Security Affairs.

"Watch out, Veeam fixed a new critical bug in backup and replication product."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 22 June 2025, 1411 UTC.

Content and Source:  "Security Affairs".

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check email subscription link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

73K followers23 articles per week
#security#tech
36

Most popular

Watch out, Veeam fixed a new critical bug in Backup & Replication product

2 TTPs
by Pierluigi Paganini / 4d
Veeam addressed a new critical flaw in Backup & Replication product that could potentially result in remote code execution. Veeam has rolled out security patches to address a critical security vulnerability, tracked CVE-2025-23121 (CVSS score of 9.9) in its Backup & Replication solution that can allow remote attackers to execute arbitrary code under certain conditions. “A vulnerability allowing r

Linux flaws chain allows Root access across major distributions

2 TTPs
by Pierluigi Paganini / 2d
Researchers discovered two local privilege escalation flaws that could let attackers gain root access on systems running major Linux distributions. Qualys researchers discovered two local privilege escalation (LPE) vulnerabilities, an attacker can exploit them to gain root privileges on machines running major Linux distributions. The two vulnerabilities are: CVE-2025-6018: LPE from unprivileged t

Godfather Android trojan uses virtualization to hijack banking and crypto apps

GodFather malware targets banking apps
by Pierluigi Paganini / 1d
, stealing user funds, warns mobile security firm Zimperium. Zimperium zLabs has uncovered a major evolution of the GodFather Android trojan, which uses on-device virtualization to hijack real banking and crypto apps. Instead of using fake overlays, the malware creates a sandbox on the victim’s device, runs actual apps inside it, and intercepts user input in real time. This technique allows for f

Yesterday

Iran confirmed it shut down internet to protect the country against cyberattacks

3 TTPs
by Pierluigi Paganini / 1d
Iranian hackers breach Israel's systems
Iran confirmed an Internet shutdown to counter Israeli cyberattacks, citing threats to critical infrastructure, and interfere with drone control. Iran experienced a near-total internet blackout on Wednesday as tensions with Israel escalated into the first week of conflict. However, the exact cause behind the collapse of Iran’s internet remains unclear. While the timing coincides with escalating m

Jun 20, 2025

Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider

3 TTPs
by Pierluigi Paganini / 1d
Cloudflare blocks record 73 Tbps DDoS
Cloudflare blocked a record-breaking 7.3 Tbps DDoS attack in May 2025. Cloudflare blocked a record 7.3 Tbps DDoS attack in May 2025, 12% greater than its previous peak and 1 Tbps greater than the attack reported by the popular cyber journalist Brian Krebs. The attack targeted a Cloudflare customer, a hosting provider using the company’s DDoS protection solution Magic Transit . Earlier in 2025, Cl

Jun 19, 2025

A ransomware attack pushed the German napkin firm Fasana into insolvency

by Pierluigi Paganini / 2d
A cyberattack pushed the German napkin firm Fasana into insolvency, likely worsening existing financial troubles and serving as the final blow. German napkin maker Fasana filed for insolvency after a major cyberattack on May 19 paralyzed its systems, halting over €250K in orders the next day. The napkin factory is located in Stotzheim, Germany, and has 240 employees. The company was forced to hal

Researchers discovered the largest data breach ever, exposing 16 billion login credentials

7 TTPs
by Pierluigi Paganini / 2d
16 billion passwords leaked online
, likely due to multiple infostealers. Researchers announced the discovery of what appears to be the largest data breach ever recorded, with an astonishing 16 billion login credentials exposed. The ongoing investigation, which began earlier this year, suggests that the credentials were collected through multiple infostealer malware strains. Cybernews researchers who discovered the data leak, repo

China-linked group Salt Typhoon breached satellite firm Viasat

8 TTPs
by Pierluigi Paganini / 2d
China-linked APT Typhoon has reportedly targeted satellite firm Viasat, the group has breached multiple telecom providers in the past. China-linked APT group Salt Typhoon hacked the satellite communications firm Viasat, the cyber-espionage group has previously breached the networks of multiple other telecom providers in the United States and globally. Viasat is a global communications company bas

Iran experienced a near-total national internet blackout

Nobitex hacked $100 million exposed
by Pierluigi Paganini / 3d
Iran experienced a near-total internet blackout on Wednesday as tensions with Israel escalated into the first week of conflict. Global internet monitor NetBlocks reported almost near-total Internet disruptions in Iran as tensions with Israel escalated into the first week of conflict. However, the exact cause behind the collapse of Iran’s internet remains unclear. While the timing coincides with e

