News
Entertainment
Science & Technology
Sport
Business & Money
Life
Culture & Art
Hobbies
8 | Follower
Security Affairs
27.06.2025
British national Kai West, aka IntelBroker, was charged in the U.S. for a global hacking scheme that stole and sold data.
Iran-linked APT42 targets Israeli experts with phishing attacks, posing as security professionals to steal email credentials and 2FA codes.
Cisco released patches to fix two critical vulnerabilities in Cisco ISE and ISE-PIC that could let remote attackers execute to code as root
26.06.2025
U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog.
Hackers spread a trojanized version of SonicWall VPN app to steal login credentials from users accessing corporate networks.
New Citrix flaw 'CitrixBleed 2' lets attackers steal session cookies without logging in, echoing a previously exploited vulnerability.
Cybersecurity researchers devised two attack techniques to disrupt the operations of cryptocurrency mining botnets.
Mainline Health Systems disclosed a data breach that impacted +100,000 individuals. Inc Ransom group claimed responsibility for the attack
25.06.2025
Prometei botnet activity has surged since March 2025, with a new malware variant spreading rapidly, Palo Alto Networks reports.
The U.S. House banned WhatsApp on official devices over security concerns, citing risks flagged by the Chief Administrative Officer.
Russia-linked group APT28 uses Signal chats as an attack vector to phish Ukrainian officials with new malware strains.
24.06.2025
American steel giant Nucor confirms hackers stole data in a May cyberattack, following its earlier disclosure of the incident.
U.S. warns of cyberattacks by pro-Iranian groups after launching airstrikes on Iran’s nuclear sites amid the Iran –Israel war.
Cyber Fattah leaked thousands of records on athletes and visitors from past Saudi Games, per U.S.-based cybersecurity firm Resecurity.
UK's CMC labels Marks & Spencer and Co-op cyberattack a Category 2 event, estimating financial impact at £270M–£440M.
The ransomware attack that hit McLaren Health Care in 2024 exposed the personal data of 743,000 individuals.
Canada and FBI warn of China-linked APT Salt Typhoon targeting Canadian telecom firms in ongoing cyber espionage operations.
23.06.2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.
Qilin ransomware gang now offers a "Call Lawyer" feature to help affiliates pressure victims into paying, per Cybereason.
22.06.2025
Iran confirmed Internet shutdown to counter Israeli cyberattacks,citing threats to critical infrastructure, interference with drone control
21.06.2025
Godfather Android trojan uses virtualization to hijack banking and crypto apps, stealing user funds, warns mobile security firm Zimperium.
Cloudflare blocked a record 7.3 Tbps DDoS attack in May 2025, +12% than its previous peak and 1 Tbps greater than attack reported by Krebs
Two local privilege escalation flaws could let attackers gain root access on systems running major Linux distributions.
20.06.2025
A cyberattack pushed the German napkin firm Fasana into insolvency, worsening existing financial troubles and serving as the final blow
Researchers discovered the largest data breach ever, exposing 16 billion login credentials, likely due to multiple infostealers.
Iran experienced a near-total internet blackout on Wednesday as tensions with Israel escalated into the first week of conflict.
China-linked APT Typhoon has reportedly targeted satellite firm Viasat, the group has breached multiple telecom providers in the past.
Java-based malware targets Minecraft users via fake cheat tools, utilizing the Stargazers Ghost Network distribution-as-a-service (DaaS).
19.06.2025
Attackers exploit CVE-2025-3248 in Langflow servers to deliver Flodrix botnet via downloader scripts, Trend Research reports.
Data breach at Healthcare services company Episource exposes personal and health data of over 5.4 million people in major cyberattack.
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel vulnerability to its Known Exploited Vulnerabilities catalog.
Veeam addressed a new critical flaw in Backup & Replication product that could potentially result in remote code execution.
18.06.2025
GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices.
U.S. CISA adds Apple products, and TP-Link routers vulnerabilities to its Known Exploited Vulnerabilities catalog.
17.06.2025
Zoomcar disclosed a data breach impacting 8.4M users after attackers compromised its systems and contacted the company staff.
Europol shut down Archetyp Market, a major dark web drug marketplace, in a global operation with arrests and takedowns.
State-sponsored hackers compromised the email accounts of several journalists working at the Washington Post.
Insik Group analyzed the new Predator spyware infrastructure and discovered it's still gaining users despite U.S. sanctions since July 2023.
Anubis RaaS now includes a wiper module, permanently deleting files. Active since Dec 2024, it launched an affiliate program in Feb 2025.