Hackers exploited Zimbra flaw as zero-day using iCalendar files
Researchers monitoring for larger .ICS calendar attachments found that a flaw in Zimbra Collaboration Suite (ZCS) was used in zero-day attacks at the beginning of the year.…
Month: October 2025
Weaponizing AWS X-Ray for Command & Control
Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control Pierluigi Paganini October 05, 2025 Attackers can weaponize AWS X-Ray as a covert bidirectional…
Security Affairs newsletter Round 544 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 544 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini October 05, 2025 A new round of the weekly Security Affairs newsletter…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 65
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Smash and Grab: Aggressive…
ParkMobile pays… $1 each for 2021 data breach that hit 22 million
ParkMobile has finally wrapped up a class action lawsuit over the platform’s 2021 data breach that hit 22 million users. But there’s a catch: victims…
Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How to protect the global cable…
Microsoft to Disable Inline SVG Images Display to Outlook for Web and Windows Users
Microsoft has announced a significant security enhancement for Outlook users, implementing the retirement of inline SVG image support across Outlook for Web and the new…
Unity Real-Time Development Platform Vulnerability Let Attackers Execute Arbitrary Code
Unity Technologies has issued a critical security advisory warning developers about a high-severity vulnerability affecting its widely used game development platform. The flaw, designated CVE-2025-59489,…
New WireTap Attack Break Server SGX To Exfiltrate Sensitive Data
A newly disclosed vulnerability, named the WireTap attack, allows attackers with physical access to break the security of Intel’s Software Guard eXtensions (SGX) on modern…
Editorial | Hong Kong’s growing cross-border cooperation against crime is bearing fruit
Cross-border crime syndicates are becoming increasingly sophisticated, taking advantage of technological developments to enable them to perpetrate offences ranging from hacking attacks to scams. They…
Leaked Apple iPad Pro M5 benchmark shows massive improvements
A new leaked benchmark shows Apple’s alleged M5 chip on an iPad, and it’s almost as fast as a desktop CPU. We know that Apple…
Discord discloses data breach after hackers steal support tickets
Hackers stole partial payment information and personally identifiable data, including names and government-issued IDs, from some Discord users after compromising a third-party customer service provider.…