News

Breaking News

Entertainment

Movies & Series

Music

Science & Technology

Sport

Business & Money

Education & Personal Development

Life

Culture & Art

Hobbies

News

Entertainment

Science & Technology

Sport

Business & Money

Education & Personal Development

Life

Culture & Art

Hobbies

home
›
Security Affairs
›
Software

Security Affairs - Software

8 | Follower

Security Affairs

15.09.2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Security Affairs

15.09.2025

INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

Panama’s Ministry of Economy and Finance disclosed a security breach impacting a computer in its infrastructure.

Security Affairs

15.09.2025

Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter is out! Every week, the best security articles from Security Affairs in your email box

Security Affairs

15.09.2025

UK ICO finds students behind majority of school data breaches

UK ICO reports students caused over half of school data breaches, showing kids are shaping cybersecurity in unexpected ways.

Security Affairs

15.09.2025

ShinyHunters Attack National Credit Information Center of Vietnam

Vietnam’s CIC was hit by a ShinyHunters cyberattack, with VNCERT confirming signs of unauthorized access to steal personal data.

Security Affairs

14.09.2025

FBI Warns of Salesforce attacks by UNC6040 and UNC6395

The U.S. FBI issued a flash alert to warn of malicious activities carried out by two cybercriminal groups tracked as UNC6040 and UNC6395.

Security Affairs

14.09.2025

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

HybridPetya ransomware bypasses UEFI Secure Boot to infect EFI partitions, echoing the infamous Petya/NotPetya attacks of 2016–2017.

Security Affairs

13.09.2025

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

Cisco addressed multiple high-severity IOS XR vulnerabilities that can allow ISO image verification bypass and trigger DoS conditions.

Security Affairs

13.09.2025

UK train operator LNER (London North Eastern Railway) discloses a data breach

LNER warns of a data breach via a third-party supplier, exposing customer contact details and other personal information.

Security Affairs

13.09.2025

Samsung fixed actively exploited zero-day

Samsung fixed the remote code execution flaw CVE-2025-21043 that was exploited in zero-day attacks against Android devices.

Security Affairs

12.09.2025

Kosovo man pleads guilty to running online criminal marketplace BlackDB

Kosovo man Liridon Masurica pleaded guilty to running the cybercrime marketplace BlackDB. He was arrested in 2024.

Security Affairs

12.09.2025

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Dassault Systèmes DELMIA Apriso vulnerability to its Known Exploited Vulnerabilities catalog.

Security Affairs

12.09.2025

Apple issues spyware warnings as CERT-FR confirms attacks

Apple warned users of a spyware campaign; France’s cyber agency confirmed targeted iCloud-linked devices may be compromised.

Security Affairs

12.09.2025

Google fixes critical Chrome flaw, researcher earns $43K

Google addressed a critical use-after-free vulnerability in its Chrome browser that could potentially lead to code execution.

Security Affairs

12.09.2025

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

Researchers warn that Akira ransomware group is exploiting a year-old SonicWall firewall flaw, likely using 3 attack vectors

Security Affairs

12.09.2025

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

Hackers exploit ConnectWise ScreenConnect to drop AsyncRAT via scripted loaders, stealing data and persisting with a fake Skype updater.

Security Affairs

11.09.2025

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

Pixel 10 adds C2PA to camera and Photos, helping users verify authenticity and spot AI-generated or altered images.

Security Affairs

11.09.2025

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

Adobe fixed a critical flaw in its Commerce and Magento Open Source platforms that allows an attacker to take over customer accounts.

Security Affairs

11.09.2025

Jaguar Land Rover discloses a data breach after recent cyberattack

Jaguar Land Rover confirms a cyberattack caused factory disruptions and led to a data breach, compromising sensitive information.

Security Affairs

10.09.2025

KillSec Ransomware is Attacking Healthcare Institutions in Brazil - Security Affairs

KillSec Ransomware claimed responsibility for an attack on MedicSolution, a software solutions provider for the healthcare industry in Brazil

Security Affairs

10.09.2025

Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

Microsoft Patch Tuesday security updates for September 2025 fixed 80 vulnerabilities, including two publicly disclosed zero-day flaws.

Security Affairs

10.09.2025

SAP September 2025 Patch Day fixed 4 critical flaws

SAP issues 21 new and 4 updated security notes, fixing critical NetWeaver flaws enabling RCE and privilege escalation.

