Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 79

Malware Spyware Government Ransomware 79

Security Affairs

JUNE 29, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Ransomware Gangs Collapse as Qilin Seizes Control Dissecting a Python Ransomware distributed through GitHub repositories SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play (..)

Malware 95

Malware Spyware Cyber Attacks Technology 95

Security Affairs

JUNE 29, 2025

House banned WhatsApp on government devices due to security concerns Russia-linked APT28 use Signal chats to target Ukraine official with malware China-linked APT Salt Typhoon targets Canadian Telecom companies U.S.

Data breaches 65

Data breaches Ransomware Social Engineering Telecommunications 65

Security Affairs

JUNE 13, 2025

Apple confirmed that a security flaw in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. This week, Citizen Lab confirmed that Paragon’s Graphite spyware was used to hack fully updated iPhones, targeting at least two journalists in Europe.

Spyware 81

Spyware Hacking Government Mobile 81

Security Affairs

JANUARY 19, 2025

CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog Inexperienced actors developed the FunkSec ransomware using AI tools Credit Card Skimmer campaign targets WordPress via database injection Microsoft took legal action against crooks who developed a tool to abuse its AI-based services Pro-Russia hackers (..)

Spyware 76

Spyware DNS Data breaches Firewall 76

Security Affairs

MARCH 8, 2025

Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist Serbian student activists phone hacked using Cellebrite zero-day exploit Qilin ransomware gang claimed responsibility for the Lee Enterprises attack Meta fired 20 employees for leaking information, more firings expected International Press Newsletter Cybercrime U.S.

Data breaches 74

Data breaches Hacking Cybercrime Artificial Intelligence 74

Security Affairs

JUNE 22, 2025

CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog Attackers target Zyxel RCE vulnerability CVE-2023-28771 India-based car-sharing company Zoomcar suffered a data breach impacting 8.4M

Data breaches 67

Data breaches DDOS Backups Internet 67

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 77

Cybercrime Hacking Artificial Intelligence Ransomware 77

Security Affairs

APRIL 20, 2025

infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js

Data breaches 65

Data breaches Malware Phishing Hacking 65

Security Affairs

MARCH 2, 2025

from Bybit, it is the largest cryptocurrency heist ever International Press Newsletter Cybercrime Mining Company NioCorp Loses $500,000 in BEC Hack Inside Black Bastas Exposed Internal Chat Logs: A Firsthand Look The Bleeding Edge of Phishing: darcula-suite 3.0

Cybercrime 65

Cybercrime Hacking Ransomware Cryptocurrency 65

Security Affairs

APRIL 13, 2025

CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog A member of the Scattered Spider cybercrime group pleads guilty The controversial case of the threat actor EncryptHub PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets EDR-as-a-Service (..)

Data breaches 65

Data breaches Cybercrime Hacking Ransomware 65

Security Affairs

SEPTEMBER 14, 2023

The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group’s Pegasus spyware. The iPhone of the Russian journalist Galina Timchenko was compromised with NSO Group’s Pegasus spyware. The threat actors used a zero-click exploit, likely the PWNYOURHOME. .”

Spyware 137

Spyware Surveillance Media Government 137

SecureWorld News

MAY 3, 2022

The highly controversial Pegasus spyware has been found on the mobile phones of Spain's prime minister Pedro Sánchez, as well as the defense minister Margarita Robles, according to the Spanish government. Spain is now investigating the phones of other members of the government to find out if anyone else has been targeted with Pegasus.

Spyware 98

Spyware Government Surveillance Mobile 98

Security Affairs

DECEMBER 30, 2019

The United Nations on Friday have approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. The United Nations on Friday has approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime.

Cybercrime 94

Cybercrime Surveillance Spyware Government 94

Security Affairs

FEBRUARY 10, 2022

I transcribed a recent interview, here some questions and answers about nation-state hacking, spyware, and cyber warfare. Enjoy” How has spyware changed the rules of cyber security in recent years? Spyware are powerful weapons in the arsenal of governments and cybercrime gangs. Anyway, it is not the only one.

Spyware 98

Spyware Hacking Ransomware Surveillance 98

SecureWorld News

JULY 20, 2023

The Commerce Department recently added four spyware vendors to its Entity List for their involvement in trafficking cyber exploits used to gain unauthorized access to information systems. This move targets the activities of spyware vendors that pose a serious threat to the privacy and security of individuals and organizations worldwide.

Spyware 98

Spyware Surveillance Government Technology 98

Security Affairs

DECEMBER 11, 2018

Group-IB, an international company that specializes in preventing cyberattacks , has detected more than 40 000 compromised user credentials of online government services in 30 countries around the world. Group-IB Threat Intelligence has detected government websites’ user accounts compromised by cyber criminals in 30 countries.

Government 111

Government Cybercrime Accountability Malware 111

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. government. Upon installing the two spyware, they request extensive device permissions.

