Smashing Security podcast #458: How not to steal $46 million from the US government
A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn’t stirred since 2024 – and within minutes, giant...
Malware
KadNap bot compromises 14,000+ devices to route malicious traffic
KadNap bot compromises 14,000+ devices to route malicious traffic Pierluigi Paganini March 11, 2026 KadNap malware infects 14,000+ edge devices,...
Hackers Pose as IT Staff in Microsoft Teams to Install Malware
Image: sapannpix/Adobe Microsoft Teams impersonation and social engineering tactics are being used in an ongoing campaign to deliver a stealthy...
APT28 conducts long-term espionage on Ukrainian forces using custom malware
APT28 conducts long-term espionage on Ukrainian forces using custom malware Pierluigi Paganini March 10, 2026 APT28 used BEARDSHELL and COVENANT...
Massive GitHub malware operation spreads BoryptGrab stealer
Massive GitHub malware operation spreads BoryptGrab stealer Pierluigi Paganini March 08, 2026 Trend Micro found BoryptGrab stealer spreading through 100+...
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies...
Security Affairs newsletter Round 566 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 566 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini March 08, 2026 A new round of...
Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations
Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations Pierluigi Paganini March 06, 2026 Iran-linked APT MuddyWater targeted U.S. organizations, deploying...
The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors
In December 2024, millions of users woke up to find that their "productivity tool" Chrome extensions had transformed overnight...
Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer
Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer Pierluigi Paganini March 06, 2026 Microsoft warns of...
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various...
Iran-nexus APT Dust Specter targets Iraq officials with new malware
Iran-nexus APT Dust Specter targets Iraq officials with new malware Pierluigi Paganini March 06, 2026 A campaign by Iran-linked group...
Phobos Ransomware admin faces up to 20 years after guilty plea
Phobos Ransomware admin faces up to 20 years after guilty plea Pierluigi Paganini March 05, 2026 Russian national Evgenii Ptitsyn...
Russian APT targets Ukraine with BadPaw and MeowMeow malware
Russian APT targets Ukraine with BadPaw and MeowMeow malware Pierluigi Paganini March 05, 2026 Researchers uncovered a Russian campaign targeting...
Latest OpenClaw Security Risks are Fake GitHub Repositories Used to Deploy Infostealers
The highly popular and risk-riddled OpenClaw personal AI assistant is being used by bad actors to target users with...