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

by Pierluigi Paganini / 3d
Java-based malware targets Minecraft users via fake cheat tools, utilizing the Stargazers Ghost Network distribution-as-a-service (DaaS). Check Point researchers found a multi-stage malware on GitHub targeting Minecraft users via Stargazers DaaS , using Java/.NET stealers disguised as cheat tools. Minecraft, one of the world’s most popular games with over 200 million monthly players and 300 milli

Jun 18, 2025

Healthcare services company Episource data breach impacts 5.4 Million people

Impact (Enterprise TA0040)
by Pierluigi Paganini / 3d
Episource data breach exposes patient info
Data breach at Healthcare services company Episource exposes personal and health data of over 5.4 million people in major cyberattack. A cyberattack on healthcare firm Episource led to a data breach exposing personal and health data of over 5.4 million individuals . Episource is a U.S.-based healthcare services and technology company that provides risk adjustment services, clinical data analytics

U.S. CISA adds Linux Kernel flaw to its Known Exploited Vulnerabilities catalog

by Pierluigi Paganini / 4d
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium V8 Out-of-Bounds Read and Write Vulnerability, tracked as CVE-2023-0386 , to its Known Exploited Vulnerabilities (KEV) catalog . The vulnerability, CVE-2023-0386 (CVSS sco

News Flodrix botnet targets vulnerable Langflow servers

CVE-2025-3248
by Pierluigi Paganini / 4d
Attackers exploit CVE-2025-3248 in Langflow servers to deliver Flodrix botnet via downloader scripts, Trend Research reports. Trend Research uncovered an ongoing campaign exploiting the vulnerability CVE-2025-3248 to deliver the Flodrix botnet. Attackers exploit the flaw to run scripts on Langflow servers, downloading and installing Flodrix malware. “If the vulnerability is successfully exploited

Jun 17, 2025

U.S. CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog

by Pierluigi Paganini / 5d
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities (KEV) catalog . Below are the descriptions for these flaws: CVE-2025-43200 Apple Multiple P

Attackers target Zyxel RCE vulnerability CVE-2023-28771

by Pierluigi Paganini / 5d
GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP port 500. “Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks.

Jun 16, 2025

India-based car-sharing company Zoomcar suffered a data breach impacting 8.4M users

by Pierluigi Paganini / 5d
Zoomcar disclosed a data breach impacting 8.4M users after attackers compromised its systems and contacted the company staff. Zoomcar is an India-based car-sharing and self-drive car rental company. Zoomcar discovered a data breach impacting 8.4M users after threat actors contacted the internal personnel claiming the compromise of internal systems. The company is investigating the security breach

State-sponsored hackers compromised the email accounts of several Washington Post journalists

by Pierluigi Paganini / 5d
State-sponsored hackers compromised the email accounts of several journalists working at the Washington Post. A cyberattack, likely carried out by state-sponsored hackers, compromised the Microsoft email accounts of Washington Post journalists, including reporters covering China and national security. “A cyberattack on the Washington Post compromised email accounts of several journalists and was

Law enforcement operation shut down dark web drug marketplace Archetyp Market

Archetyp Market dismantled by police
by Pierluigi Paganini / 5d
Europol shut down Archetyp Market, a major dark web drug marketplace, in a global operation with arrests and takedowns. An international law enforcement operation led by Europol dismantled Archetyp Market, the most enduring dark web marketplace. The marketplace enabled the anonymous trade of illicit drugs, including cocaine, MDMA, amphetamines, and synthetic opioids. Between June 11 and 13, 300 o

New Anubis RaaS includes a wiper module

9 TTPs
by Pierluigi Paganini / 6d
Anubis ransomware adds wiper feature
Anubis RaaS now includes a wiper module, permanently deleting files. Active since Dec 2024, it launched an affiliate program in Feb 2025. Anubis is a new RaaS that combines file encryption capability with a rare “wipe mode,” permanently deleting files and preventing recovery even after ransom payment. Anubis operates a flexible affiliate program that has been active since December 2024. Anubis br

