MUST READ

Delta Dental of Virginia data breach impacts 145,918 customers

 | 

Attackers deliver ShadowPad via newly patched WSUS RCE bug

 | 

AI attack agents are accelerators, not autonomous weapons: the Anthropic attack

 | 

Scattered Spider alleged members deny TfL charges

 | 

Iberia discloses security incident tied to supplier breach

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 72

 | 

Security Affairs newsletter Round 551 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

SonicWall flags SSLVPN flaw allowing firewall crashes

 | 

BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks

 | 

U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog

 | 

CrowdStrike denies breach after insider sent internal screenshots to hackers

 | 

SolarWinds addressed three critical flaws in Serv-U

 | 

Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack

 | 

Salesforce alerts users to potential data exposure via Gainsight OAuth apps

 | 

Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles

 | 

Sturnus: New Android banking trojan targets WhatsApp, Telegram, and Signal

 | 

Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops

 | 

Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks

 | 

U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild

 | 

WSUS

Pierluigi Paganini November 24, 2025
Attackers deliver ShadowPad via newly patched WSUS RCE bug

Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware. AhnLab SEcurity intelligence Center (ASEC) researchers reported that threat actors exploited a recently patched WSUS flaw (CVE-2025-59287) to deliver the ShadowPad malware. ShadowPad is a backdoor widely used by China-linked APT groups and privately sold […]

Pierluigi Paganini October 25, 2025
CVE-2025-59287: Microsoft fixes critical WSUS flaw under active attack

Microsoft released urgent updates to address the critical WSUS RCE vulnerability CVE-2025-59287, which is under active attack.. Microsoft released an out-of-band fix for CVE-2025-59287, a critical WSUS RCE flaw (CVSS 9.8) that is under active exploitation. Researchers MEOW and Markus Wulftange of CODE WHITE GmbH reported the vulnerability. “To comprehensively address CVE-2025-59287, Microsoft has released […]

Pierluigi Paganini August 08, 2015
Hacking Windows Server Update Services to infect enterprises

Two researchers demonstrated how to compromise corporate networks by hacking the Windows Server Update Services and serve malware instead security patches. Security researchers from Context security firm have discovered a technique to serve malware exploiting the Windows update mechanism. The researchers are able to exploit insecurely configured implementations of Windows Server Update Services (WSUS) for an enterprise […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Delta Dental of Virginia data breach impacts 145,918 customers

Data Breach / November 24, 2025

Attackers deliver ShadowPad via newly patched WSUS RCE bug

Malware / November 24, 2025

AI attack agents are accelerators, not autonomous weapons: the Anthropic attack

Security / November 24, 2025

Scattered Spider alleged members deny TfL charges

Hacking / November 24, 2025

Iberia discloses security incident tied to supplier breach

Data Breach / November 23, 2025