Spyware 98

Spyware Surveillance Malware Mobile 98

Security Affairs

NOVEMBER 11, 2022

The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

DECEMBER 16, 2021

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware.

Spyware 142

Spyware Energy and Utilities Malware Engineering 142

Malwarebytes

JANUARY 25, 2024

Currently only state sponsored groups, professional spyware vendors, and the large criminal operations have access to, and know how to use advanced AI tools to increase the effectivity of their attacks. Professional spyware vendors have deep enough pockets to invest in new tools, training, and development.

Ransomware 105

Ransomware Government Social Engineering Spyware 105

Security Affairs

JULY 7, 2024

This newsletter complements the weekly one you already receive. Each week, it will feature a collection of the best articles and research on malware.

Malware 126

Malware Spyware Cybercrime Ransomware 126

Security Affairs

NOVEMBER 25, 2020

Group-IB supported an INTERPOL-led operation Falcon targeting business email compromise cybercrime gang from Nigeria, dubbed TMT. Group-IB , a global threat hunting and intelligence company, supported an INTERPOL-led operation Falcon targeting business email compromise (BEC) cybercrime gang from Nigeria, dubbed TMT by Group-IB.

Cybercrime 142

Cybercrime Phishing Social Engineering Spyware 142

SecureWorld News

MARCH 29, 2024

This ends up executing sketchy code that installs viruses, ransomware, spyware, or adware behind the victim's back. A stepping stone to impactful cybercrime This tactic has tangible real-world implications. If a user gets on the hook, they are redirected to a landing page or prompted to download an ostensibly innocuous file.

Cybercrime 109

Cybercrime Advertising Engineering Antivirus 109

Heimadal Security

APRIL 8, 2022

Hamas-linked cybercrime organization dubbed ‘APT-C-23’ was noticed catfishing Israeli officials working in defense, law, enforcement, and government institutions, resulting in the deployment of new malware. Experts at security […].

Hacking 97

Hacking Social Engineering Spyware Cybercrime 97

Security Affairs

SEPTEMBER 15, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 126

Malware Spyware Banking Ransomware 126

Malwarebytes

FEBRUARY 16, 2021

Around the world, governments tried to stop their hospitals from being overwhelmed by ordering lockdowns, stay-in-place orders, and school closures. If 2020 taught us anything, it’s that cybercrime stops for nothing. By April 2020, half the world’s population had been asked or ordered to stay at home.

Malware 133

Malware Scams Spyware Healthcare 133

Security Affairs

AUGUST 4, 2024

Hospitals and Health Care Providers U.S. Trades Cybercriminals to Russia in Prisoner Swap Fighting Ursa Luring Targets With Car for Sale Cybersecurity When Cyberattacks Are Inevitable, Focus on Cyber Resilience IBM: Cost of a breach reaches nearly $5 million, with healthcare being hit the hardest Attor­ney Gen­er­al Ken Pax­ton Secures $1.4

Spyware 130

Spyware Phishing Malware Ransomware 130

SecureWorld News

AUGUST 25, 2022

Israeli spyware company NSO Group has experienced quite a bit of controversy in the last few years. Its spyware product, Pegasus, has been used by various criminals and nation states to target individuals of interest, such as activists, politicians, and business leaders. After being blacklisted by the U.S.,

Spyware 98

Spyware Government Surveillance Marketing 98

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 129

Data breaches Computers and Electronics Spyware Cybercrime 129

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 131

Spyware Surveillance DDOS Identity Theft 131

Security Affairs

MARCH 24, 2024

Government’s Antitrust Case Against Apple Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Ramadan ) Is it a Russia’s weapon? Players hacked during the matches of Apex Legends Global Series.

Malware 132

Malware Cybercrime Hacking Cyber threats 132

Security Affairs

AUGUST 7, 2022

affiliate sideloads Cobalt Strike through Windows Defender Gootkit AaaS malware is still active and uses updated tactics Austria investigates DSIRF firm for allegedly developing Subzero spyware ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.

Spyware 144

Spyware Manufacturing Small Business Surveillance 144

Security Affairs

MARCH 5, 2020

According to the CrowdStrike 2020 Global Threat Report, the telecommunications and government sectors were the most targeted by the threat actors. Chinese hackers also targeted several organizations in the healthcare sector, government and defense sectors of countries in Asia. ” reads the report published by CrowdStrike.

Telecommunications 136

Telecommunications Spyware Government Advertising 136

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 132

Social Engineering Spyware Data breaches Surveillance 132

Security Affairs

MAY 29, 2022

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks The strange link between Industrial Spy and the Cuba ransomware operation Reuters: Russia-linked APT behind Brexit leak website GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack Android pre-installed apps are affected by high-severity (..)

InfoSec 140

InfoSec Spyware DDOS Firewall 140