New Predator spyware infrastructure revealed activity in Mozambique for the first time

by Pierluigi Paganini / 6d
Insik Group analyzed the new Predator spyware infrastructure and discovered it’s still gaining users despite U.S. sanctions since July 2023. Despite earlier declines in activity due to U.S. sanctions and public exposure, Predator spyware has resurged. Insikt Group analyzed a renewed infrastructure linked to the commercial spyware company and identified a new customer in Mozambique, highlighting c

Jun 15, 2025

Canada’s second-largest airline WestJet is containing a cyberattack

WestJet faces cybersecurity incident
by Pierluigi Paganini / 7d
Canada’s airline WestJet has suffered a cyberattack that impactd access to some internal systems and the company app. WestJet is a Canadian airline that operates both domestic and international flights. Founded in 1996, it started as a low-cost carrier and has grown to become Canada’s second-largest airline, after Air Canada. WestJet is investigating a cybersecurity incident impacting some of its

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 49

by Pierluigi Paganini / 7d
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Supply chain attack hits Gluestack NPM packages with 960K weekly downloads Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 Destructive npm Packages Disguised as Utilities Enable Remote System Wipe AMOS Variant Distributed Via Clickfi

Security Affairs newsletter Round 528 by Pierluigi Paganini – INTERNATIONAL EDITION

by Pierluigi Paganini / 7d
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Palo Alto Networks fixed multiple privilege escalation flaws Unusual toolset used in recent Fog Ransomware attack A cyberattack on United Natural Fo

Jun 13, 2025

Palo Alto Networks fixed multiple privilege escalation flaws

4 TTPs
by Pierluigi Paganini / 8d
Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions. Palo Alto Networks fixed seven privilege escalation vulnerabilities and integrated the latest Chrome security patches into its products. Palo Alto applied 11 Chrome fixes and patched CVE-2025-4233, a cache vulnerability impacting the Prisma Access Browser. The most severe vulnerability,

Unusual toolset used in recent Fog Ransomware attack

by Pierluigi Paganini / 8d
Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec researchers warn. In May 2025, attackers hit an Asian financial firm with Fog ransomware , using rare tools like Syteca monitoring software and pentesting tools GC2, Adaptix, and Stowaway. Symantec researchers pointed out that the use of these tools is unusual for ransomware campaigns. Notably, at

A cyberattack on United Natural Foods caused bread shortages and bare shelves

United Natural Foods cyberattack disrupts
by Pierluigi Paganini / 8d
Cyberattack on United Natural Foods Inc. (UNFI) disrupts deliveries, causing Whole Foods shortages nationwide after systems were taken offline on June 5. United Natural Foods, Inc. ( UNFI ) is a Providence, Rhode Island–based natural and organic food company. The largest publicly traded wholesale distributor of health and specialty food in the United States and Canada, it is Whole Foods Market ‘s

Paraguay Suffered Data Breach: 7.4 Million Citizen Records Leaked on Dark Web

3 TTPs
by Pierluigi Paganini / 8d
Paraguay data breach affects millions
Resecurity researchers found 7.4 million records containing personally identifiable information (PII) of Paraguay citizens on the dark web. Resecurity has identified 7.4 million records containing personally identifiable information (PII) of Paraguayan citizens leaked on the dark web today. Last week, cybercriminals have offered information about all citizens of Paraguay for sale, demanding $7.4

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

Cyber War News Today.

Image
"International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 15 December 2024, 0134 UTC. Content and Source:   https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  Dec 13, 2024 The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 13.3% WILMINGTON, DE, UNITED STATES, December 13, 2024 /⁨EINPresswire.com⁩/ -- According to the report, The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 1...
Read more

Cyber War News Today.

Image
"ADP investing in cyber warfare workforce." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 28 May 2025, 1940 UTC. Content and Source:  "Cyber War News Today."  https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please click email link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  06:47 GMT पहलगामनंतर पाकिस्तानने भारतावर कशाप्रकारे Cyber War लादले? पहलगाम हत्याकांडानंतरच्या दोन आठवड्यांनंतर, भारतीय सायबर स्पेसवर पाकिस्तानकडून मोठ्या प्रमाणात हल्ले सुरु झाले. काही दिवशी तर, दर तासाला तब्बल 90 कोटी DDoS (डिस्ट्रिब्युटेड डिनायल ऑफ सर्व्हिस) हल्ले झाले, अशी माहिती सायबर सुरक्षेत कार्...
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controvers...
Read more