on Uranium Finance, which is a decentralized finance (DeFi) protocol built on Binanceâs BNB Chain. The protocol operated as an automated market maker (AMM), similar to Uniswap, allowing […]
Pierluigi Paganini
March 03, 2025
Amnesty International reports that a Cellebrite zero-day exploit was used to unlock a Serbian activist’s Android phone. Amnesty International reported that a Cellebrite zero-day exploit was used to unlock the Android smartphone of a Serbian activist. In a statement published on 25 February 2025, Cellebrite announced that it had blocked Serbia from using its solution after reports that police […]
Pierluigi Paganini
March 03, 2025
The Qilin ransomware group claims responsibility for attacking the newspaper Lee Enterprises, stealing 350GB of data. The Qilin ransomware group claimed responsibility for the recent cyberattack on Lee Enterprises, which impacted dozens of local newspapers. Lee Enterprises, Inc. is a publicly traded American media company. It publishes 79 newspapers in 25 states, and more than […]
Pierluigi Paganini
March 02, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. DragonForce Ransomware Group is Targeting Saudi Arabia  Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host âProsperoâ Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware […]
Pierluigi Paganini
March 02, 2025
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ransomware gangs exploit a Paragon Partition Manager BioNTdrv.sys driver zero-day Microsoft disrupted a global cybercrime ring abusing Azure […]
Pierluigi Paganini
March 02, 2025
Meta fired about 20 employees because they had leaked âconfidential information outside the company,â with more firings expected. Meta fired about 20 employees for leaking confidential information outside the company, with more firings expected. âWe tell employees when they join the company, and we offer periodic reminders, that it is against our policies to leak […]
Pierluigi Paganini
March 01, 2025
Microsoft warns of a Paragon Partition Manager BioNTdrv.sys driver zero-day flaw actively exploited by ransomware gangs in attacks. Microsoft discovered five vulnerabilities in the Paragon Partition Manager BioNTdrv.sys driver. The IT giant reported that one of these flaws is exploited by ransomware groups in zero-day attacks. Paragon Partition Manager, available in Community and Commercial versions, manages hard drive […]
Pierluigi Paganini
March 01, 2025
Microsoft exposed four individuals behind an Azure Abuse scheme using unauthorized GenAI access to create harmful content. Microsoft shared the names of four developers of malicious tools designed to bypass the guardrails of generative AI services, including Microsoftâs Azure OpenAI Service. Microsoft is taking legal action against these defendants, dismantling their operation, and curbing misuse […]
Security / November 12, 2025
Cyber Crime / November 12, 2025
