Internet Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75

December 14, 2025 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter UDPGangster Campaigns Target Multiple Countries Ransomware Trends in... Read more »

Experts found an unsecured 16TB database containing 4.3B professional records

December 14, 2025 add comment
An open 16TB database exposed 4.3B professional records. It was unsecured and only closed after researchers alerted the owner. A 16TB unsecured MongoDB database exposed about 4.3 billion professional... Read more »

Germany calls in Russian Ambassador over air traffic control hack claims

December 13, 2025 add comment
Germany summoned Russia’s ambassador over alleged cyberattacks on air traffic control and a disinformation campaign ahead of national elections. Germany summoned Russia’s ambassador after accusing Moscow of cyber attacks... Read more »

U.S. CISA adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog

December 13, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium and Sierra Wireless AirLink ALEOS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency... Read more »

Emergency fixes deployed by Google and Apple after targeted attacks

December 13, 2025 add comment
Google and Apple issued emergency updates to address zero-day flaws exploited in attacks targeting an unknown number of users. Apple and Google have both pushed out urgent security updates... Read more »

Notepad++ fixed updater bugs that allowed malicious update hijacking

December 12, 2025 add comment
Notepad++ addressed an updater vulnerability that allows attackers hijack update traffic due to weak file authentication. Notepad++ addressed a flaw in its updater that allowed attackers to hijack update... Read more »

Elastic detects stealthy NANOREMOTE malware using Google Drive as C2

December 12, 2025 add comment
Elastic found a new Windows backdoor, NANOREMOTE, similar to FINALDRAFT/REF7707, using the Google Drive API for C2. Elastic Security Labs researchers uncovered NANOREMOTE, a new Windows backdoor that uses... Read more »

U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog

December 12, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OSGeo GeoServer flaw,... Read more »

Critical Gogs zero-day under attack, 700 servers hacked

December 11, 2025 add comment
Hackers exploited an unpatched Gogs zero-day, allowing remote code execution and compromising around 700 Internet-facing servers. Gogs is a self-hosted Git service, similar to GitHub, GitLab, or Bitbucket, but... Read more »

GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

December 11, 2025 add comment
Google fixed GeminiJack, a zero-click Gemini Enterprise flaw that could leak corporate data via crafted emails, invites, or documents, Noma Security says. Google addressed a Gemini Enterprise flaw dubbed... Read more »
Subscribe to our Newsletter