News

Breaking News

Entertainment

Movies & Series

Music

Science & Technology

Sport

Business & Money

Education & Personal Development

Life

Culture & Art

Hobbies

News

Entertainment

Science & Technology

Sport

Business & Money

Education & Personal Development

Life

Culture & Art

Hobbies

home
›
Security Affairs
›
Software

Security Affairs - Software

8 | Follower

Security Affairs

19.04.2025

Entertainment venue management firm Legends International disclosed a data breach

Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues.

Security Affairs

19.04.2025

U.S. CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

19.04.2025

ASUS routers with AiCloud vulnerable to auth bypass exploit

ASUS warns of an authentication bypass flaw in routers that could allow unauthorized execution of functions on the device

Security Affairs

18.04.2025

Entertainment venue management firm Legends International disclosed a data breach

Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues.

Security Affairs

18.04.2025

Node.js malvertising campaign targets crypto users

Microsoft warns of a malvertising campaign using Node.js to deliver malware via fake crypto trading sites like Binance and TradingView.

Security Affairs

18.04.2025

China-linked APT Mustang Panda upgrades tools in its arsenal

China-linked APT group Mustang Panda deployed a new custom backdoor, MQsTTang, in recent attacks targeting Europe, Asia, and Australia.

Security Affairs

17.04.2025

Cyber Threats Against Energy Sector Surge as Global Tensions Mount

Resecurity warns about the increase in targeted cyberattacks against enterprises in the energy sector worldwide.

Security Affairs

17.04.2025

Apple released emergency updates for actively exploited iOS, iPadOS and macOS flaws

Apple released emergency updates to fix iOS, iPadOS & macOS vulnerabilities actively exploited in sophisticated attacks.

Security Affairs

17.04.2025

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Cheap Chinese Android phones ship with trojanized WhatsApp and Telegram clones hiding crypto clippers, active since June 2024.

Security Affairs

17.04.2025

CISA's 11-Month Extension Ensures Continuity of MITRE's CVE Program

MITRE’s U.S.-funded CVE program, a core tool for tracking vulnerabilities, faces funding expiry Wednesday, risking to impact global security.

Security Affairs

17.04.2025

U.S. CISA adds SonicWall SMA100 Appliance flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds SonicWall SMA100 Appliance vulnerabilit to its Known Exploited Vulnerabilities catalog...............

Security Affairs

16.04.2025

Government contractor Conduent disclosed a data breach

Business services provider Conduent told the SEC a January cyberattack exposed personal data, including names and Social Security numbers.

Security Affairs

16.04.2025

Critical Apache Roller flaw allows to retain unauthorized access even after a password change

A critical flaw (CVE-2025-24859) in Apache Roller lets attackers keep access even after password changes. All versions ≤6.1.4 are affected

Security Affairs

16.04.2025

Meta will use public EU user data to train its AI models

Meta announced that it will use public EU user data to train AI, resuming plans paused last year over Irish data protection concerns.

Security Affairs

15.04.2025

Tycoon2FA phishing kit rolled out significant updates

The operators of the Phishing-as-a-Service platform Tycoon2FA have rolled out significant updates to enhance its evasion capabilities.

Security Affairs

15.04.2025

Malicious NPM packages target PayPal users

Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers.

Security Affairs

15.04.2025

New malware ‘ResolverRAT’ targets healthcare, pharmaceutical firms

New malware ‘ResolverRAT’ is targeting healthcare and pharmaceutical firms, using advanced capabilities to steal sensitive data.

Security Affairs

15.04.2025

Hertz disclosed a data breach following 2024 Cleo zero-day attack

Hertz disclosed a data breach after customer data was stolen via Cleo zero-day exploits in 2024, affecting Hertz, Thrifty, and Dollar brands

Security Affairs

15.04.2025

Gladinet flaw CVE-2025-30406 actively exploited in the wild

Huntress reports active exploitation of Gladinet CVE-2025-30406 in the wild, affecting seven organizations and 120 endpoints.

Security Affairs

14.04.2025

Security Affairs newsletter Round 519 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free.

Security Affairs

14.04.2025

South African telecom provider Cell C disclosed a data breach

Cell C, one of the biggest telecom providers in South Africa confirms a data breach following a 2024 cyberattack.

Security Affairs

14.04.2025

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 41

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Security Affairs

13.04.2025

Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns

Fortinet warns attackers can keep read-only access to FortiGate devices even after the original vulnerability is patched.

Security Affairs

13.04.2025

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

China admitted in a secret meeting with U.S. officials that it conducted Volt Typhoon cyberattacks on U.S. infrastructure, WSJ reports.

Security Affairs

13.04.2025

Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw

Threat actors are exploiting a vulnerability in the OttoKit WordPress plugin, a few hours after public disclosure.

