News

Breaking News

Entertainment

Movies & Series

Music

Science & Technology

Sport

Business & Money

Education & Personal Development

Life

Culture & Art

Hobbies

News

Entertainment

Science & Technology

Sport

Business & Money

Education & Personal Development

Life

Culture & Art

Hobbies

home
›
Security Affairs
›
Software

Security Affairs - Software

8 | Follower

Security Affairs

11.05.2025

Operation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals services

Law enforcement dismantled a 20-year botnet behind Anyproxy and 5socks cybercriminals services and arrested four suspects.

Security Affairs

11.05.2025

Ascension reveals personal data of 437,329 patients exposed in cyberattack

A data breach at Ascension, caused by a former partner's compromise, exposed the health information of over 430,000 patients.

Security Affairs

10.05.2025

Russia-linked ColdRiver used LostKeys malware in recent attacks

Since early 2025, Russia-linked ColdRiver has used LostKeys malware to steal files in espionage attacks on Western governments and orgs.

Security Affairs

10.05.2025

Cybercriminal services target end-of-life routers, FBI warns

The FBI warns that attackers are using end-of-life routers to deploy malware and turn them into proxies sold on 5Socks and Anyproxy networks.

Security Affairs

10.05.2025

A cyber attack briefly disrupted South African Airways operations

A cyberattack briefly disrupted South African Airways' website, app, and systems, but core flight operations remained unaffected.

Security Affairs

09.05.2025

The LockBit ransomware site was breached, database dump was leaked online

Lockbit ransomware group has been compromised, attackers stole and leaked data contained in the backend panel of their dark web site.

Security Affairs

09.05.2025

Cisco fixed a critical flaw in its IOS XE Wireless Controller

Cisco addressed a flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files.

Security Affairs

09.05.2025

SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code

SonicWall addressed three SMA 100 flaws, including a potential zero-day, that could allow remote code execution if chained.

Security Affairs

08.05.2025

Polish authorities arrested 4 people behind DDoS-for-hire platforms

Polish police arrested 4 people behind DDoS-for-hire platforms used in global attacks, offering takedowns for as little as €10.

Security Affairs

08.05.2025

Canary Exploit tool allows to find servers affected by Apache Parquet flaw

F5 Labs researchers released a PoC tool to find servers vulnerable to the Apache Parquet vulnerability CVE-2025-30065.

Security Affairs

08.05.2025

Unsophisticated cyber actors are targeting the U.S. Energy sector

CISA, FBI, EPA, and DoE warn of attacks on the U.S. Energy sector carried out by unsophisticated cyber actors targeting ICS/SCADA systems.

Security Affairs

08.05.2025

NSO Group must pay WhatsApp over $167M in damages for attacks on its users

NSO Group must pay WhatsApp over $167M in damages for a 2019 hack targeting 1,400+ users, per U.S. jury ruling after a five-year legal battle.

Security Affairs

08.05.2025

U.S. CISA adds GoVision device flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds GoVision device flaws to its Known Exploited Vulnerabilities catalog.

Security Affairs

08.05.2025

Play ransomware affiliate leveraged zero-day to deploy malware

The Play ransomware gang exploited a high-severity Windows Common Log File System flaw in zero-day attacks to deploy malware.

Security Affairs

07.05.2025

U.S. CISA adds FreeType flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds FreeType flaw to its Known Exploited Vulnerabilities catalog.

Security Affairs

07.05.2025

New 'Bring Your Own Installer (BYOI)' technique allows to bypass EDR

New BYOI technique lets attackers bypass SentinelOne EDR,disable protection, and deploy Babuk ransomware by exploiting agent upgrade process

Security Affairs

07.05.2025

Google fixed actively exploited Android flaw CVE-2025-27363

Google addressed 46 Android security vulnerabilities, including one issue that has been exploited in attacks in the wild.

Security Affairs

07.05.2025

Samsung MagicINFO flaw exploited days after PoC publication

Threat actors began exploiting a Samsung MagicINFO vulnerability just days after PoC code was published, warns Arctic Wolf researchers.

Security Affairs

07.05.2025

Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324

Threat actors launch second wave of attacks on SAP NetWeaver, exploiting webshells from a recent zero-day vulnerability.

Security Affairs

07.05.2025

U.S. CISA adds Langflow flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Langflow flaw to its Known Exploited Vulnerabilities catalog.

Security Affairs

06.05.2025

Smishing on a Massive Scale: ‘Panda Shop’ Chinese Carding Syndicate - Security Affairs

Resecurity found a new smishing kit called 'Panda Shop,' mimicking Smishing Triad tactics with improved features and new templates.

Security Affairs

06.05.2025

Kelly Benefits December data breach impacted over 400,000 individuals

Kelly Benefits has determined that the impact of the recently disclosed data breach is much bigger than initially believed.

Security Affairs

06.05.2025

Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks

MintsLoader is a malware loader delivering the GhostWeaver RAT via a multi-stage chain using obfuscated JavaScript and PowerShell.

Security Affairs

06.05.2025

A hacker stole data from TeleMessage, the firm that sells modified versions of Signal to the U.S. gov

A hacker stole data from TeleMessage, exposing messages from its modified Signal, WhatsApp, and other apps sold to the U.S. government.

