Category: Securityaffairs

North Korean threat actors use JSON sites to deliver malware via trojanized code
10
Dec
2025

New EtherRAT backdoor surfaces in React2Shell attacks tied to North Korea

New EtherRAT backdoor surfaces in React2Shell attacks tied to North Korea Pierluigi Paganini December 10, 2025 NK-linked hackers are likely…

Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug
10
Dec
2025

Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day

Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day Pierluigi Paganini December 10, 2025 Microsoft Patch…

Spyware and RATs used to target WhatsApp and Signal Users
10
Dec
2025

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 10, 2025 U.S….

Ivanti fixed two EPMM flaws exploited in limited attacks
10
Dec
2025

Ivanti warns customers of new EPM flaw enabling remote code execution

Ivanti warns customers of new EPM flaw enabling remote code execution Pierluigi Paganini December 09, 2025 Ivanti warns users to…

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics
09
Dec
2025

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics Pierluigi Paganini December 09, 2025 Mirai-based Broadside botnet targets vulnerable…

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools
09
Dec
2025

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools Pierluigi Paganini December 09, 2025 Poland arrested three Ukrainian nationals…

FinCEN data shows $4.5B in ransomware payments, record spike in 2023
09
Dec
2025

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

FinCEN data shows $4.5B in ransomware payments, record spike in 2023 Pierluigi Paganini December 09, 2025 Ransomware payments reported to…

bank impersonators fuel $262M surge in account takeover fraud
08
Dec
2025

Crooks manipulate online photos to fuel virtual kidnapping ransoms

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms Pierluigi Paganini December 08, 2025 The FBI warns of criminals…

Oracle EBS zero-day used by Clop to breach Barts Health NHS
08
Dec
2025

Oracle EBS zero-day used by Clop to breach Barts Health NHS

Oracle EBS zero-day used by Clop to breach Barts Health NHS Pierluigi Paganini December 08, 2025 Clop ransomware stole data…

Australia’s spy chief warns of China-linked threats to critical infrastructure
08
Dec
2025

China-linked threat actors weaponized React2Shell hours after disclosure

AWS: China-linked threat actors weaponized React2Shell hours after disclosure Pierluigi Paganini December 08, 2025 Multiple China-linked threat actors began exploiting…

Spyware and RATs used to target WhatsApp and Signal Users
08
Dec
2025

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 08, 2025 U.S….

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70
07
Dec
2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware…