News

Breaking News

Entertainment

Movies & Series

Music

Science & Technology

Sport

Business & Money

Education & Personal Development

Life

Culture & Art

Hobbies

News

Entertainment

Science & Technology

Sport

Business & Money

Education & Personal Development

Life

Culture & Art

Hobbies

home
›
Security Affairs
›
Software

Security Affairs - Software

8 | Follower

Security Affairs

04.09.2025

Google addressed two Android flaws actively exploited in targeted attacks

Google addressed 120 Android vulnerabilities in September 2025, including two flaws actively exploited in targeted attacks.

Security Affairs

04.09.2025

Android droppers evolved into versatile tools to spread malware

Android droppers now spread banking trojans, SMS stealers, and spyware, disguised as government or banking apps in India and Asia.

Security Affairs

04.09.2025

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog.

Security Affairs

04.09.2025

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N vulnerabilities to its Known Exploited Vulnerabilities catalog.

Security Affairs

04.09.2025

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities

Threat actors abuse HexStrike AI, a new offensive security tool meant for red teaming and bug bounties, to exploit fresh vulnerabilities.

Security Affairs

03.09.2025

Palo Alto Networks disclose a data breach linked to Salesloft Drift incident

Palo Alto Networks hit by Drift-linked supply-chain attack, exposing Salesforce customer data and support cases via stolen OAuth tokens.

Security Affairs

03.09.2025

Jaguar Land Rover shuts down systems after cyberattack

Jaguar Land Rover shut down systems after a cyberattack, disrupting production and retail, but says customer data likely remains safe.

Security Affairs

03.09.2025

Cloudflare blocked a record 11.5 Tbps DDoS attack

Cloudflare blocked a record 11.5 Tbps DDoS attack, a UDP flood from Google Cloud, part of weeks-long assault waves.

Security Affairs

02.09.2025

North Korea’s APT37 deploys RokRAT in new phishing campaign against academics

ScarCruft (APT37) launches Operation HanKook Phantom, a phishing campaign using RokRAT to target academics, ex-officials, and researchers.

Security Affairs

02.09.2025

Supply-chain attack hits Zscaler via Salesloft Drift, leaking customer info

Zscaler breach tied to Salesloft Drift attack exposed Salesforce data, leaking customer info and support case details in a supply-chain compromise.

Security Affairs

02.09.2025

Von der Leyen’s plane hit by suspected Russian GPS Jamming in Bulgaria, landed Safely

Von der Leyen’s plane faced suspected Russian GPS jamming in Bulgaria, but the EU chief landed safely, says European Commission.

Security Affairs

02.09.2025

Amazon blocks APT29 campaign targeting Microsoft device code authentication

Amazon stopped a Russia-linked APT29 watering hole attack that hijacked Microsoft device code authentication via compromised sites.

Security Affairs

02.09.2025

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 60

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Security Affairs

02.09.2025

Security Affairs newsletter Round 539 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter is out! Every week, the best security articles from Security Affairs in your email box

Security Affairs

02.09.2025

Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships

Lab Dookhtegan hacking group allegedly disrupted communications of 60 Iranian ships run by sanctioned firms NITC and IRISL.

Security Affairs

02.09.2025

Crooks exploit Meta malvertising to target Android users with Brokewell

Cybercriminals spread Brokewell via fake TradingView Premium ads on Meta, stealing crypto and data with remote control since July 2024.

Security Affairs

02.09.2025

Fraudster stole over $1.5 million from city of Baltimore

Scammer stole $1.5M from Baltimore by posing as a vendor and tricking staff into changing bank account details.

Security Affairs

02.09.2025

New zero-click exploit allegedly used to hack WhatsApp users

WhatsApp warns users targeted by advanced spyware, sending threat notifications to affected individuals from the past 90 days.

Security Affairs

28.08.2025

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog.

Security Affairs

28.08.2025

ESET warns of PromptLock, the first AI-driven ransomware

ESET found PromptLock, the first AI-driven ransomware, using OpenAI’s gpt-oss:20b via Ollama to generate and run malicious Lua scripts.

Security Affairs

28.08.2025

Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775

Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation.

Security Affairs

28.08.2025

Healthcare Services Group discloses 2024 data breach that impacted 624,496 people

Healthcare Services Group suffered a 2024 breach, exposing personal data of 624,000+ people. Affected individuals are now being notified.

Security Affairs

27.08.2025

U.S. CISA adds Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Citrix Session Recording, and Git vulnerabilities to its Known Exploited Vulnerabilities catalog.

Security Affairs

27.08.2025

China linked Silk Typhoon targeted diplomats by hijacking web traffic

The China-linked APT group Silk Typhoon targeted diplomats by hijacking web traffic to redirect it to websites that delivered malware.

Security Affairs

27.08.2025

Auchan discloses data breach: data of hundreds of thousands of customers exposed

French retailer Auchan suffered a data breach impacting hundreds of thousands of customers, with personal information stolen.

Security Affairs

27.08.2025

Citrix fixed three NetScaler flaws, one of them actively exploited in the wild

Citrix addressed three vulnerabilities in NetScaler ADC and NetScaler Gateway, including one that has been actively exploited in the wild.

Security Affairs

27.08.2025

Farmers Insurance discloses a data breach impacting 1.1M customers

Farmers Insurance suffered a breach tied to Salesforce attacks, exposing data of 1.1M customers across its nationwide insurance network.

