Security Affairs newsletter Round 535 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

New Linux backdoor Plague bypasses auth via malicious PAM module

A stealthy Linux backdoor named Plague, hidden as a malicious PAM module, allows attackers to bypass auth and maintain persistent SSH access. Nextron Systems researchers discovered a new stealthy... Read more »

China Presses Nvidia Over Alleged Backdoors in H20 Chips Amid Tech Tensions

China questioned Nvidia over suspected backdoors in its H20 chips, adding to rising tensions in the tech fight between the U.S. and Beijing. China’s internet watchdog has summoned Nvidia... Read more »

Malicious AI-generated npm package hits Solana users

AI-generated npm package @kodane/patch-manager drained Solana wallets; 1,500+ downloads before takedown on July 28, 2025. AI-generated npm package @kodane/patch-manager was flagged for hiding malicious software to drain Solana wallets.... Read more »

Meta Offers $1M bounty at Pwn2Own Ireland 2025 for WhatsApp exploits

Meta backs Pwn2Own Ireland 2025 in Cork, offering up to $1M for WhatsApp exploits; targets include phones and wearables, Oct 21–24 via Zero Day Initiative. Meta is sponsoring ZDI’s... Read more »

ToolShell under siege: Check Point analyzes Chinese APT Storm-2603

Storm-2603 group exploits SharePoint flaws and uses a custom C2 framework, AK47 C2, with HTTP- and DNS-based variants named AK47HTTP and AK47DNS. Check Point Research is tracking a ToolShell... Read more »

CISA released Thorium platform to support malware and forensic analysis

CISA releases Thorium, an open-source tool for malware and forensic analysis, now available to analysts in government, public, and private sectors. CISA has released Thorium, a new open-source platform... Read more »

Russia-linked APT Secret Blizzard targets foreign embassies in Moscow with ApolloShadow malware

Russia-linked Secret Blizzard targets foreign embassies in Moscow via ISP-level AitM attacks, deploying custom ApolloShadow malware. Microsoft researchers uncovered a cyberespionage campaign by the Russia-linked APT group Secret Blizzard... Read more »

Attackers actively exploit critical zero-day in Alone WordPress Theme

Hackers exploit a critical vulnerability, tracked as CVE-2025-5394 (CVSS score of 9.8), in the Alone WordPress theme to hijack sites. Threat actors are actively exploiting a critical flaw, tracked... Read more »

Researchers released a decryptor for the FunkSec ransomware

Researchers have released a decryptor for the ransomware FunkSec, allowing victims to recover their encrypted files for free. Researchers at Avast developed a decryptor for the FunkSec ransomware. Gen... Read more »
Subscribe to our Newsletter