Microsoft says the Aisuru botnet launched a 15.7 Tbps DDoS on Azure from 500k IPs, using massive UDP floods peaking at 3.6 B pps. On October 24, 2025, Azure... Read more »

Jaguar Land Rover says the September 2025 cyberattack halted production, led to data theft, and cost £196M in the quarter. Jaguar Land Rover reported that a September 2025 cyberattack,... Read more »

North Korean Contagious Interview actors now host malware on JSON storage sites to deliver trojanized code projects, NVISO reports. North Korea-linked actors behind the Contagious Interview campaign have updated... Read more »

RondoDox botnet exploits unpatched XWiki flaw CVE-2025-24893 to gain RCE and infect more servers, despite fixes released in February 2025. RondoDox is targeting unpatched XWiki servers via critical RCE... Read more »

Five pleaded guilty to aiding North Korea ’s illicit revenue via IT worker fraud, violating international sanctions. The U.S. Department of Justice announced that five people have pleaded guilty... Read more »

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter 9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads... Read more »

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

China-linked actors used Anthropic’s AI to automate and run cyberattacks in a sophisticated 2025 espionage campaign using advanced agentic tools. China-linked threat actors used Anthropic’s AI to automate and... Read more »

Researchers found a critical vulnerability in GoSign Desktop: TLS Certificate Validation Disabled and Unsigned Update Mechanism. GoSign is an advanced and qualified electronic signature solution developed by Tinexta InfoCert... Read more »