Security Affairs

26.08.2025

Malicious apps with +19M installs removed from Google Play because spreading Anatsa banking trojan and other malware

Experts found 77 malicious Android apps with 19M+ installs on Google Play, spreading malware, including the Anatsa (TeaBot) banking trojan.

Security Affairs

26.08.2025

Docker fixes critical Desktop flaw allowing container escapes

Docker fixed a critical flaw in Docker Desktop app for Windows and macOS that could potentially allow to escape the confines of a container

Security Affairs

25.08.2025

Over 300 entities hit by a variant of Atomic macOS Stealer in recent campaign

Over 300 entities hit by the Atomic macOS Stealer via malvertising campaign between June and August, CrowdStrike warns.

Security Affairs

25.08.2025

Operation Serengeti 2.0: INTERPOL nabs 1,209 cybercriminals in Africa, seizes $97M

INTERPOL arrested 1,209 cybercriminals in 18 African nations seizing $97.4M, and dismantling 11,432 malicious infrastructures.

Security Affairs

25.08.2025

Android.Backdoor.916.origin malware targets Russian business executives

New spyware Android.Backdoor.916.origin is disguised as an antivirus linked to Russia’s FSB, and targets business executives.

Security Affairs

25.08.2025

Pakistan-linked APT36 abuses Linux .desktop files to drop custom malware in new campaign

APT36 uses Linux .desktop files in new attacks on Indian gov & defense, aiming for data theft and persistent espionage access.

Security Affairs

25.08.2025

China-linked Silk Typhoon APT targets North America

China-linked Silk Typhoon APT group ramp up North America attacks, exploiting n-day and zero-day flaws for system access, CrowdStrike warns.

Security Affairs

25.08.2025

security-affairs-malware-newsletter-round-59

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Security Affairs

25.08.2025

Security Affairs newsletter Round 538 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter is out! Every week, the best security articles from Security Affairs in your email box

Security Affairs

25.08.2025

DaVita confirms ransomware attack compromised data of 2.7M people

Kidney dialysis firm DaVita confirms ransomware breach exposed personal and health data of nearly 2.7M individuals.

Security Affairs

25.08.2025

Electronics manufacturer Data I/O took offline operational systems following a ransomware attack

Electronics manufacturer Data I/O reports a ransomware attack to SEC, the company was forced to take offline operational systems.

Security Affairs

25.08.2025

IoT under siege: The return of the Mirai-based Gayfemboy Botnet

Mirai-based Gayfemboy botnet resurfaces, evolving to target systems worldwide; Fortinet researchers provided details about the new campaign,

Security Affairs

12.08.2025

Chrome sandbox escape nets security researcher $250,000 reward

Researcher earns Google Chrome ’s top $250K bounty for a sandbox escape vulnerability enabling remote code execution.

home›Security Affairs›Software

Security Affairs - Software

Google addressed two Android flaws actively exploited in targeted attacks

Android droppers evolved into versatile tools to spread malware

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities

Palo Alto Networks disclose a data breach linked to Salesloft Drift incident

Jaguar Land Rover shuts down systems after cyberattack

Cloudflare blocked a record 11.5 Tbps DDoS attack

North Korea’s APT37 deploys RokRAT in new phishing campaign against academics

Supply-chain attack hits Zscaler via Salesloft Drift, leaking customer info

Von der Leyen’s plane hit by suspected Russian GPS Jamming in Bulgaria, landed Safely

Amazon blocks APT29 campaign targeting Microsoft device code authentication

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 60

Security Affairs newsletter Round 539 by Pierluigi Paganini – INTERNATIONAL EDITION

Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships

Crooks exploit Meta malvertising to target Android users with Brokewell

Fraudster stole over $1.5 million from city of Baltimore

New zero-click exploit allegedly used to hack WhatsApp users

U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog

ESET warns of PromptLock, the first AI-driven ransomware

Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775

Healthcare Services Group discloses 2024 data breach that impacted 624,496 people

U.S. CISA adds Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities catalog

China linked Silk Typhoon targeted diplomats by hijacking web traffic

Auchan discloses data breach: data of hundreds of thousands of customers exposed

Citrix fixed three NetScaler flaws, one of them actively exploited in the wild

Farmers Insurance discloses a data breach impacting 1.1M customers

Malicious apps with +19M installs removed from Google Play because spreading Anatsa banking trojan and other malware

Docker fixes critical Desktop flaw allowing container escapes

Over 300 entities hit by a variant of Atomic macOS Stealer in recent campaign

Operation Serengeti 2.0: INTERPOL nabs 1,209 cybercriminals in Africa, seizes $97M

Android.Backdoor.916.origin malware targets Russian business executives

Pakistan-linked APT36 abuses Linux .desktop files to drop custom malware in new campaign

China-linked Silk Typhoon APT targets North America

security-affairs-malware-newsletter-round-59

Security Affairs newsletter Round 538 by Pierluigi Paganini – INTERNATIONAL EDITION

DaVita confirms ransomware attack compromised data of 2.7M people

Electronics manufacturer Data I/O took offline operational systems following a ransomware attack

IoT under siege: The return of the Mirai-based Gayfemboy Botnet

Chrome sandbox escape nets security researcher $250,000 reward

home
›
Security Affairs
›
Software