Security Affairs

-

"Thousands of ColdFusion exploit attempts spotted during Christmas holiday."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.   Accessed on 03 January 2026, 1529 UTC.

Content and Source:  Email subscription from https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check subscription link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

77K followers24 articles per week
#security#tech

Today

Thousands of ColdFusion exploit attempts spotted during Christmas holiday

IoC > 2 IPs
by Pierluigi Paganini / 3h
4 TTPs
GreyNoise observed thousands of attacks targeting about a dozen Adobe ColdFusion vulnerabilities during the Christmas 2025 holiday. GreyNoise reports a coordinated campaign exploiting about a dozen Adobe ColdFusion vulnerabilities, with thousands of attack attempts observed during the Christmas 2025 holiday. “GreyNoise observed a coordinated exploitation campaign targeting Adobe ColdFusion server

Yesterday

Two U.S. cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case

Cybersecurity pros plead guilty ransomware
by Pierluigi Paganini / 16h
Two U.S. cybersecurity professionals pleaded guilty to charges tied to their roles in BlackCat/Alphv ransomware attacks. The U.S. cybersecurity professionals Ryan Goldberg and Kevin Martin pleaded guilty to charges tied to their roles in BlackCat/Alphv ransomware attacks that occurred in 2023. Court records show Ryan Goldberg, Kevin Martin, and a co-conspirator deployed ALPHV BlackCat ransomware

Covenant Health data breach after ransomware attack impacted over 478,000 people

2 TTPs
by Pierluigi Paganini / 23h
Covenant Health data breach affects 478188
Covenant Health suffered a ransomware attack by the Qilin group in May 2025, compromising data of over 478,000 individuals. Covenant Health , Inc., based in Andover, Massachusetts, is a healthcare organization that provides medical services and patient care. Covenant Health operates hospitals, clinics, or related healthcare facilities in multiple states, including Massachusetts, Maine, New Hampsh

Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails

5 TTPs
by Pierluigi Paganini / 1d
Google Cloud exploited in phishing
Researchers uncovered a phishing campaign abusing Google Cloud Application Integration to send emails posing as legitimate Google messages. Check Point researchers have revealed a phishing campaign that abuses Google Cloud Application Integration to send emails impersonating legitimate Google messages. The attack uses layered redirection with trusted cloud services, user validation checks, and br

IBM warns of critical API Connect bug enabling remote access

by Pierluigi Paganini / 1d
IBM disclosed a critical API Connect flaw (CVE-2025-13915, CVSS 9.8) that allows remote access via an authentication bypass. IBM addressed a critical API Connect vulnerability, tracked as CVE-2025-13915 (CVSS score of 9.8) that allows remote access via an authentication bypass. API Connect is IBM’s API management platform. It’s used by organizations to create, secure, manage, publish, and monitor

Jan 1, 2026

Trust Wallet confirms second Shai-Hulud supply-chain attack, $8.5M in crypto stolen

IoC > 1 IP and 3 domains
by Pierluigi Paganini / 1d
9 TTPs
Trust Wallet users report fund theft
Trust Wallet says a second Shai-Hulud supply-chain attack likely compromised its Chrome extension, leading to the theft of about $8.5M in crypto. Trust Wallet linked a second Shai-Hulud supply-chain attack to its Chrome extension hack, which resulted in the theft of about $8.5 million in crypto assets. The investigation reveals that the attacker independently developed and published a malicious T

React2Shell under attack: RondoDox Botnet spreads miners and malware

7 TTPs
by Pierluigi Paganini / 2d
RondoDox botnet exploits the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. CloudSEK researchers warn that the RondoDox botnet is exploiting the critical React2Shell flaw ( CVE-2025-55182 ) to drop malware and cryptominers on vulnerable Next.js servers. “CloudSEK’s report details a persistent nine-month RondoDoX botnet campaign targe

Dec 31, 2025

ESA disclosed a data breach, hackers breached external servers

ESA data breach exposes sensitive information
by Pierluigi Paganini / 2d
ESA confirmed a data breach after a hacker offered to sell stolen data, confirming that external science servers were compromised. The European Space Agency (ESA) disclosed a data breach after a threat actor offered to sell data allegedly stolen from the organization. A hacker who goes online with the moniker “888” announced on BreachForums the hack of ESA systems on December 18. SecurityWeek rep

