Security Affairs

FEBRUARY 9, 2025

US Justice Department says cybercrime forum allegedly affected 17 million Americans Cybercrime is increasingly complex.

Spyware 61

Spyware Cybercrime Scams Social Engineering 61

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 71

Cybercrime Artificial Intelligence Hacking VPN 71

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware 70

Spyware Data breaches DNS Artificial Intelligence 70

Security Affairs

MARCH 16, 2025

CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog GitLab addressed critical auth bypass flaws in CE and EE North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy Experts warn of a coordinated surge in the exploitation attempts of SSRF vulnerabilities Meta warns of actively exploited (..)

Spyware 73

Spyware Cybercrime Ransomware IoT 73

Security Affairs

FEBRUARY 2, 2025

ESXi Ransomware Attacks: Stealthy Persistence through SSH Tunneling MintsLoader: StealC and BOINC Delivery Cloud Ransomware Developments | The Risks of Customer-Managed Keys New TorNet backdoor seen in widespread campaign Active Exploitation: New Aquabot Variant Phones Home How we kept the Google Play & Android app ecosystems safe in 2024 Solana (..)

Malware 73

Malware Spyware Ransomware Hacking 73

Security Affairs

FEBRUARY 15, 2025

CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs Hacking Attackers exploit a new zero-day to hijack Fortinet firewalls Security OpenSSL patched high-severity flaw CVE-2024-12797 Progress Software fixed multiple high-severity (..)

Spyware 70

Spyware Firewall Artificial Intelligence Malware 70

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 127

Spyware Data breaches Hacking Ransomware 127

Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 72

Malware Spyware Government Mobile 72

Security Affairs

JANUARY 5, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 66

Malware Spyware Ransomware Hacking 66

Security Affairs

DECEMBER 29, 2024

CISA adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog U.S.

Spyware 59

Spyware IoT Malware Cybercrime 59

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 123

Data breaches Computers and Electronics Spyware Cybercrime 123

Security Affairs

JULY 28, 2024

Ukraine’s cyber operation shut down the ATM services of major Russian banks A bug in Chrome Password Manager caused user credentials to disappear BIND updates fix four high-severity DoS bugs in the DNS software suite Terrorist Activity is Accelerating in Cyberspace – Risk Precursor to Summer Olympics and Elections Progress Software fixed (..)

Spyware 123

Spyware Data breaches Cybercrime Banking 123

Security Affairs

FEBRUARY 23, 2025

CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog Juniper Networks fixed a critical flaw in Session Smart Routers China-linked APT group Winnti targets Japanese organizations since March 2024 Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers (..)

Scams 66

Scams Malware Encryption Phishing 66

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 125

Spyware Surveillance DDOS Identity Theft 125

Security Affairs

AUGUST 4, 2024

US sued TikTok and ByteDance for violating children’s privacy laws Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware Investors sued CrowdStrike over false claims about its Falcon platform Avtech camera vulnerability actively exploited in the wild, CISA warns Over 20,000 internet-exposed VMware ESXi instances (..)

Spyware 124

Spyware Phishing Malware Ransomware 124

Security Affairs

JULY 14, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 127

Malware Spyware Internet Internet 127

Security Affairs

MARCH 8, 2025

Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist Serbian student activists phone hacked using Cellebrite zero-day exploit Qilin ransomware gang claimed responsibility for the Lee Enterprises attack Meta fired 20 employees for leaking information, more firings expected International Press Newsletter Cybercrime U.S.

Data breaches 68

Data breaches Hacking Cybercrime Artificial Intelligence 68

Security Affairs

MARCH 24, 2024

surfaces in the threat landscape Pokemon Company resets some users’ passwords Ukraine cyber police arrested crooks selling 100 million compromised accounts New AcidPour wiper targets Linux x86 devices.

Malware 126

Malware Cybercrime Hacking Cyber threats 126

Security Affairs

SEPTEMBER 15, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 120

Malware Spyware Banking Ransomware 120

SecureList

NOVEMBER 14, 2023

In this article, we will review the past year’s trends to see which of our 2023 predictions have come true, and try to predict what is to come in 2024. This politician became the target of a previously undiscovered “zero-day” attack aimed at infecting his phone with spyware. The trend may evolve in various ways.

