Internet Security

U.S. CISA adds Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog

April 29, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity... Read more »

The Turmoil Following BreachForums Shutdown: Confusion, Risks, and a New Beginning

April 28, 2025 add comment
BreachForums, a major data leak marketplace, shut down on April 15 after a MyBB 0-day exploit allowed law enforcement infiltration. On April 15, BreachForums, one of the top marketplaces... Read more »

Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

April 28, 2025 add comment
Earth Kurma APT carried out a sophisticated campaign against government and telecommunications sectors in Southeast Asia. Trend Research exposed the Earth Kurma APT campaign targeting Southeast Asia’s government and... Read more »

A large-scale phishing campaign targets WordPress WooCommerce users

April 28, 2025 add comment
A large-scale phishing campaign targets WordPress WooCommerce users with a fake security alert urging them to download a ‘critical patch’ hiding a backdoor. Patchstack researchers uncovered a large-scale phishing... Read more »

PoC rootkit Curing evades traditional Linux detection systems

April 28, 2025 add comment
Researchers created a PoC rootkit called Curing that uses Linux’s io_uring feature to evade traditional system call monitoring. Armo researchers have demonstrated a proof-of-concept (PoC) rootkit named Curing that relies on... Read more »

Attackers chained Craft CMS zero-days attacks in the wild

April 28, 2025 add comment
Orange Cyberdefense’s CSIRT reported that threat actors exploited two vulnerabilities in Craft CMS to breach servers and steal data. Orange Cyberdefense’s CSIRT warns that threat actors chained two Craft... Read more »

Storm-1977 targets education sector with password spraying, Microsoft warns

April 27, 2025 add comment
Microsoft warns that threat actor Storm-1977 is behind password spraying attacks against cloud tenants in the education sector. Over the past year, Microsoft Threat Intelligence researchers observed a threat actor,... Read more »

Security Affairs newsletter Round 521 by Pierluigi Paganini – INTERNATIONAL EDITION

April 27, 2025 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 43

April 27, 2025 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure XRP... Read more »

African multinational telco giant MTN Group disclosed a data breach

April 26, 2025 add comment
African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information. MTN Group Limited is a South African multinational telecommunications company headquartered in Johannesburg. Founded... Read more »
Subscribe to our Newsletter