SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 94
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Morpheus: A new Spyware linked to…
Category: Securityaffairs
Critical bug in CrowdStrike LogScale let attackers access files
Critical bug in CrowdStrike LogScale let attackers access files Pierluigi Paganini April 26, 2026 CrowdStrike fixed CVE-2026-40050 in LogScale self-hosted, a critical flaw allowing unauthenticated…
GopherWhisper: new China-linked APT targets Mongolia with Go-based malware
GopherWhisper: new China-linked APT targets Mongolia with Go-based malware Pierluigi Paganini April 26, 2026 ESET found a new China-linked APT, tracked as GopherWhisper, targeting Mongolia…
Trigona ransomware adopts custom tool to steal data and evade detection
Trigona ransomware adopts custom tool to steal data and evade detection Pierluigi Paganini April 26, 2026 Trigona ransomware now uses a custom command-line tool to…
U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini April 25, 2026 U.S. Cybersecurity and Infrastructure Security Agency…
Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)
Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844) Pierluigi Paganini April 25, 2026 Attackers exploit a Breeze Cache flaw (CVE-2026-3844)…
China-linked threat actors use consumer device botnets to evade detection, warn UK and partners
China-linked threat actors use consumer device botnets to evade detection, warn UK and partners Pierluigi Paganini April 24, 2026 UK National Cyber Security Centre (NCSC)…
CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network
CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network Pierluigi Paganini April 25, 2026 CISA said a federal Cisco Firepower ASA device…
12-year-old Pack2TheRoot bug lets Linux users gain root privileges
12-year-old Pack2TheRoot bug lets Linux users gain root privileges Pierluigi Paganini April 24, 2026 ‘Pack2TheRoot’ flaw lets local Linux users gain root via PackageKit. CVE-2026-41651…
Signal phishing campaign targets Germany’s Bundestag President Julia Klöckner
Signal phishing campaign targets Germany’s Bundestag President Julia Klöckner Pierluigi Paganini April 24, 2026 Germany’s Bundestag President Klöckner was targeted in a Signal phishing attack…
Checkmarx supply chain attack impacts Bitwarden npm distribution path
Checkmarx supply chain attack impacts Bitwarden npm distribution path Pierluigi Paganini April 24, 2026 Bitwarden CLI was hit by the Checkmarx supply chain attack. Version…
Microsoft Graph API misused by new GoGra Linux malware for hidden communication
Microsoft Graph API misused by new GoGra Linux malware for hidden communication Pierluigi Paganini April 23, 2026 A new GoGra Linux malware uses Microsoft Graph…