News
Entertainment
Science & Technology
Sport
Business & Money
Life
Culture & Art
Hobbies
8 | Follower
Security Affairs
04.09.2025
Google addressed 120 Android vulnerabilities in September 2025, including two flaws actively exploited in targeted attacks.
Android droppers now spread banking trojans, SMS stealers, and spyware, disguised as government or banking apps in India and Asia.
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog.
U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N vulnerabilities to its Known Exploited Vulnerabilities catalog.
Threat actors abuse HexStrike AI, a new offensive security tool meant for red teaming and bug bounties, to exploit fresh vulnerabilities.
03.09.2025
Palo Alto Networks hit by Drift-linked supply-chain attack, exposing Salesforce customer data and support cases via stolen OAuth tokens.
Jaguar Land Rover shut down systems after a cyberattack, disrupting production and retail, but says customer data likely remains safe.
Cloudflare blocked a record 11.5 Tbps DDoS attack, a UDP flood from Google Cloud, part of weeks-long assault waves.
02.09.2025
ScarCruft (APT37) launches Operation HanKook Phantom, a phishing campaign using RokRAT to target academics, ex-officials, and researchers.
Zscaler breach tied to Salesloft Drift attack exposed Salesforce data, leaking customer info and support case details in a supply-chain compromise.
Von der Leyen’s plane faced suspected Russian GPS jamming in Bulgaria, but the EU chief landed safely, says European Commission.
Amazon stopped a Russia-linked APT29 watering hole attack that hijacked Microsoft device code authentication via compromised sites.
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape
A new round of the weekly Security Affairs newsletter is out! Every week, the best security articles from Security Affairs in your email box
Lab Dookhtegan hacking group allegedly disrupted communications of 60 Iranian ships run by sanctioned firms NITC and IRISL.
Cybercriminals spread Brokewell via fake TradingView Premium ads on Meta, stealing crypto and data with remote control since July 2024.
Scammer stole $1.5M from Baltimore by posing as a vendor and tricking staff into changing bank account details.
WhatsApp warns users targeted by advanced spyware, sending threat notifications to affected individuals from the past 90 days.
28.08.2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog.
ESET found PromptLock, the first AI-driven ransomware, using OpenAI’s gpt-oss:20b via Ollama to generate and run malicious Lua scripts.
Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation.
Healthcare Services Group suffered a 2024 breach, exposing personal data of 624,000+ people. Affected individuals are now being notified.
27.08.2025
U.S. CISA adds Citrix Session Recording, and Git vulnerabilities to its Known Exploited Vulnerabilities catalog.
The China-linked APT group Silk Typhoon targeted diplomats by hijacking web traffic to redirect it to websites that delivered malware.
French retailer Auchan suffered a data breach impacting hundreds of thousands of customers, with personal information stolen.
Citrix addressed three vulnerabilities in NetScaler ADC and NetScaler Gateway, including one that has been actively exploited in the wild.
Farmers Insurance suffered a breach tied to Salesforce attacks, exposing data of 1.1M customers across its nationwide insurance network.
26.08.2025
Experts found 77 malicious Android apps with 19M+ installs on Google Play, spreading malware, including the Anatsa (TeaBot) banking trojan.
Docker fixed a critical flaw in Docker Desktop app for Windows and macOS that could potentially allow to escape the confines of a container
25.08.2025
Over 300 entities hit by the Atomic macOS Stealer via malvertising campaign between June and August, CrowdStrike warns.
INTERPOL arrested 1,209 cybercriminals in 18 African nations seizing $97.4M, and dismantling 11,432 malicious infrastructures.
New spyware Android.Backdoor.916.origin is disguised as an antivirus linked to Russia’s FSB, and targets business executives.
APT36 uses Linux .desktop files in new attacks on Indian gov & defense, aiming for data theft and persistent espionage access.
China-linked Silk Typhoon APT group ramp up North America attacks, exploiting n-day and zero-day flaws for system access, CrowdStrike warns.
Kidney dialysis firm DaVita confirms ransomware breach exposed personal and health data of nearly 2.7M individuals.
Electronics manufacturer Data I/O reports a ransomware attack to SEC, the company was forced to take offline operational systems.
Mirai-based Gayfemboy botnet resurfaces, evolving to target systems worldwide; Fortinet researchers provided details about the new campaign,
12.08.2025
Researcher earns Google Chrome ’s top $250K bounty for a sandbox escape vulnerability enabling remote code execution.