Internet Security

whoAMI attack could allow remote code execution within AWS account

February 17, 2025 add comment
Researchers warn that the whoAMI attack lets attackers publish an AMI with a specific name to execute code in an AWS account. Cybersecurity researchers at Datadog Security Labs devised... Read more »

Storm-2372 used the device code phishing technique since August 2024

February 16, 2025 add comment
Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. Microsoft Threat Intelligence researchers warn that threat actor... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

February 16, 2025 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach... Read more »

Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION

February 16, 2025 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of... Read more »

U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog

February 15, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS and iPadOS and Mitel SIP Phones vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security... Read more »

Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

February 15, 2025 add comment
Threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls. Researchers warn that threat actors are exploiting a recently disclosed vulnerability, tracked as... Read more »

U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog

February 14, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SimpleHelp vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a SimpleHelp vulnerability, tracked as... Read more »

China-linked APT Salt Typhoon breached telecoms by exploiting Cisco router flaws

February 14, 2025 add comment
China-linked APT Salt Typhoon has breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. China-linked APT group Salt Typhoon is still targeting telecommunications providers worldwide, and... Read more »

Experts discovered PostgreSQL flaw chained with BeyondTrust zeroday in targeted attacks

February 14, 2025 add comment
Threat actors are exploiting a zero-day SQL injection vulnerability in PostgreSQL, according to researchers from cybersecurity firm Rapid7. Rapid7 researchers discovered a high-severity SQL injection flaw, tracked as CVE-2025-1094,... Read more »

Valve removed the game PirateFi from the Steam video game platform because contained a malware

February 14, 2025 add comment
Valve removed a game from Steam because it contained malware, the company also warned affected users to reformat their operating systems. Valve removed the game PirateFi from the Steam... Read more »
Subscribe to our Newsletter