Security Affairs

05.05.2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 44

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Security Affairs

05.05.2025

US authorities have indicted Black Kingdom ransomware admin

A 36-year-old Yemeni man behind Black Kingdom ransomware is indicted in the U.S. for 1,500 attacks on Microsoft Exchange servers.

Security Affairs

05.05.2025

Malicious Go Modules designed to wipe Linux systems

Researchers found 3 malicious Go modules with hidden code that can download payloads to wipe a Linux system's main disk, making it unbootable.

Security Affairs

05.05.2025

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Supply chain attack via 21 backdoored Magento extensions hit 500–1,000 e-stores, including a $40B multinational.

Security Affairs

05.05.2025

Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free.

Security Affairs

04.05.2025

DragonForce group claims the theft of data after Co-op cyberattack

Hackers claim Co-op cyberattack is worse than admitted, with major customer and employee data stolen, and provide proof to the BBC.

Security Affairs

04.05.2025

U.S. CISA adds Yii Framework and Commvault Command Center flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Yii Framework and Commvault Command Center flaws to its Known Exploited Vulnerabilities catalog.

Security Affairs

04.05.2025

Rhysida Ransomware gang claims the hack of the Government of Peru

Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State

Security Affairs

03.05.2025

Microsoft sets all new accounts passwordless by default

Microsoft announced that all new accounts will be "passwordless by default" to increase their level of security.

Security Affairs

03.05.2025

Luxury department store Harrods suffered a cyberattack

Harrods confirmed a cyberattack, following similar incidents suffered by M&S and Co-op, making it the third major UK retailer hit in one week

Security Affairs

03.05.2025

Ireland's DPC fined TikTok €530M for sending EU user data to China

Ireland's Data Protection Commission (DPC) fined TikTok €530M for violating data rules by sending European user data to China.

Security Affairs

02.05.2025

U.S. CISA adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog.

Security Affairs

02.05.2025

Pro-Russia hacktivist group NoName057(16) is targeting Dutch organizations

Pro-Russia hacktivist group NoName057(16) is targeting Dutch organizations with large-scale DDoS attacks, NCSC warns.

Security Affairs

02.05.2025

FBI shared a list of phishing domains associated with the LabHost PhaaS platform

FBI shared 42K phishing domains tied to LabHost, a PhaaS platform shut down in April 2024, to boost awareness and help identify compromises.

Security Affairs

02.05.2025

Canadian electric utility Nova Scotia Power and parent company Emera suffered a cyberattack

Canadian electric utility Nova Scotia Power and parent company Emera are facing a cyberattack that disrupted their IT systems and networks.

Security Affairs

01.05.2025

Two SonicWall SMA100 flaws actively exploited in the wild

SonicWall confirmed that threat actors actively exploited two vulnerabilities impacting its SMA100 Secure Mobile Access (SMA) appliances.

home›Security Affairs›Software

Security Affairs - Software

Operation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals services

Ascension reveals personal data of 437,329 patients exposed in cyberattack

Russia-linked ColdRiver used LostKeys malware in recent attacks

Cybercriminal services target end-of-life routers, FBI warns

A cyber attack briefly disrupted South African Airways operations

The LockBit ransomware site was breached, database dump was leaked online

Cisco fixed a critical flaw in its IOS XE Wireless Controller

SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code

Polish authorities arrested 4 people behind DDoS-for-hire platforms

Canary Exploit tool allows to find servers affected by Apache Parquet flaw

Unsophisticated cyber actors are targeting the U.S. Energy sector

NSO Group must pay WhatsApp over $167M in damages for attacks on its users

U.S. CISA adds GoVision device flaws to its Known Exploited Vulnerabilities catalog

Play ransomware affiliate leveraged zero-day to deploy malware

U.S. CISA adds FreeType flaw to its Known Exploited Vulnerabilities catalog

New 'Bring Your Own Installer (BYOI)' technique allows to bypass EDR

Google fixed actively exploited Android flaw CVE-2025-27363

Samsung MagicINFO flaw exploited days after PoC publication

Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324

U.S. CISA adds Langflow flaw to its Known Exploited Vulnerabilities catalog

Smishing on a Massive Scale: ‘Panda Shop’ Chinese Carding Syndicate - Security Affairs

Kelly Benefits December data breach impacted over 400,000 individuals

Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks

A hacker stole data from TeleMessage, the firm that sells modified versions of Signal to the U.S. gov

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 44

US authorities have indicted Black Kingdom ransomware admin

Malicious Go Modules designed to wipe Linux systems

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION

DragonForce group claims the theft of data after Co-op cyberattack

U.S. CISA adds Yii Framework and Commvault Command Center flaws to its Known Exploited Vulnerabilities catalog

Rhysida Ransomware gang claims the hack of the Government of Peru

Microsoft sets all new accounts passwordless by default

Luxury department store Harrods suffered a cyberattack

Ireland's DPC fined TikTok €530M for sending EU user data to China

U.S. CISA adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog

Pro-Russia hacktivist group NoName057(16) is targeting Dutch organizations

FBI shared a list of phishing domains associated with the LabHost PhaaS platform

Canadian electric utility Nova Scotia Power and parent company Emera suffered a cyberattack

Two SonicWall SMA100 flaws actively exploited in the wild

home
›
Security Affairs
›
Software