WikiLoader malware-as-a-service targets Italian organizations

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in... Read more »

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers

Canon warns that sensitive data on the Wi-Fi connection settings stored in the memories of inkjet printers may not be deleted during initialization. Canon warns that sensitive information on... Read more »

Experts discovered a previously undocumented initial access vector used by P2PInfect worm

Cado Security observed a new variant of the P2PInfect worm targets Redis servers with a previously undocumented initial access vector. In July, Palo Alto Networks Unit 42 researchers discovered... Read more »

Experts link AVRecon bot to the malware proxy service SocksEscort

The AVRecon botnet relies on compromised small office/home office (SOHO) routers since at least May 2021. In early July, researchers from Lumen Black Lotus Labs discovered the AVRecon botnet... Read more »

Three flaws in Ninja Forms plugin for WordPress impact 900K sites

Experts warn of vulnerabilities impacting the Ninja Forms plugin for WordPress that could be exploited for escalating privileges and data theft. The Ninja Forms plugin for WordPress is affected... Read more »

Experts warn attackers started exploiting Citrix ShareFile RCE flaw CVE-2023-24489

Researchers warn that threat actors started exploiting Citrix ShareFile RCE vulnerability CVE-2023-24489 in the wild. Citrix ShareFile is a widely used cloud-based file-sharing application, which is affected by the... Read more »

In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issues

Google’s Threat Analysis Group Google states that more than 40% of zero-day flaws discovered in 2022 were variants of previous issues. The popular Threat Analysis Group (TAG) Maddie Stone... Read more »

New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wild

Software firm Ivanti disclosed another security vulnerability impacting Endpoint Manager Mobile (EPMM), that it said actively exploited. Ivanti disclosed a new security vulnerability impacting Endpoint Manager Mobile (EPMM), tracked... Read more »

Security Affairs newsletter Round 430 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new... Read more »

CISA warns about SUBMARINE Backdoor employed in Barracuda ESG attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of threat actors deploying the SUBMARINE Backdoor in Barracuda ESG attacks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published... Read more »
Subscribe to our Newsletter