MUST READ

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini ā€“ INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

A new Italian citizen was targeted with Paragonā€™s Graphite spyware. We have a serious problem

 | 

LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks

 | 

Cisco fixes critical UCCX flaw allowing Root command execution

 | 

Cisco became aware of a new attack variant against Secure Firewall ASA and FTD devices

 | 

Google sounds alarm on self-modifying AI malware

 | 

Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs

 | 

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

 | 

U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

 | 

Nine arrested in ā‚¬600M crypto laundering bust across Europe

 | 

Google fixed a critical remote code execution in Android

 | 

SesameOp: New backdoor exploits OpenAI API for covert C2

 | 

Google Big Sleep found five vulnerabilities in Safari

 | 

Jabber Zeus developer ā€˜MrICQā€™ extradited to US from Italy

 | 

Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

 | 

Spectre attack

Pierluigi Paganini September 13, 2021
New Spook.Js attack allows to bypass Google Chrome Site Isolation protections

Spook.js is a new side-channel attack on modern processors that can allow bypassing Site Isolation protectionsĀ implemented in Google Chrome. Boffins devised a transientĀ side-channel attack on modern processors, “Spook.js,” that can be abused by threat actors to bypass Site Isolation protectionsĀ implemented in Google Chrome and Chromium browsers. The technique allows in some cases to steal sensitive […]

Pierluigi Paganini January 20, 2018
Red Hat reverts Spectre (CVE-2017-5715) security updates due to boot issues reported by customers

Red Hat is going to release updates that are reverting previous patches for the Spectre vulnerability (Variant 2, aka CVE-2017-5715). Just after the release of Spectre and Meltdown patches many experts argued a significative impact on performance and stability of systems running them. While Meltdown and Spectre Variant 1 could be theoretically being addressed by […]

Pierluigi Paganini January 06, 2018
Cisco is going to release security patches for Meltdown and Spectre attacks

Cisco is going to release security patches for Meltdown and Spectre attacks, the company is currently investigating its entire products portfolio. Cisco published a security advisory on theĀ CPU Side-Channel information disclosure vulnerabilitiesĀ that are exploited in the Spectre and Meltdown attacksĀ and announced it is going to release security updates to protect its customers. Switchzilla announced it […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

Hacking / November 09, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

Malware / November 09, 2025

Security Affairs newsletter Round 549 by Pierluigi Paganini ā€“ INTERNATIONAL EDITION

Breaking News / November 09, 2025

China-linked hackers target U.S. non-profit in long-term espionage campaign

APT / November 08, 2025

A new Italian citizen was targeted with Paragonā€™s Graphite spyware. We have a serious problem

Security / November 08, 2025