Security Affairs

10.09.2025

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

Multiple popular npm packages were compromised in a supply chain attack after a maintainer fell for a phishing attack.

Security Affairs

09.09.2025

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

Venezuela’s President Maduro shows Huawei Mate X6 gift from China's President Xi Jinping, hailing it as “unhackable” by U.S. spies.

Security Affairs

09.09.2025

LunaLock Ransomware threatens victims by feeding stolen data to AI models

LunaLock, a new ransomware gang, introduced a unique cyber extortion technique, threatening to turn stolen art into AI training data.

Security Affairs

09.09.2025

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

Hackers breached Salesloft ’s GitHub in March, stole tokens, and used them in a mass attack on several major tech customers.

Security Affairs

09.09.2025

Canadian investment platform Wealthsimple disclosed a data breach

Wealthsimple reported a data breach affecting some customers due to a supply chain attack via a third-party software package.

Security Affairs

08.09.2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Security Affairs

08.09.2025

Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter is out! Every week, the best security articles from Security Affairs in your email box

Security Affairs

08.09.2025

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

Czech's NUKIB warns of Chinese cyber threats to critical infrastructure, citing the cyberespionage group APT31 and risky devices.

Security Affairs

07.09.2025

Qantas cuts executive bonuses by 15% after a July data breach

Qantas cut executive bonuses by 15% after a July cyberattack exposed data of 5.7M people, despite reporting $1.5B profit last fiscal year.

Security Affairs

07.09.2025

MeetC2 - A serverless C2 framework that leverages Google Calendar APIs as a communication channel

MeetC2 is a PoC C2 tool using Google Calendar to mimic cloud abuse, helping teams test detection, logging, and response.

Security Affairs

06.09.2025

SVG files used in hidden malware campaign impersonating Colombian authorities

VirusTotal uncovered an undetected malware campaign using SVG files that impersonated the Colombian justice system.

Security Affairs

06.09.2025

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Sitecore, Android, and Linux vulnerabilities to its Known Exploited Vulnerabilities catalog.

Security Affairs

06.09.2025

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

Experts warn of an actively exploited vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), in SAP S/4HANA software.

Security Affairs

05.09.2025

Severe Hikvision HikCentral product flaws: What You Need to Know

Hikvision HikCentral flaw allows unauthenticated users to gain admin rights, risking full control over configs, logs, and critical monitoring.

Security Affairs

05.09.2025

France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules

France’s data watchdog fined Google $379M (€325 million) and Shein $175 million (€150 million) for breaching cookie rules.

Security Affairs

05.09.2025

$10M reward for Russia's FSB officers accused of hacking US Critical infrastructure

US offers $10M for Russian FSB officers accused of attacking US critical infrastructure and over 500 energy firms worldwide

Security Affairs

04.09.2025

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog.

Security Affairs

04.09.2025

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities

Threat actors abuse HexStrike AI, a new offensive security tool meant for red teaming and bug bounties, to exploit fresh vulnerabilities.

home›Security Affairs›Software

Security Affairs - Software

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

UK ICO finds students behind majority of school data breaches

ShinyHunters Attack National Credit Information Center of Vietnam

FBI Warns of Salesforce attacks by UNC6040 and UNC6395

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

UK train operator LNER (London North Eastern Railway) discloses a data breach

Samsung fixed actively exploited zero-day

Kosovo man pleads guilty to running online criminal marketplace BlackDB

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

Apple issues spyware warnings as CERT-FR confirms attacks

Google fixes critical Chrome flaw, researcher earns $43K

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

Jaguar Land Rover discloses a data breach after recent cyberattack

KillSec Ransomware is Attacking Healthcare Institutions in Brazil - Security Affairs

Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

SAP September 2025 Patch Day fixed 4 critical flaws

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

LunaLock Ransomware threatens victims by feeding stolen data to AI models

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

Canadian investment platform Wealthsimple disclosed a data breach

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61

Security Affairs newsletter Round 540 by Pierluigi Paganini – INTERNATIONAL EDITION

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

Qantas cuts executive bonuses by 15% after a July data breach

MeetC2 - A serverless C2 framework that leverages Google Calendar APIs as a communication channel

SVG files used in hidden malware campaign impersonating Colombian authorities

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

Severe Hikvision HikCentral product flaws: What You Need to Know

France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules

$10M reward for Russia's FSB officers accused of hacking US Critical infrastructure

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities

home
›
Security Affairs
›
Software