Security Affairs

12.04.2025

Laboratory Services Cooperative data breach impacts 1.6M People

Laboratory Services Cooperative reports a data breach from October 2024 that exposed personal and medical info of 1.6 million individuals.

Security Affairs

12.04.2025

Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks

Experts warn of brute-force login attempts on PAN-OS GlobalProtect gateways following increased scanning activity on its devices

Security Affairs

11.04.2025

Gamaredon targeted the military mission of a Western country based in Ukraine

Gamaredon targeted a foreign military mission in Ukraine with updated GammaSteel malware on Feb 26, 2025, per Symantec.

Security Affairs

11.04.2025

An APT group exploited ESET flaw to execute malware

At least one APT group has exploited a vulnerability in ESET software to stealthily execute malware, bypassing security measures.

Security Affairs

11.04.2025

AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites

AkiraBot, a CAPTCHA-evading Python framework, spammed over 80K sites with AI-generated messages, targeting small and medium-sized businesses.

Security Affairs

11.04.2025

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Oracle confirmed a hacker stole credentials from two obsolete servers but said no Oracle Cloud systems or customer data were affected.

Security Affairs

11.04.2025

U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog.

Security Affairs

10.04.2025

Critical Fortinet FortiSwitch flaw allows remote attackers to change admin passwords

Fortinet addressed a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely.

Security Affairs

10.04.2025

U.S. CISA adds Gladinet CentreStack and ZTA Microsoft Windows CLFS Driver flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Gladinet CentreStack and ZTA Microsoft Windows CLFS Driver flaws to its Known Exploited Vulnerabilities catalog.

Security Affairs

10.04.2025

The US Treasury’s OCC disclosed an undetected major email breach for over a year

The US Office of the Comptroller of the Currency (OCC) disclosed a major email breach compromising 100 accounts, undetected for over a year.

Security Affairs

10.04.2025

National Social Security Fund of Morocco Suffers Data Breach

Threat actor 'Jabaroot' claims breach of National Social Security Fund of Morocco, aiming to steal large volumes of sensitive citizen data.

Security Affairs

09.04.2025

Everest ransomware group’s Tor leak site offline after a defacement

The Tor leak site of the Everest ransomware group went offline after being hacked and defaced over the weekend.

Security Affairs

09.04.2025

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

WhatsApp addressed a flaw, tracked as CVE-2025-30401, that could allow attackers to trick users and enable remote code execution.

Security Affairs

08.04.2025

Google fixed two actively exploited Android zero-days

Google addressed 62 vulnerabilities with the release of Android 's April 2025 security update, including two actively exploited zero-days.

Security Affairs

08.04.2025

U.S. CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog.

home›Security Affairs›Software

Security Affairs - Software

Entertainment venue management firm Legends International disclosed a data breach

U.S. CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog

ASUS routers with AiCloud vulnerable to auth bypass exploit

Entertainment venue management firm Legends International disclosed a data breach

Node.js malvertising campaign targets crypto users

China-linked APT Mustang Panda upgrades tools in its arsenal

Cyber Threats Against Energy Sector Surge as Global Tensions Mount

Apple released emergency updates for actively exploited iOS, iPadOS and macOS flaws

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

CISA's 11-Month Extension Ensures Continuity of MITRE's CVE Program

U.S. CISA adds SonicWall SMA100 Appliance flaw to its Known Exploited Vulnerabilities catalog

Government contractor Conduent disclosed a data breach

Critical Apache Roller flaw allows to retain unauthorized access even after a password change

Meta will use public EU user data to train its AI models

Tycoon2FA phishing kit rolled out significant updates

Malicious NPM packages target PayPal users

New malware ‘ResolverRAT’ targets healthcare, pharmaceutical firms

Hertz disclosed a data breach following 2024 Cleo zero-day attack

Gladinet flaw CVE-2025-30406 actively exploited in the wild

Security Affairs newsletter Round 519 by Pierluigi Paganini – INTERNATIONAL EDITION

South African telecom provider Cell C disclosed a data breach

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 41

Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw

Laboratory Services Cooperative data breach impacts 1.6M People

Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks

Gamaredon targeted the military mission of a Western country based in Ukraine

An APT group exploited ESET flaw to execute malware

AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

U.S. CISA adds Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

Critical Fortinet FortiSwitch flaw allows remote attackers to change admin passwords

U.S. CISA adds Gladinet CentreStack and ZTA Microsoft Windows CLFS Driver flaws to its Known Exploited Vulnerabilities catalog

The US Treasury’s OCC disclosed an undetected major email breach for over a year

National Social Security Fund of Morocco Suffers Data Breach

Everest ransomware group’s Tor leak site offline after a defacement

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Google fixed two actively exploited Android zero-days

U.S. CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog

home
›
Security Affairs
›
Software