Hacking 140

Hacking Energy and Utilities Malware Media 140

Security Affairs

JULY 7, 2024

GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io

Data breaches 121

Data breaches Hacking Banking Spyware 121

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 128

Data breaches Social Engineering Hacking Malware 128

Security Affairs

JUNE 2, 2024

Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)

Data breaches 124

Data breaches VPN Cloud Migration Cybercrime 124

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches 131

Data breaches Ransomware Phishing Malware 131

Security Affairs

JANUARY 21, 2024

million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 Patch it now!

Artificial Intelligence 129

Artificial Intelligence Hacking Firewall VPN 129

Security Affairs

JULY 14, 2024

CISA adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog Evolve Bank data breach impacted over 7.6 million miles on U.S.

Data breaches 118

Data breaches VPN Malware Banking 118

SecureList

FEBRUARY 5, 2025

In late 2024, we discovered a new malware campaign we dubbed “SparkCat”, whose operators used similar tactics while attacking Android and iOS users through both official and unofficial app stores. This is the first known case of an app infected with OCR spyware being found in Apple’s official app marketplace.

Malware 142

Malware Encryption Mobile Cryptocurrency 142

Security Affairs

AUGUST 21, 2024

The Vermin group attempted to deploy two malicious codes in this campaign, the previously known Spectr spyware, and a new malware family dubbed Firmachagent. In June 2024, Ukraine CERT-UA warned of cyber attacks targeting defense forces with SPECTR malware as part of another cyber espionage campaign dubbed SickSync.

Malware 128

Malware Spyware Phishing Cyber threats 128

Security Affairs

APRIL 20, 2025

infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js

Data breaches 61

Data breaches Malware Phishing Hacking 61

Security Affairs

SEPTEMBER 1, 2024

CISA adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog Young Consulting data breach impacts 954,177 individuals BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085 US offers $2.5M reward for Belarusian man involved in mass malware distribution U.S.

Surveillance 120

Surveillance Malware Firewall Phishing 120

Security Affairs

NOVEMBER 11, 2023

Police seized BulletProftLink phishing-as-a-service (PhaaS) platform Serbian pleads guilty to running ‘Monopoly’ dark web drug market McLaren Health Care revealed that a data breach impacted 2.2 Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams How a ‘Refund Fraud’ Gang Stole $700,000 From Amazon Info from 5.6

DDOS 128

DDOS Data breaches Ransomware Marketing 128

Security Affairs

DECEMBER 15, 2024

CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox U.S.

Firewall 64

Firewall Spyware Surveillance Cybercrime 64

SecureList

JUNE 5, 2025

Additionally, law enforcement took down 27 servers linked to the cybercrime gang. Arrested in Israel last August, the suspect is accused of receiving more than $230,000 in cryptocurrency for his work with the group between June 2022 and February 2024. The original members of the Ferret family date back to late 2024. Gen family.

Mobile 90

Mobile Adware Ransomware IoT 90

SecureList

FEBRUARY 5, 2025

In late 2024, we discovered a new malware campaign we dubbed “SparkCat”, whose operators used similar tactics while attacking Android and iOS users through both official and unofficial app stores. This is the first known case of an app infected with OCR spyware being found in Apple’s official app marketplace.

Malware 136

Malware Encryption Mobile Cryptocurrency 136

Security Affairs

MARCH 23, 2025

International Press Newsletter Cybercrime Blockchain gaming platform WEMIX hacked to steal $6.1 million Babuk2 Ransomware: Extortion Attempts Based on False Claims Western Alliance Bank notifies 21,899 customers of data breach Cybercriminals Exploit Checkpoints Driver in a BYOVD Attack!

Spyware 64

Spyware Data breaches Cybercrime Banking 64

SecureWorld News

OCTOBER 31, 2024

Like vampires, malware strains can operate quietly, leeching data or encrypting files without warning, making ransomware and spyware infections incredibly haunting. Spooky fact : Sophos says the average ransom in 2024 is $2.73

IoT 120

IoT Phishing DDOS Backups 120

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S.

Spyware 130

Spyware Cyber Insurance Hacking Advertising 130