Security Affairs

Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops

AndyC 21 November 2025

Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops Pierluigi Paganini November 20, 2025 US, Australia and UK...

U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

AndyC 20 November 2025

U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini November 19, 2025 U.S. Cybersecurity...

7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild

AndyC 20 November 2025

7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild Pierluigi Paganini November 19, 2025 A remote code execution...

Operation WrtHug hijacks 50,000+ ASUS routers to build a global botnet

AndyC 20 November 2025

Operation WrtHug hijacks 50,000+ ASUS routers to build a global botnet Pierluigi Paganini November 19, 2025 Operation WrtHug hijacks tens...

Operation WrtHug hijacks 50,000+ ASUS routers to Bìbuild global botnet

AndyC 20 November 2025

Operation WrtHug hijacks 50,000+ ASUS routers to Bìbuild global botnet Pierluigi Paganini November 19, 2025 Operation WrtHug hijacks tens of...

Eurofiber confirms November 13 hack, data theft, and extortion attempt

AndyC 20 November 2025

Eurofiber confirms November 13 hack, data theft, and extortion attempt Pierluigi Paganini November 19, 2025 Eurofiber says hackers exploited a...

Security Blogs

New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet

AndyC 20 November 2025

New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet Pierluigi Paganini November 19, 2025 Fortinet patched a new FortiWeb zero-day,...

Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack

AndyC 19 November 2025

Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack Pierluigi Paganini November 18, 2025 The Pennsylvania...

DoorDash data breach exposes personal info after social engineering attack

AndyC 19 November 2025

DoorDash data breach exposes personal info after social engineering attack Pierluigi Paganini November 18, 2025 DoorDash says a social engineering...

Dutch police takes down bulletproof hosting hub linked to 80+ cybercrime cases

AndyC 18 November 2025

Dutch police takes down bulletproof hosting hub linked to 80+ cybercrime cases Pierluigi Paganini November 18, 2025 Dutch police seized...

Microsoft mitigated the largest cloud DDoS ever recorded, 15.7 Tbps

AndyC 18 November 2025

Microsoft mitigated the largest cloud DDoS ever recorded, 15.7 Tbps Pierluigi Paganini November 17, 2025 Microsoft says the Aisuru botnet...

Jaguar Land Rover confirms major disruption and £196M cost from September cyberattack

AndyC 18 November 2025

Jaguar Land Rover confirms major disruption and £196M cost from September cyberattack Pierluigi Paganini November 17, 2025 Jaguar Land Rover...

North Korean threat actors use JSON sites to deliver malware via trojanized code

AndyC 18 November 2025

North Korean threat actors use JSON sites to deliver malware via trojanized code Pierluigi Paganini November 17, 2025 North Korean...

From chatbots to colleagues: How agentic AI is redefining enterprise automation

RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025

AndyC 18 November 2025

RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025 Pierluigi Paganini November 17, 2025 RondoDox botnet...

Five admit helping North Korea evade sanctions through IT worker schemes

AndyC 17 November 2025

Five admit helping North Korea evade sanctions through IT worker schemes Pierluigi Paganini November 16, 2025 Five pleaded guilty to...

Security Affairs

Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops

U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild

Operation WrtHug hijacks 50,000+ ASUS routers to build a global botnet

Operation WrtHug hijacks 50,000+ ASUS routers to Bìbuild global botnet

Eurofiber confirms November 13 hack, data theft, and extortion attempt

New FortiWeb zero-day CVE-2025-58034 under attack patched by Fortinet

Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack

Dutch police takes down bulletproof hosting hub linked to 80+ cybercrime cases

Jaguar Land Rover confirms major disruption and £196M cost from September cyberattack

North Korean threat actors use JSON sites to deliver malware via trojanized code

RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025

Five admit helping North Korea evade sanctions through IT worker schemes

Credential stuffing: What it is and how to protect yourself

This month in security with Tony Anscombe – December 2025 edition

A brush with online fraud: What are brushing scams and how do I stay safe?

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET Threat Report H2 2025

Donate Bitcoin to this address

Donate Ethereum to this address

AZ Monica hospital in Belgium shuts down servers after cyberattack

Threat actor claims the theft of full customer data from Spanish energy firm Endesa

The AI Fix #83: ChatGPT Health, Victorian LLMs, and the biggest AI bluffers

Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages

Key Insights on SHADOW-AETHER-015 and Earth Preta from the 2025 MITRE ATT&CK Evaluation with Trend Vision One™

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed