Pierluigi Paganini
June 27, 2016
Lenovo fixed two flaws (CVE-2016-5249, CVE-2016-5248) in the Lenovo Solution Center, once again the company faces problems with pre-installed bloatware. Lenovo has fixed two high severity vulnerabili ...
Pierluigi Paganini
June 27, 2016
Today I propose you an interview with Cesar Cerrudo, CTO at IOActive Labs, famous for his research on ICS/SCADA, Smart Cities, IoT, software security. Cesar Cerrudo is CTO at IOActive Labs, leading t ...
Pierluigi Paganini
June 26, 2016
The cyber security expert Benjamin Tedesco during his vacation in Vienna, Austria, has spotted an ATM skimmer quite impossible to detect to common people. Have you ever seen a skimmer while using an ...
Pierluigi Paganini
June 26, 2016
Experts are continuing to monitor the PunKeyPos malware in the wild, the threat might have already stolen millions of payment card numbers. Experts are continuing to monitor the PunKeyPos malware in ...
October 16, 2025
October 15, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe Experience Manager Forms flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secu ...
Pierluigi Paganini
October 16, 2025
China-linked APT Jewelbug targeted a Russian IT provider for five months in 2025, showing Russia remains exposed to Chinese cyber espionage. China-linked threat actor Jewelbug (aka CL-STA-0049, Ea ...
Pierluigi Paganini
October 16, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds OracSKYSEA Client View, Rapid7 Velociraptor, Microsoft Windows, and IGEL OS flaws to its Known Exploited Vulnerabilities catalog. ...
Pierluigi Paganini
October 16, 2025
Spanish fashion retailer MANGO disclosed a data breach after a marketing vendor compromise exposed customer personal information. Mango is a global fashion brand founded in Barcelona in 1984, it h ...
Pierluigi Paganini
October 16, 2025
Resecurity’s new report details how the Qilin RaaS group relies on global bulletproof hosting networks to support its extortion operations. The following new report by Resecurity will explore th ...
Pierluigi Paganini
October 15, 2025
F5 disclosed that a sophisticated nation-state actor breached its systems, stealing BIG-IP source code and data on undisclosed product vulnerabilities. Cybersecurity firm F5 disclosed that a highl ...
Pierluigi Paganini
October 15, 2025
About 200K Linux systems from Framework shipped with signed UEFI components vulnerable to Secure Boot bypass, allowing bootkit installation and persistence. Firmware security company Eclypsium war ...
Pierluigi Paganini
October 15, 2025
SAP addressed 13 new flaws, including a maximum severity vulnerability in SAP NetWeaver, which could lead to arbitrary command execution. SAP addressed 13 new vulnerabilities, including a maximu ...
Pierluigi Paganini
October 15, 2025
Researchers found nearly half of geostationary satellites leak unencrypted data, exposing consumer, corporate, and military communications. A group of researchers from UC San Diego and the Univers ...
Pierluigi Paganini
October 15, 2025
China-linked cyberespionage group Flax Typhoon hijacked an ArcGIS system for over a year and used it as a backdoor. China-linked APT group Flax Typhoon (aka Ethereal Panda or RedJuliett) compromis ...
Pierluigi Paganini
October 15, 2025
A botnet of 100K+ IPs from multiple countries is attacking U.S. RDP services in a campaign active since October 8. GreyNoise researchers uncovered a large-scale botnet that is targeting Remote Des ...
Pierluigi Paganini
October 14, 2025
Harvard University confirmed being targeted in the Oracle EBS campaign after the Cl0p ransomware group leaked 1.3 TB of data. Harvard University confirmed it was targeted in the Oracle E-Business ...
Pierluigi Paganini
October 14, 2025
The UK’s NCSC handled 429 cyberattacks from Sept 2024–Aug 2025, including 204 nationally significant cases, over double the previous year’s total. The UK’s National Cyber Security Centre ( ...
Pierluigi Paganini
October 14, 2025
SpyChain shows how unverified COTS hardware in small satellites can enable persistent, multi-component supply chain attacks using NASA’s NOS3 simulator. The rise of small satellites has transfor ...
Pierluigi Paganini
October 14, 2025
Oracle issued an emergency security update to address a new E-Business Suite (EBS) vulnerability tracked as CVE-2025-61884. Oracle released an emergency patch to address an information disclosure ...
Pierluigi Paganini
October 14, 2025
Malicious code on Unity Technologies’s SpeedTree site skimmed sensitive data from hundreds of customers, the company confirmed. Video game software development firm Unity Technologies revealed t ...
Pierluigi Paganini
October 13, 2025
Medusa ransomware hit SimonMed Imaging, stealing 200 GB of data and impacting over 1.2 million people in a major healthcare data breach. SimonMed Imaging suffered a ransomware attack by the Medusa ...
Pierluigi Paganini
October 13, 2025
Microsoft updated Edge’s Internet Explorer mode after August 2025 reports that attackers exploited it to access users’ devices without authorization. Microsoft updated Edge’s Internet Explor ...
Pierluigi Paganini
October 13, 2025
The Astaroth banking Trojan uses GitHub to host malware configs, evade C2 takedowns and stay active by pulling new settings from the platform. McAfee discovered a new Astaroth campaign using GitHu ...
Pierluigi Paganini
October 13, 2025
Google and Mandiant link Oracle EBS extortion emails to known July-patched flaws and a likely zero-day, CVE-2025-61882. Google Threat Intelligence and Mandiant analyzed the Oracle E-Business Suite ...
Pierluigi Paganini
October 13, 2025
