Tag: Security Affairs

The cyberattack on UK retailer Co-op in April caused empty shelves, customer data theft, and a $275M revenue loss. In May, the cybercrime group behind the April Co-op cyberattack, who go online with the name DragonForce, told the BBC that…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Brewing Trouble — Dissecting a macOS Malware Campaign   Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt…

Read more →

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ohio’s…

Read more →

A ransomware attack resulted in the theft of Social Security and financial data from Union County, Ohio, impacting 45,487 people. A ransomware attack hit Union County, Ohio, and crooks stole Social Security and financial data. Officials notified 45,487 residents and…

Read more →

Researchers disclosed a critical flaw, named ForcedLeak, in Salesforce Agentforce that enables indirect prompt injection, risking CRM data exposure. Noma Labs researchers discovered a critical vulnerability, named ForcedLeak (CVSS 9.4), in Salesforce Agentforce that could be exploited by attackers to…

Read more →

Microsoft Threat Intelligence researchers found a new XCSSET macOS malware variant used in limited attacks. Microsoft Threat Intelligence researchers have discovered a new version of the macOS malware XCSSET that has been employed in limited attacks. Trend Micro first spotted the…

Read more →

watchTowr Labs says hackers exploited the Fortra GoAnywhere MFT flaw CVE-2025-10035 on Sept 10, 2025, a week before public disclosure. Cybersecurity firm watchTowr Labs revealed that it has ‘credible evidence’ that the critical Fortra GoAnywhere MFT flaw CVE-2025-10035 was actively…

Read more →

UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel…

Read more →

China-linked actors used Brickstorm malware to spy on U.S. tech and legal firms, stealing data undetected for over a year, Google warns. Google Threat Intelligence Group (GTIG) observed the use of the Go-based backdoor BRICKSTORM to maintain persistence in U.S. organizations…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CISCO Secure Firewall ASA and Secure FTD flaws to its…

Read more →

Interpol announced that Operation HAECHI VI seized $439M from global cybercrime rings, with 40 countries joining the five-month crackdown. Interpol announced that an international law enforcement operation, codenamed Operation HAECHI VI, resulted in the seizure of $439M in cash and…

Read more →

Volvo North America disclosed a data breach that exposed the personal data of its employees after a ransomware attack hit third-party supplier Miljödata. Volvo NA disclosed a data breach that exposed the personal data of its employees after a ransomware…

Read more →

Cisco addressed a high-severity zero-day in Cisco IOS and IOS XE Software that is being actively exploited in attacks in the wild. Cisco fixed an actively exploited zero-day, tracked as CVE-2025-20352, impacting Cisco IOS and IOS XE Software. The high-severity…

Read more →

State-sponsored hackers exploited a vulnerability, tracked as CVE-2025-59689, in Libraesva Email Gateway via malicious attachments. Nation-state actors exploited a command injection flaw, tracked as CVE-2025-59689, in Libraesva Email Security Gateway. Libraesva Email Security Gateway is an advanced secure email gateway…

Read more →

SolarWinds fixed a critical flaw in its Web Help Desk software that could allow attackers to execute arbitrary commands on vulnerable systems. SolarWinds has released hot fixes to address a critical flaw, tracked as CVE-2025-26399 (CVSS score: 9.8), affecting its Web…

Read more →

US CISA revealed that threat actors exploited an unpatched vulnerability in GeoServer to breach a U.S. federal civilian agency’s network. Threat actors breached a U.S. federal agency via unpatched GeoServer flaw, tracked as CVE-2024-36401 (CVSS score of 9.8), which is…

Read more →

Cloudflare blocked a new record-breaking DDoS attack peaking at 22.2 Tbps and 10.6 billion packets per second. Cloudflare announced it has mitigated a new record-breaking distributed denial-of-service (DDoS) attack that peaked at a record-breaking 22.2 terabits per second (Tbps) and…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium flaw, tracked as CVE-2025-10585, to its Known Exploited Vulnerabilities (KEV) catalog. In mid-September, Google…

Read more →

Secret Service seizes a covert communications network near U.N. composed of sophisticated equipment, including 100K SIMs and 300 servers The U.S. Secret Service uncovered a covert communications network near the U.N. in New York, seizing 100,000 SIM cards and 300…

Read more →

A suspected Scattered Spider member linked to cyber attacks on Las Vegas casinos was arrested on September 17. The Las Vegas Metropolitan Police Department arrested on September 17 a suspected Scattered Spider member linked to attacks on Las Vegas casinos…

Read more →