MUST READ

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

 | 

Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Qantas cuts executive bonuses by 15% after a July data breach

 | 

MeetC2 - A serverless C2 framework that leverages Google Calendar APIs as a communication channel

 | 

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

 | 

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

 | 

SVG files used in hidden malware campaign impersonating Colombian authorities

 | 

France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules

 | 

$10M reward for Russia's FSB officers accused of hacking US Critical infrastructure

 | 

Severe Hikvision HikCentral product flaws: What You Need to Know

 | 

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

 | 

Google addressed two Android flaws actively exploited in targeted attacks

 | 

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

 | 

Android droppers evolved into versatile tools to spread malware

 | 

Jaguar Land Rover shuts down systems after cyberattack, no evidence of customer data theft

 | 

Cloudflare blocked a record 11.5 Tbps DDoS attack

 | 

Palo Alto Networks disclosed a data breach linked to Salesloft Drift incident

 | 

Von der Leyen’s plane hit by suspected Russian GPS Jamming in Bulgaria, landed Safely

 | 

Supply-chain attack hits Zscaler via Salesloft Drift, leaking customer info

 | 

zero-day attack

Pierluigi Paganini May 07, 2025
Play ransomware affiliate leveraged zero-day to deploy malware

The Play ransomware gang exploited a high-severity Windows Common Log File System flaw in zero-day attacks to deploy malware. The Play ransomware gang has exploited a Windows Common Log File System flaw, tracked as CVE-2025-29824, in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. The vulnerability CVE-2025-29824, (CVSS score of 7.8) is a Use after […]

Pierluigi Paganini April 11, 2017
Dridex banking Trojan campaign exploited Microsoft Word 0day recently revealed

Millions of people were targeted by a phishing campaign exploiting a Microsoft Word 0day and aimed to spread the Dridex Banking Trojan. Recently security experts from firms McAfee and FireEye warned of a Microsoft Word zero-day exploited by attackers in the wild. Just opening an MS Word document could put Windows users at risk, the exploitation of the flaw could […]

Pierluigi Paganini April 10, 2017
Researchers warn of a Windows Zero-Day Attack observed in the wild

Security researchers from firms McAfee and FireEye are warning of a Windows zero-day attack in the wild that put Microsoft users at risk of hack. Security researchers from security firms McAfee and FireEye are warning of hackers exploiting a Windows zero-day vulnerability in the wild. Just opening an MS Word document could put you at risk, […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

Intelligence / September 08, 2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

Breaking News / September 07, 2025

Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / September 07, 2025

Qantas cuts executive bonuses by 15% after a July data breach

Data Breach / September 06, 2025

MeetC2 - A serverless C2 framework that leverages Google Calendar APIs as a communication channel

Security / September 06, 2025