Evasive Panda cyberespionage campaign uses DNS poisoning to install MgBot backdoor Pierluigi Paganini December 29, 2025 China-linked APT Evasive Panda used DNS poisoning to deliver…
Condé Nast faces major data breach: 2.3M WIRED records leaked, 40M more at risk Pierluigi Paganini December 28, 2025 Hacker claims Condé Nast breach, leaking…
Stolen LastPass backups enable crypto theft through 2025 Pierluigi Paganini December 28, 2025 Stolen vault backups from the 2022 LastPass breach are still being cracked,…
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Choose Your Fighter: A…
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email…
LangChain core vulnerability allows prompt injection and data exposure Pierluigi Paganini December 27, 2025 A critical flaw in LangChain Core could allow attackers to steal…
NPM package with 56,000 downloads compromises WhatsApp accounts Pierluigi Paganini December 27, 2025 An NPM package with over 56,000 downloads stole WhatsApp credentials, hid its…
Trust Wallet warns users to update Chrome extension after $7M security loss Pierluigi Paganini December 26, 2025 Trust Wallet urged users to update its Chrome…
Pro-Russian group Noname057 claims cyberattack on La Poste services Pierluigi Paganini December 26, 2025 Pro-Russian hacking group Noname057 claimed responsibility for the cyberattack that recently…
Aflac confirms June data breach affecting over 22 million customers Pierluigi Paganini December 26, 2025 A June data breach exposed the personal information of more…
Spotify cracks down on unlawful scraping of 86 million songs Pierluigi Paganini December 26, 2025 Spotify shut down accounts after Anna’s Archive scraped and published…
Five-year-old Fortinet FortiOS SSL VPN vulnerability actively exploited Pierluigi Paganini December 25, 2025 Fortinet reported active exploitation of a five-year-old FortiOS SSL VPN flaw, abused…
