Category: Security Affairs

Yale New Haven Health (YNHHS) announced that threat actors stole the personal data of 5.5 million patients in a cyberattack. Yale New Haven Health (YNHHS) disclosed a data breach that exposed personal information of 5.5 million patients following a cyberattack…

Read more →

Crooks exploit the death of Pope Francis, using public curiosity and emotion to launch scams and spread malware, an old tactic during global events. On April 24, 2025, after Pope Francis’ death, cybercriminals launched scams and malware attacks, exploiting public…

Read more →

WhatsApp adds Advanced Chat Privacy feature that allows users to block others from sharing chat content outside the app. WhatsApp announced the availability of a new feature called “Advanced Chat Privacy” for both individual and group chats that enhances content…

Read more →

A new Android spyware was discovered in a fake Alpine Quest app, reportedly used by Russian soldiers for war zone planning. Doctor Web researchers uncovered a new spyware, tracked as Android.Spy.1292.origin, targeting Russian military personnel. The malicious code was hidden…

Read more →

New malware campaign targets Docker environments using unknown methods to secretly mine cryptocurrency, researchers warn. Researchers from Darktrace and Cado Security have spotted a malware campaign that targets Docker environments with a novel technique to mine cryptocurrency. The malware campaign…

Read more →

The xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack aimed at stealing users’ private keys. Threat actors compromised the Ripple cryptocurrency npm JavaScript library xrpl.js to harvest users’ private keys. xrpl.js is the recommended library for integrating a JavaScript/TypeScript…

Read more →

Marks & Spencer (M&S) confirmed it’s managing a cyber incident after multiple customer complaints surfaced on social media. Marks and Spencer Group plc (M&S) announced it has been managing a cyber incident in recent days with the help of external…

Read more →

Cybercriminals leverage NFC fraud against ATMs and POS terminals, stealing money from consumers at scale. Resecurity (USA) investigated multiple incidents identified in Q1 2025, exceeding several million dollars in damages for one of the top Fortune 100 financial institutions in…

Read more →

SK Telecom warned that threat actors accessed customer Universal Subscriber Identity Module (USIM) info through a malware attack. SK Telecom is South Korea’s largest wireless telecom company, a major player in the country’s mobile and tech landscape. It holds about…

Read more →

Abilene, Texas, shut down systems after a cyberattack caused server issues. IT staff and experts are investigating the security incident. Abilene, Texas, shut down systems after a cyberattack caused server issues. The incident occurred on April 18, 2025, emergency services…

Read more →

Japan ’s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. Japan ’s Financial Services Agency (FSA) reported that the damage caused by unauthorized access to and transactions on internet trading services…

Read more →

Researchers spotted a new North Korea-linked group Kimsuky ‘s campaign, exploiting a patched Microsoft Remote Desktop Services flaw to gain initial access. While investigating a security breach, the AhnLab SEcurity intelligence Center (ASEC) researchers discovered a North Korea-linked group Kimsuky…

Read more →

‘SuperCard X’ – a new MaaS – targets Androids via NFC relay attacks, enabling fraudulent POS and ATM transactions with stolen card data. Cleafy researchers discovered a new malware-as-a-service (MaaS) called SuperCard X targeting Android devices with NFC relay attacks…

Read more →

Russia-linked group APT29 targeted diplomatic entities across Europe with a new malware loader codenamed GRAPELOADER. Check Point Research team reported that Russia-linked cyberespionage group APT29 (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) is behind a sophisticated phishing campaign targeting European diplomatic…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze       Nice chatting with you: what connects…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Attackers exploited SonicWall…

Read more →

Threat actors are actively exploiting a remote code execution flaw in SonicWall Secure Mobile Access (SMA) appliances since January 2025. Arctic Wolf researchers warn that threat actors actively exploit a vulnerability, tracked as CVE-2021-20035 (CVSS score of 7.1), in SonicWall…

Read more →

ASUS warns of an authentication bypass vulnerability in routers with AiCloud enabled that could allow unauthorized execution of functions on the device. ASUS warns of an authentication bypass vulnerability, tracked as CVE-2025-2492 (CVSS v4 score: 9.2), which impacts routers with AiCloud enabled.…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple products and Microsoft Windows NTLM vulnerabilities to its Known Exploited…

Read more →

Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues. Legends International is a global leader in sports and entertainment venue management, specializing in delivering comprehensive solutions for stadiums, arenas, and attractions.…

Read more →