Singapore CSA warns of maximun severity SmarterMail RCE flaw

2 TTPs
by Pierluigi Paganini / 3d
CVE-2025-52691
Singapore’s CSA warns of CVE-2025-52691, a critical SmarterMail flaw enabling unauthenticated remote code execution via arbitrary file upload. Singapore’s Cyber Security Agency of Singapore (CSA) warns of a maximum severity flaw, tracked as CVE-2025-52691 (CVSS score of 10.0), in SmarterMail. The vulnerability enables unauthenticated remote code execution via arbitrary file upload. “Successful ex

Dec 30, 2025

MongoBleed (CVE-2025-14847): the US, China, and the EU are among the top exploited GEOs

Lateral Movement (Enterprise TA0008)
by Pierluigi Paganini / 3d
MongoBleed (CVE-2025-14847) lets attackers remotely leak memory from unpatched MongoDB servers using zlib compression, without authentication. A critical vulnerability, CVE-2025-14847 ( MongoBleed ), was disclosed right after Christmas, an unwelcome “gift” for the cybersecurity community, impacting MongoDB Server deployments that use zlib network compression. MongoDB is a popular open-source NoSQ

End of feed

Comments

Post a Comment

Welcome to my geopolitics blog site. This is a Hawaii Island news site focusing on geopolitical news, analysis, information, and commentary. I will cite a variety of sources, ranging from all sides of the political spectrum.

Popular posts from this blog

WPR Daily Review.

-
Image
"The Gaza ceasefire may not last." Views expressed in this geopolitical news and analysis are those of the reporters and correspondents.  Accessed on 24 January 2025, 2005 UTC. Content and Source:  https://www.worldpoliticsreview.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://trendsingeopolitics.blogspot.com). View this email in your browser. Today’s newsletter is presented by: January 24, 2025 Hello, everyone. Today at WPR, we’re covering  the ceasefire in Gaza  and the factors that drove  electoral violence in 2024 . But first, here’s our take on today’s top stories: The International Criminal Court in The Hague, Netherlands, March 31, 2021 (AP photo by Peter Dejong). The chief prosecutor for the  International Criminal Court , Karim Khan, said yesterday he was seeking arrest warrants for the head of the Taliban, Sheikh Haibatullah Akhundzada, and  Afghanistan ’s chief justice fo...
Read more

WPR Daily Review.

-
Image
"Welcome to the era of great power stupidity." Views expressed in this geopolitical news and analysis are those of the reporters and correspondents.  Accessed on 07 March 2025, 2255 UTC. Content and Source:  https://www.worldpoliticsreview.com. Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://trendsingeopolitics.blogspot.com).   View this email in your browser. March 7, 2025 Hello, everyone. Today at WPR, we’re covering  recent unforced errors  by the U.S., Russia and China, as well as the implications of recent  large-scale infrastructure projects  for Africa. But first, here’s our take on today’s top story: A worker sets up a Syrian revolutionary flag at the entrance of the Umayyad Mosque ahead of Friday prayers in Damascus, Dec. 20, 2024 (AP photo by Leo Correa). Syria:  Clashes broke out yesterday in several coastal cities after fighters loyal to ousted dictator Bashar al-Assad ...
Read more

WPR Daily Review.

-
Image
"A weakened Iran doesn't mean a more peaceful Middle East." Views expressed in this geopolitical news and analysis are those of the reporters and correspondents.  Accessed on 06 January 2025, 2055 UTC. Content and Source:  https://www.worldpoliticsreview.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://trendsingeopolitics.blogspot.com). View this email in your browser. January 6, 2025 Hello, everyone. Today at WPR, we’re covering  Iran’s weakened power  in the Middle East and  geopolitical competition in Antarctica . But first, here’s our take on today’s top story: Protesters scatter as Kenya police spray a water canon at them during a protest over proposed tax hikes in a finance bill in downtown Nairobi, Kenya, June 25, 2024 (AP photo by Brian Inganga). Kenya:  On multiple occasions, police mischaracterized the killings by security officers of protesters during mass anti-government demon...
Read more