Category: Security Affairs

Cellcom, a regional wireless carrier based in Wisconsin (US), announced that a cyberattack is the cause of a service outage it faced during the past week. Cellcom, a regional wireless carrier in Wisconsin, confirmed a cyberattack that caused a week-long…

Read more →

Cryptocurrency exchange Coinbase announced that the recent data breach exposed data belonging to 69,461 individuals. Coinbase disclosed that a data breach impacted 69,461 individuals after overseas support staff improperly accessed customer and corporate data. Coinbase recently revealed that rogue contractors…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium, DrayTek routers,…

Read more →

A critical flaw in OpenPGP.js, tracked as CVE-2025-47934, lets attackers spoof message signatures; updates have been released to address the flaw. A critical vulnerability, tracked as CVE-2025-47934, in OpenPGP.js allowed spoofing of message signature verification. OpenPGP.js is an open-source JavaScript…

Read more →

South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Korea’s largest wireless telecom company, a major player in the country’s mobile and tech landscape. It holds about…

Read more →

A flaw in O2 4G Calling (VoLTE) leaked user location data via network responses due to improper IMS standard implementation. A flaw in 4G Calling (VoLTE) service of the UK telecom O2 exposed user location data through network responses due…

Read more →

China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia. ESET researchers revealed that a China-linked APT, tracked as UnsolicitedBooker, targeted an international organization in Saudi Arabia using a new backdoor called MarsSnake. The experts…

Read more →

The UK’s Legal Aid Agency suffered a cyberattack in April and has now confirmed that sensitive data was stolen during the incident. The Legal Aid Agency (LAA) revealed that it had suffered a cyberattack on its systems on April 23. …

Read more →

Cybersecurity Observatory of the Unipegaso’s malware lab published a detailed analysis of the Sarcoma ransomware. It is with great pleasure and honor that I present the first report produced by the Malware Analysis Lab, led by Luigi Martire. The lab…

Read more →

Mozilla addressed two critical Firefox vulnerabilities that could be potentially exploited to access sensitive data or achieve code execution. Mozilla released security updates to fix two critical vulnerabilities in the Firefox browser that could be potentially exploited to access sensitive…

Read more →

Japan passed a law allowing preemptive offensive cyber actions, shifting from its pacifist stance to bolster defenses like major Western powers. Japan has enacted the Active Cyberdefense Law, allowing preemptive offensive cyber operations to counter threats before damage occurs. This…

Read more →

Pwn2Own Berlin 2025 wrapped up with $383,750 awarded on the final day, pushing the total prize money to $1,078,750 over three days. On the final day of Pwn2Own Berlin 2025, participants earned $383,750 for demonstrating zero-day in VMware Workstation, ESXi,…

Read more →

James Comey is under investigation for a seashell photo showing “8647,” seen by some as a coded threat against Trump. Former FBI chief James Comey is under investigation by the Secret Service for sharing an image of seashells arranged to…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape PupkinStealer : A .NET-Based Info-Stealer  Interlock ransomware evolving under the radar  Technical Analysis of TransferLoader   Sophisticated NPM Attack Leveraging Unicode Steganography…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. US Government officials…

Read more →

Chinese “kill switches” found in Chinese-made power inverters in US solar farm equipment that could let Beijing remotely disable power grids in a conflict. Investigators found “kill switches” in Chinese-made power inverters in US solar farm equipment. These hidden cellular…

Read more →

FBI warns ex-officials are targeted with deepfake texts and AI voice messages impersonating senior U.S. officials. The FBI warns that ex-government officials are being targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials. The FBI warns of…

Read more →

Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting U.S. companies, shifting their focus across the Atlantic. The financially motivated group UNC3944 (also known as Scattered Spider, 0ktapus) is known for social engineering and extortion.…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its…

Read more →

On day two of Pwn2Own Berlin 2025, participants earned $435,000 for demonstrating zero-day in SharePoint, ESXi, VirtualBox, RHEL, and Firefox. On day two of Pwn2Own Berlin 2025, bug hunters earned a total of $435,000, which brings the contest total to…

Read more →