hacking

Coupang announces .17B compensation plan for 33.7M data breach victims

Coupang announces $1.17B compensation plan for 33.7M data breach victims

AndyC 31 December 2025

Coupang announces $1.17B compensation plan for 33.7M data breach victims Pierluigi Paganini December 30, 2025 Coupang will spend about $1.17B...

Read More

Mustang Panda deploys ToneShell via signed kernel-mode rootkit driver

Mustang Panda deploys ToneShell via signed kernel-mode rootkit driver

AndyC 31 December 2025

Mustang Panda deploys ToneShell via signed kernel-mode rootkit driver Pierluigi Paganini December 30, 2025 China-linked APT Mustang Panda used a...

Read More

Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems

Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems

AndyC 31 December 2025

Lithuanian suspect arrested over KMSAuto malware that infected 2.8M systems Pierluigi Paganini December 30, 2025 A Lithuanian national was arrested...

Read More

U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog

U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog

AndyC 31 December 2025

U.S. CISA adds a flaw in MongoDB Server to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 30, 2025 U.S....

Read More

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

AndyC 31 December 2025

Dec 30, 2026Ravie LakshmananMalware / Cyber Espionage The Chinese hacking group known as Mustang Panda has leveraged a previously undocumented...

Read More

Romania’s Oltenia Energy Complex suffers major ransomware attack

Romania’s Oltenia Energy Complex suffers major ransomware attack

AndyC 30 December 2025

Romania’s Oltenia Energy Complex suffers major ransomware attack Pierluigi Paganini December 29, 2025 A ransomware attack hit Romania’s Oltenia Energy...

Read More

Korean Air discloses data breach after the hack of its catering and duty-free supplier

Korean Air discloses data breach after the hack of its catering and duty-free supplier

AndyC 30 December 2025

Korean Air discloses data breach after the hack of its catering and duty-free supplier Pierluigi Paganini December 29, 2025 Korean...

Read More

Threat Actors Exploiting Critical ‘MongoBleed’ MongoDB Flaw

MongoBleed flaw actively exploited in attacks in the wild

AndyC 30 December 2025

MongoBleed flaw actively exploited in attacks in the wild Pierluigi Paganini December 29, 2025 A recently disclosed MongoDB flaw (MongoBleed)...

Read More

Evasive Panda cyberespionage campaign uses DNS poisoning to install MgBot backdoor

Evasive Panda cyberespionage campaign uses DNS poisoning to install MgBot backdoor

AndyC 30 December 2025

Evasive Panda cyberespionage campaign uses DNS poisoning to install MgBot backdoor Pierluigi Paganini December 29, 2025 China-linked APT Evasive Panda...

Read More

Condé Nast faces major data breach: 2.3M WIRED records leaked, 40M more at risk

Condé Nast faces major data breach: 2.3M WIRED records leaked, 40M more at risk

AndyC 29 December 2025

Condé Nast faces major data breach: 2.3M WIRED records leaked, 40M more at risk Pierluigi Paganini December 28, 2025 Hacker...

Read More

Stolen LastPass backups enable crypto theft through 2025

Stolen LastPass backups enable crypto theft through 2025

AndyC 29 December 2025

Stolen LastPass backups enable crypto theft through 2025 Pierluigi Paganini December 28, 2025 Stolen vault backups from the 2022 LastPass...

Read More

Security Affairs newsletter Round 556 by Pierluigi Paganini – INTERNATIONAL EDITION

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 77

AndyC 29 December 2025

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies...

Read More

NDSS 2025 – CounterSEVeillance: Performance-Counter Attacks On AMD SEV-SNP

LangChain core vulnerability allows prompt injection and data exposure

AndyC 28 December 2025

LangChain core vulnerability allows prompt injection and data exposure Pierluigi Paganini December 27, 2025 A critical flaw in LangChain Core...

Read More

NPM package with 56,000 downloads compromises WhatsApp accounts

NPM package with 56,000 downloads compromises WhatsApp accounts

AndyC 28 December 2025

NPM package with 56,000 downloads compromises WhatsApp accounts Pierluigi Paganini December 27, 2025 An NPM package with over 56,000 downloads...

Read More

Trust Wallet warns users to update Chrome extension after M security loss

Trust Wallet warns users to update Chrome extension after $7M security loss

AndyC 27 December 2025

Trust Wallet warns users to update Chrome extension after $7M security loss Pierluigi Paganini December 26, 2025 Trust Wallet urged...

Read More

Credential stuffing: What it is and how to protect yourself

Credential stuffing: What it is and how to protect yourself

AndyC 9 January 2026

Digital Security Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts Christian Ali Bravo 08...

Read More

This month in security with Tony Anscombe – December 2025 edition

This month in security with Tony Anscombe – December 2025 edition

AndyC 30 December 2025

As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this...

Read More

A brush with online fraud: What are brushing scams and how do I stay safe?

A brush with online fraud: What are brushing scams and how do I stay safe?

AndyC 24 December 2025

Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to...

Read More

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

AndyC 23 December 2025

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of...

Read More

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

AndyC 19 December 2025

In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new...

Read More

ESET Threat Report H2 2025

ESET Threat Report H2 2025

AndyC 17 December 2025

ESET Research A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research...

Read More

NDSS 2025 – CounterSEVeillance: Performance-Counter Attacks On AMD SEV-SNP

How smart are the latest NHIs in threat detection?

AndyC 13 January 2026

NDSS 2025 – CounterSEVeillance: Performance-Counter Attacks On AMD SEV-SNP

Can Agentic AI meet future cybersecurity demands?

AndyC 13 January 2026

NDSS 2025 – CounterSEVeillance: Performance-Counter Attacks On AMD SEV-SNP

U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog

AndyC 13 January 2026

Google launches new AI protocol for e-commerce

After AI review: Google stops dangerous health advice

AndyC 13 January 2026

AI PCs to gain speed, cut cloud costs — and help workers upskill

India may require smartphone manufacturers to disclose source code

AndyC 13 January 2026