North Korean threat actors use JSON sites to deliver malware via trojanized code
North Korean threat actors use JSON sites to deliver malware via trojanized code Pierluigi Paganini November 17, 2025 North Korean Contagious Interview actors now host…
Category: Securityaffairs
RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025
RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025 Pierluigi Paganini November 17, 2025 RondoDox botnet exploits unpatched XWiki flaw CVE-2025-24893…
Five admit helping North Korea evade sanctions through IT worker schemes
Five admit helping North Korea evade sanctions through IT worker schemes Pierluigi Paganini November 16, 2025 Five pleaded guilty to aiding North Korea ’s illicit…
Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini November 16, 2025 A new round of the weekly Security Affairs newsletter…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter 9 Malicious NuGet Packages…
China-backed hackers launch first large-scale autonomous AI cyberattack
Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack Pierluigi Paganini November 16, 2025 China-linked actors used Anthropic’s AI to automate and run cyberattacks in…
Multiple Vulnerabilities in GoSign Desktop lead to Remote Code Execution
Multiple Vulnerabilities in GoSign Desktop lead to Remote Code Execution Pierluigi Paganini November 15, 2025 Researchers found a critical vulnerability in GoSign Desktop: TLS Certificate…
U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini November 15, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet…
Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely
Critical CVE-2025-59367 flaw lets hackers access ASUS DSL routers remotely Pierluigi Paganini November 14, 2025 ASUS fixed a critical auth-bypass flaw (CVE-2025-59367) in DSL routers…
Millions of sites at risk from Imunify360 critical flaw exploit
Millions of sites at risk from Imunify360 critical flaw exploit Pierluigi Paganini November 14, 2025 A vulnerability affecting Imunify360 lets attackers run code via malicious…
Critical FortiWeb flaw under attack, allowing complete compromise
Critical FortiWeb flaw under attack, allowing complete compromise Pierluigi Paganini November 14, 2025 A Fortinet FortiWeb auth-bypass flaw is being actively exploited, allowing attackers to…
BSI issues guidelines to counter evasion attacks targeting LLMs
Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs Pierluigi Paganini November 14, 2025 Germany’s BSI warns of rising evasion attacks on LLMs, issuing…