Threat actors exploit Aviatrix Controller flaw to deploy backdoors and cryptocurrency miners

A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners in the wild. A security researcher Jakub Korepta discovered a critical vulnerability, tracked as... Read more »

U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency... Read more »

Inexperienced actors developed the FunkSec ransomware using AI tools

FunkSec, a new ransomware group that attacked more than 80 victims in December 2024, was developed using AI tools. The FunkSec ransomware-as-a-service (RaaS) group has been active since late... Read more »

Credit Card Skimmer campaign targets WordPress via database injection

Stealthy credit card skimmer targets WordPress e-commerce sites, injecting malicious JavaScript into CMS database tables to evade detection. Sucuri researchers warn of a stealthy credit card skimmer campaign targeting... Read more »

Microsoft took legal action against crooks who developed a tool to abuse its AI-based services

In December, Microsoft sued a group for creating tools to bypass safety measures in its cloud AI products. Microsoft filed a complaint with the Eastern District Court of Virginia... Read more »

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

Over the weekend, Italy faced new waves of DDoS attacks carried out by pro-Russia group NoName057(16). Pro-Russia hackers Noname057(16) targeted Italian ministries, institutions, critical infrastructure’s websites and private organizations... Read more »

Security Affairs newsletter Round 506 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 28

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Finding Malware: Unveiling PLAYFULGHOST with Google Security Operations   Scam Sniffer... Read more »

How a researcher earned $100,000 hacking a Facebook server

Facebook paid $100,000 to a researcher for discovering a bug that granted him command access to an internal server in October 2024. TechCrunch first reported that Facebook awarded security... Read more »

DoJ charged three Russian citizens with operating crypto-mixing services

The U.S. Department of Justice charged three Russian citizens with operating crypto-mixing services that helped crooks launder cryptocurrency. The U.S. Department of Justice (DoJ) charged Russian national Roman Vitalyevich... Read more »
Subscribe to our Newsletter