LATEST NEWS

VIEW ALL
SentinelOne warns of threat actors targeting its systems and high-value clients
Pierluigi Paganini April 29, 2025

SentinelOne warns China-linked APT group PurpleHaze attempted reconnaissance on its systems and high-value clients. Cybersecurity firm SentinelOne warns that a China-linked APT group, tracked as P ...

Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024
Pierluigi Paganini April 29, 2025

Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group's latest analysis. In 2024, Google tracked 75 exploited zero-day vulnerabilitie ...

VeriSource data breach impacted 4M individuals
Pierluigi Paganini April 29, 2025

VeriSource breach exposed data of 4M people in Feb 2024; stolen info includes personal details from an employee benefits services provider. VeriSource is alerting 4 million people after a February ...

U.S. CISA adds Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog
Pierluigi Paganini April 29, 2025

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog. ...

recent articles

Security
SentinelOne warns of threat actors targeting its systems and high-value clients

SentinelOne warns China-linked APT group PurpleHaze attempted reconnaissance on its systems and high-value clients. Cybersecurity firm SentinelOne warns that a China-linked APT group, tracked as P ...

Pierluigi Paganini April 29, 2025
Hacking
Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024

Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group's latest analysis. In 2024, Google tracked 75 exploited zero-day vulnerabilitie ...

Pierluigi Paganini April 29, 2025
Data Breach
VeriSource data breach impacted 4M individuals

VeriSource breach exposed data of 4M people in Feb 2024; stolen info includes personal details from an employee benefits services provider. VeriSource is alerting 4 million people after a February ...

Pierluigi Paganini April 29, 2025
Hacking
U.S. CISA adds Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog. ...

Pierluigi Paganini April 29, 2025
Hacking
The Turmoil Following BreachForums Shutdown: Confusion, Risks, and a New Beginning

BreachForums, a major data leak marketplace, shut down on April 15 after a MyBB 0-day exploit allowed law enforcement infiltration. On April 15, BreachForums, one of the top marketplaces for stole ...

Pierluigi Paganini April 28, 2025
APT
Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

Earth Kurma APT carried out a sophisticated campaign against government and telecommunications sectors in Southeast Asia. Trend Research exposed the Earth Kurma APT campaign targeting Southeast As ...

Pierluigi Paganini April 28, 2025
Hacking
A large-scale phishing campaign targets WordPress WooCommerce users

A large-scale phishing campaign targets WordPress WooCommerce users with a fake security alert urging them to download a 'critical patch' hiding a backdoor. Patchstack researchers uncovered a larg ...

Pierluigi Paganini April 28, 2025
Hacking
PoC rootkit Curing evades traditional Linux detection systems

Researchers created a PoC rootkit called Curing that uses Linux’s io_uring feature to evade traditional system call monitoring. Armo researchers have demonstrated a proof-of-concept (PoC) rootki ...

Pierluigi Paganini April 28, 2025
Hacking
Attackers chained Craft CMS zero-days attacks in the wild

Orange Cyberdefense's CSIRT reported that threat actors exploited two vulnerabilities in Craft CMS to breach servers and steal data. Orange Cyberdefense's CSIRT warns that threat actors chained tw ...

Pierluigi Paganini April 28, 2025
Hacking
Storm-1977 targets education sector with password spraying, Microsoft warns

Microsoft warns that threat actor Storm-1977 is behind password spraying attacks against cloud tenants in the education sector. Over the past year, Microsoft Threat Intelligence researchers obser ...

Pierluigi Paganini April 27, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 43

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive ...

Pierluigi Paganini April 27, 2025
Breaking News
Security Affairs newsletter Round 521 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini April 27, 2025
Security
African multinational telco giant MTN Group disclosed a data breach

African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers' personal information. MTN Group Limited is a South African multinational telecommunicat ...

Pierluigi Paganini April 26, 2025
Cyber Crime
CEO of cybersecurity firm charged with installing malware on hospital systems

Veritaco CEO Jeffrey Bowie faces charges for allegedly installing malware on hospital computers, violating Oklahoma's Computer Crimes Act. Jeffrey Bowie, CEO of the cybersecurity firm Veritaco, is ...

Pierluigi Paganini April 26, 2025
Malware
JPCERT warns of DslogdRAT malware deployed in Ivanti Connect Secure

Researchers identified a new malware, named DslogdRAT, deployed after exploiting a now-patched flaw in Ivanti Connect Secure (ICS). JPCERT/CC researchers reported that a new malware, dubbed Dslogd ...

Pierluigi Paganini April 25, 2025
Hacking
SAP NetWeaver zero-day allegedly exploited by an initial access broker

A zero-day in SAP NetWeaver is potentially being exploited, putting thousands of internet-facing applications at risk. Researchers warn that a zero-day vulnerability, tracked as CVE-2025-31324 ( ...

Pierluigi Paganini April 25, 2025
APT
Operation SyncHole: Lazarus APT targets supply chains in South Korea

The North Korea-linked Lazarus Group targeted at least six firms in South Korea in a cyber espionage campaign called Operation SyncHole. Kaspersky researchers reported that the North Korea-linked ...

Pierluigi Paganini April 25, 2025
Cyber Crime
Interlock ransomware gang started leaking data allegedly stolen from leading kidney dialysis firm DaVita

The Interlock ransomware gang claimed responsibility for the attack on the leading kidney dialysis company DaVita and leaked alleged stolen data. DaVita Inc. provides kidney dialysis services t ...

Pierluigi Paganini April 25, 2025
Data Breach
Yale New Haven Health (YNHHS) data breach impacted 5.5 million patients

Yale New Haven Health (YNHHS) announced that threat actors stole the personal data of 5.5 million patients in a cyberattack. Yale New Haven Health (YNHHS) disclosed a data breach that exposed pers ...

Pierluigi Paganini April 24, 2025
Cyber Crime
Crooks exploit the death of Pope Francis

Crooks exploit the death of Pope Francis, using public curiosity and emotion to launch scams and spread malware, an old tactic during global events. After Pope Francis' death, cybercriminals launc ...

Pierluigi Paganini April 24, 2025