MUST READ

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

 | 

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

 | 

UK NCA arrested four people over M&S, Co-op cyberattacks

 | 

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

 | 

Qantas data breach impacted 5.7 million individuals

 | 

DoNot APT is expanding scope targeting European foreign ministries

 | 

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

 | 

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

 | 

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

 | 

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

 | 

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

 | 

XSS

Pierluigi Paganini November 27, 2024
VMware fixed five vulnerabilities in Aria Operations product

Virtualization giant VMware addressed multiple vulnerabilities in its Aria Operations product that can led to privilege escalation and XSS attacks. VMware released security updates to address five vulnerabilities in its Aria Operations product. Aria Operations (formerly known as VMware vRealize Operations) is a comprehensive cloud management and operations platform developed by VMware. It is designed […]

Pierluigi Paganini August 07, 2024
Critical XSS bug in Roundcube Webmail allows attackers to steal emails and sensitive data

Researchers warn of flaws in the Roundcube webmail software that could be exploited to steal sensitive information from target accounts. Sonar’s Vulnerability Research Team discovered a critical Cross-Site Scripting (XSS) vulnerability in the popular open-source webmail software Roundcube. Roundcube is included by default in the server hosting panel cPanel which has millions of installations worldwide. […]

Pierluigi Paganini May 24, 2024
An XSS flaw in GitLab allows attackers to take over accounts

GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked as CVE-2024-4835, that allows attackers to take over user accounts. An attacker can exploit this issue by using a specially crafted page to exfiltrate sensitive user information. The vulnerability impacts versions 15.11 before […]

Pierluigi Paganini April 06, 2024
Cisco warns of XSS flaw in end-of-life small business routers

Cisco warns customers of Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Cross-Site scripting flaw. Cisco warns of a Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers Cross-Site scripting (XSS) flaw. The medium severity issue, tracked as CVE-2024-20362 (CVSS score 6.1), resides in the web-based management interface of Cisco Small Business […]

Pierluigi Paganini April 02, 2024
XSS flaw in WordPress WP-Members Plugin can lead to script injection

A cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin can lead to malicious script injection. Researchers from Defiant’s Wordfence research team disclosed a cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin that can lead to malicious script injection. The Unauthenticated Stored Cross-Site Scripting vulnerability was reported to Wordfence by the WordPress […]

Pierluigi Paganini February 22, 2024
Multiple XSS flaws in Joomla can lead to remote code execution

Joomla maintainers have addressed multiple vulnerabilities in the popular content management system (CMS) that can lead to execute arbitrary code. The maintainers of the Joomla! Project released Joomla 5.0.3 and 4.4.3 versions that addressed the following vulnerabilities in the popular content management system (CMS): The impact of these flaws can be widespread because roughly 2% of […]

Pierluigi Paganini December 15, 2023
Multiple flaws in pfSense firewall can lead to arbitrary code execution

Security flaws in Netgate pfSense firewall solution can potentially lead to arbitrary code execution on vulnerable devices. pfSense is a popular open-source firewall solution maintained by Netgate, researchers discovered multiple security issues affecting it. Researchers from SonarCloud discovered several security issues, Cross-Site Scripting (XSS) vulnerabilities and a Command Injection vulnerability in pfSense CE (CVE-2023-42325, CVE-2023-42327, CVE-2023-42326). The […]

Pierluigi Paganini November 16, 2023
Zimbra zero-day exploited to steal government emails by four groups

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day (CVE-2023-37580) to steal emails from governments. Google Threat Analysis Group (TAG) researchers revealed that a zero-day vulnerability, tracked as CVE-2023-37580 (CVSS score: 6.1), in the Zimbra Collaboration email software was exploited by four different threat actors to steal email data, user credentials, and authentication tokens […]

Pierluigi Paganini July 27, 2023
Zimbra fixed actively exploited zero-day CVE-2023-38750 in ZCS

Zimbra addressed a zero-day vulnerability exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. Two weeks ago Zimbra urged customers to manually install updates to fix a zero-day vulnerability, now tracked as CVE-2023-38750, that is actively exploited in attacks against Zimbra Collaboration Suite (ZCS) email servers. Zimbra Collaboration Suite is a comprehensive open-source messaging and […]

Pierluigi Paganini May 06, 2023
WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks

A reflected cross-site scripting vulnerability is the Advanced Custom Fields plugin for WordPress exposed over 2 million sites to hacking. Assetnote researchers discovered a reflected cross-site scripting vulnerability, tracked as CVE-2023-29489 (CVSS score: 6.1), in the Advanced Custom Fields plugin for WordPress. The ACF field builder allows users to quickly and easily add fields to […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

Uncategorized / July 11, 2025

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

Hacking / July 11, 2025

UK NCA arrested four people over M&S, Co-op cyberattacks

Cyber Crime / July 10, 2025

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

Hacking / July 10, 2025

Qantas data breach impacted 5.7 million individuals

Data Breach / July 10, 2025