Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by China’s…
Category: EN
Critical Patient Data Exposed: 1.6 Million Affected in Widespread Healthcare Cyber Attack
In a chilling reminder of the growing cyber threats to the healthcare industry, Laboratory Services Cooperative (LSC), a U.S. lab testing provider, confirmed a major data breach that compromised the personal and medical data of 1.6 million individuals. The October…
Security Affairs newsletter Round 519 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Symbolic Link trick…
Radiant Security Unveils Its Groundbreaking Adaptive AI SOC Platform
In an era where cybersecurity teams face overwhelming alert volumes, staff shortages, and ever-evolving threats, Radiant Security has introduced a transformative solution: the Adaptive AI SOC platform. This innovation promises to revolutionize how security operations centers (SOCs) operate, offering not…
Threat Actors Actively Attacking Semiconductor Companies With 0-Day Exploits
In a concerning development for the global technology supply chain, sophisticated threat actors have launched a coordinated campaign exploiting previously unknown vulnerabilities in critical semiconductor manufacturing systems. These zero-day exploits are enabling attackers to penetrate the networks of leading chip…
Threat Actors Use Email Bombing Attacks to Bypass Security Tools & Hide Activity
Email bombing attacks have emerged as a sophisticated technique in cybercriminals’ arsenals, designed to overwhelm targets’ inboxes while concealing more malicious activities beneath the flood of messages. These attacks involve sending hundreds or thousands of emails to victims within a…
Threat Actors Hijack Legitimate Crypto Packages to Inject Malicious Code
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting cryptocurrency users through compromised npm packages. The attack specifically targets users of Atomic and Exodus wallets, hijacking transactions by injecting malicious code that redirects funds to attacker-controlled addresses. This latest campaign…
Tycoon 2FA Phishing Kit Employs New Evasion Techniques to Bypass Endpoint Detection Systems
Cybersecurity researchers have identified a significant evolution in phishing tactics as the Tycoon 2FA phishing kit implements sophisticated evasion techniques designed to circumvent modern endpoint protection systems. This advanced kit has been observed deploying multiple layers of obfuscation and anti-analysis…
Hackers Actively Exploiting Router Vulnerabilities to Attack Enterprise Networks
A sophisticated campaign targeting enterprise routers has intensified over the past month, with threat actors leveraging previously unknown vulnerabilities to establish persistent access within corporate networks. Security researchers have observed a substantial uptick in attacks specifically targeting network infrastructure devices,…
China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure
China admitted in a secret meeting with U.S. officials that it conducted Volt Typhoon cyberattacks on U.S. infrastructure, WSJ reports. China reportedly admitted in a secret meeting with U.S. officials that it carried out cyberattacks on U.S. infrastructure, linked to…
Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) April 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day…
Understanding Multifactor Authentication (MFA): A Simple Guide
In today’s digital world, passwords alone are not enough to keep our online accounts safe. Cybercriminals are constantly finding ways to steal login credentials, whether through phishing scams, data breaches or malware. This is where multifactor authentication (MFA) comes in.…
Chinese eCrime Hacker Group Attacking Users in 120+ Coutries to Steal Banking Credentials
A sophisticated Chinese eCrime group known as “Smishing Triad” has expanded its operations to target organizations and individuals across at least 121 countries worldwide. The group, active since 2023, has systematically targeted multiple industries including postal services, logistics, telecommunications, transportation,…
TROX Stealer Exfiltrate Sensitive Data Including Stored Credit Cards & Browser Credentials
A newly identified malware strain known as TROX Stealer has emerged as a significant threat to consumer data security, leveraging psychological manipulation and technical sophistication to exfiltrate sensitive information. First observed in December 2024 by Sublime Security analysts, this Malware-as-a-Service…
The Oracle Breach Is Bigger Than You Think—5 Urgent Steps to Take Now
In a troubling development for enterprise cloud users, federal authorities are investigating a major data breach involving Oracle—one of the world’s leading cloud infrastructure providers. Hackers reportedly gained unauthorized access to Oracle systems, stealing sensitive client login credentials including usernames,…
Why CISOs Are Betting Big on AI, Automation & Zero Trust
In today’s fast-paced digital world, Chief Information Security Officers (CISOs) are under immense pressure to protect their organizations from increasingly sophisticated cyber threats. As attack surfaces expand with remote work, cloud adoption, and IoT devices, traditional security models are proving…
STRIDE GPT – AI-powered Tool LLMs To Generate Threat Models
A new tool has emerged that promises to revolutionize the way organizations approach threat modeling. STRIDE GPT, an AI-powered threat modeling tool, leverages the capabilities of large language models (LLMs) to generate comprehensive threat models and attack trees for applications,…
Samsung Germany Customer Tickets – 216,333 breached accounts
In March 2025, data from Samsung Germany was compromised in a data breach of their logistics provider, Spectos. Allegedly due to credentials being obtained by malware running on a Spectos employee’s machine, the breach included 216k unique email addresses along…
Homeland Security Email Tells a US Citizen to ‘Immediately’ Self-Deport
An email sent by the Department of Homeland Security instructs people in the US on a temporary legal status to leave the country. But who the email actually applies to—and who actually received it—is far from clear. This article has…
ViperSoftX Malware Attacking Users via Cracked Software
A sophisticated malware campaign utilizing the notorious ViperSoftX malware has been targeting users through cracked software and torrent downloads since early April 2025. This PowerShell-based threat operates through a multi-stage infection process, establishing command and control communications before downloading additional…