Discord denies massive breach, confirms limited exposure of 70K ID photos Discord否认大规模用户数据泄露，仅承认约7万名用户的政府ID照片可能被暴露。攻击者声称通过入侵其第三方客服平台获取了大量数据，并试图勒索赎金。Discord表示其核心系统未受直接影响，并已采取措施应对事件。... 2025-10-9 08:49:40 | 阅读: 14 | 收藏 | Security Affairs - securityaffairs.com 5m zendesk claiming 70k attackers

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi 麒麟勒索软件声称对日本啤酒巨头朝日集团的网络攻击负责，导致其在日本的业务中断。此次攻击泄露了27GB的数据，包括员工和财务文件。朝日确认遭遇勒索软件攻击，并正在调查数据泄露的影响范围。目前其日本子公司已部分恢复运营。... 2025-10-8 21:5:18 | 阅读: 21 | 收藏 | Security Affairs - securityaffairs.com asahi ransomware claimed qilin japan

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscap... 2025-10-8 18:20:2 | 阅读: 15 | 收藏 | Security Affairs - securityaffairs.com ransomware lockbit qilin alliance dragonforce

DraftKings thwarts credential stuffing attack, but urges password reset and MFA DraftKings遭遇凭证填充攻击，部分用户账户被入侵。公司迅速采取行动遏制事件，并未发现数据泄露。受影响用户需重置密码并启用多因素认证以增强账户安全。... 2025-10-8 13:39:14 | 阅读: 12 | 收藏 | Security Affairs - securityaffairs.com draftkings stuffing passwords firm

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution Redis披露严重漏洞CVE-2025-49844，存在13年 Lua 脚本用后释放问题，允许远程代码执行。攻击需认证访问。影响所有 Redis 版本。已修复并建议限制 Lua 脚本执行。... 2025-10-8 09:10:12 | 阅读: 16 | 收藏 | Security Affairs - securityaffairs.com lua 49844 malicious cloud wiz

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog 美国网络安全与基础设施安全局（CISA）将Synacor Zimbra协作套件（ZCS）中的存储型XSS漏洞（CVE-2025-27915）加入已知被利用的漏洞目录。该漏洞允许攻击者通过恶意ICS文件执行JavaScript代码，劫持会话并窃取数据。研究人员发现此零日漏洞被用于针对巴西军方的攻击。CISA要求联邦机构于2025年10月28日前修复该漏洞以防范风险。... 2025-10-7 21:39:49 | 阅读: 11 | 收藏 | Security Affairs - securityaffairs.com zimbra exploited malicious

GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns Storm-1175 利用 GoAnywhere MFT 的零日漏洞 CVE-2025-10035 进行 Medusa 勒索软件攻击，该漏洞允许远程代码执行。Fortra 于 9 月修复此问题，但早在 9 月 10 日就被活跃利用。... 2025-10-7 19:23:12 | 阅读: 16 | 收藏 | Security Affairs - securityaffairs.com fortra goanywhere medusa mft microsoft

CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025 CrowdStrike将Oracle EBS漏洞CVE-2025-61882（CVSS 9.8）与Cl0p组织关联，该漏洞允许未认证远程代码执行，首次攻击于2025年8月9日。Cl0p利用此漏洞进行数据窃取攻击，Oracle已发布紧急补丁修复。... 2025-10-7 08:42:43 | 阅读: 20 | 收藏 | Security Affairs - securityaffairs.com ebs crowdstrike 61882 cl0p exploited

U.S. CISA adds Oracle, Mozilla, Microsoft Windows, Linux Kernel, and Microsoft IE flaws to its Known Exploited Vulnerabilities catalog 美国网络安全机构CISA将Oracle、Mozilla、微软Windows、Linux内核和IE的多个漏洞加入已知被利用漏洞目录，并要求联邦机构在2025年10月前修复这些安全漏洞。其中Oracle E-Business Suite的高危漏洞CVE-2025-61882已被Cl0p勒索组织用于数据窃取攻击。... 2025-10-7 06:59:45 | 阅读: 26 | 收藏 | Security Affairs - securityaffairs.com microsoft catalog windows exploited

Discord discloses third-party breach affecting customer support data Discord报告称，其第三方客服提供商遭遇数据泄露，影响了与支持团队互动的用户。泄露信息包括联系详情、IP地址、账单信息及政府ID图像等。Discord自身系统未受攻击，已采取措施并通知受影响用户。... 2025-10-6 20:31:56 | 阅读: 12 | 收藏 | Security Affairs - securityaffairs.com agents billing appealed contacted

Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers Oracle修复了E-Business Suite中的严重漏洞CVE-2025-61882（CVSS 9.8），该漏洞被Cl0p黑客用于数据窃取攻击。未认证攻击者可远程控制Oracle组件。Oracle发布紧急补丁并提供检测指标。Cl0p以窃取数据勒索企业，赎金高达5千万美元。... 2025-10-6 13:39:50 | 阅读: 23 | 收藏 | Security Affairs - securityaffairs.com cl0p exploited mandiant ransomware ebs

LinkedIn sues ProAPIs for $15K/Month LinkedIn data scraping scheme LinkedIn起诉ProAPIs及其CEO Rahmat Alam，指控其利用数百万假账户非法抓取并出售用户数据，每月收费高达15,000美元。这些行为违反了用户协议和法律。... 2025-10-6 13:8:33 | 阅读: 16 | 收藏 | Security Affairs - securityaffairs.com defendants scraping ing scrape violates

Zimbra users targeted in zero-day exploit using iCalendar attachments Zimbra Collaboration Suite存在零日漏洞CVE-2025-27915，攻击者利用恶意iCalendar文件发起攻击。该漏洞为存储型XSS，通过未正确清理HTML代码引发。攻击者利用<ontoggle>事件执行JavaScript，窃取凭证、邮件数据并重定向邮件。研究人员发现攻击者使用多种技术隐藏行为，并将数据上传至特定服务器。此漏洞影响Zimbra 9.0至10.1版本。... 2025-10-6 07:33:58 | 阅读: 22 | 收藏 | Security Affairs - securityaffairs.com zimbra malicious 27915 strikeready

Reading the ENISA Threat Landscape 2025 report ENISA 2025报告指出，欧洲网络威胁包括勒索软件、AI钓鱼攻击和国家支持的间谍活动，这些威胁相互交织，导致持续且复杂的攻击环境。建议加强合作和防御措施以应对挑战。... 2025-10-6 06:51:27 | 阅读: 19 | 收藏 | Security Affairs - securityaffairs.com enisa ransomware espionage phishing hacktivist

Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control 攻击者利用AWS X-Ray作为隐蔽双向C2通道，通过合法云追踪服务实现命令控制。该技术将X-Ray注释存储为任意键值数据，并通过API写入和查询数据。攻击分为三个阶段：植入信标、命令交付和结果外泄。通信基于AWS X-Ray服务域名xray.[region].amazonaws.com，并采用HMAC-SHA256签名确保流量合法化。... 2025-10-5 13:6:27 | 阅读: 134 | 收藏 | Security Affairs - securityaffairs.com c2 xray ray 1e055763 a3f7b2c8

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 65 本网站使用cookies以记住您的偏好和访问记录，并提供更相关体验。点击“Accept All”即同意使用所有cookies；您也可通过“Cookie Settings”进行个性化设置。... 2025-10-5 12:1:0 | 阅读: 21 | 收藏 | Security Affairs - securityaffairs.com visits remembering repeat

Security Affairs newsletter Round 544 by Pierluigi Paganini – INTERNATIONAL EDITION 网站使用cookies记住偏好和访问记录以提供相关体验。点击“Accept All”同意使用所有cookies, 或通过“Cookie Settings”控制同意.... 2025-10-5 11:35:2 | 阅读: 18 | 收藏 | Security Affairs - securityaffairs.com remembering repeat visits

GreyNoise detects 500% surge in scans targeting Palo Alto Networks portals GreyNoise发现针对Palo Alto Networks登录门户的扫描激增500%，主要来自美国及部分欧洲国家。93%的IP可疑，7%恶意。扫描活动与近期Cisco ASA事件相似，可能关联共享基础设施。GreyNoise正在开发动态IP黑名单以应对威胁。... 2025-10-4 19:50:0 | 阅读: 19 | 收藏 | Security Affairs - securityaffairs.com palo alto greynoise portals asa

U.S. CISA adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog 美国网络安全和基础设施安全局（CISA）将Smartbedded Meteobridge、三星、Juniper ScreenOS、Jenkins和GNU Bash的多个漏洞加入其已知被利用的漏洞目录。这些漏洞包括命令注入、身份验证问题和远程代码执行等高风险安全问题。... 2025-10-4 15:49:21 | 阅读: 18 | 收藏 | Security Affairs - securityaffairs.com catalog remote jenkins samsung

ShinyHunters Launches Data Leak Site: Trinity of Chaos Announces New Ransomware Victims Trinity of Chaos, linked to cybercrime groups like Lapsus$ and ShinyHunters, exploited Salesforce vulnerabilities to attack 39 companies, including Google and Cisco. They launched a TOR-based data leak site, threatening to release over 1.5 billion records if ransoms aren't paid. The FBI issued warnings about the risks of stolen data misuse.... 2025-10-3 22:33:21 | 阅读: 18 | 收藏 | Security Affairs - securityaffairs.com salesforce trinity dls ransomware