LATEST NEWS

VIEW ALL
Samsung Galaxy S5 vulnerability allows hackers to steal fingerprints
Pierluigi Paganini April 26, 2015

Security researchers at FireEye have discovered a vulnerability in the Samsung Galaxy S5 that allows hackers to clone fingerprints. Samsung Galaxy S5 and other ‘unnamed Android devices’ could le ...

Security Affairs newsletter Round 6 - Best of the week from best sources
Pierluigi Paganini April 26, 2015

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from the best sources free for you in your email box. Google To Speed Up The Internet With It ...

Hacking telesurgery robots, a concrete risk
Pierluigi Paganini April 26, 2015

Security experts have conducted an experimental to analyze cyber security threats against teleoperated surgical robots in telesurgery. Technology will help humans to overwhelm any obstacle, one of th ...

Dark Web Email Service SIGAINT hacked by the Intelligence
Pierluigi Paganini April 26, 2015

The Dark Web email service SIGAINT suffered a major attack that involved 70  exit nodes, a circumstance that suggests Government operation. Law enforcement and Intelligence agencies are always i ...

recent articles

Cyber Crime
German police seized eXch crypto exchange

Germany's BKA shut down eXch crypto exchange, seizing its infrastructure over money laundering and illegal trading platform charges. On April 30, 2025, Germany’s Federal Criminal Police (BKA) sh ...

Pierluigi Paganini May 12, 2025
Breaking News
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 45

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape iClicker site hack targeted students with malware via fake CAP ...

Pierluigi Paganini May 11, 2025
Breaking News
Security Affairs newsletter Round 523 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini May 11, 2025
Data Breach
Ascension reveals personal data of 437,329 patients exposed in cyberattack

A data breach at Ascension, caused by a former partner's compromise, exposed the health information of over 430,000 patients. Ascension is one of the largest private healthcare systems in the  ...

Pierluigi Paganini May 10, 2025
Malware
Operation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals services

Law enforcement dismantled a 20-year botnet behind Anyproxy and 5socks cybercriminals services and arrested four suspects. Authorities dismantled a 20-year-old botnet tied to Anyproxy and 5socks ...

Pierluigi Paganini May 10, 2025
Hacking
A cyber attack briefly disrupted South African Airways operations

A cyberattack briefly disrupted South African Airways' website, app, and systems, but core flight operations remained unaffected. South African Airways (SAA) is the national flag carrier of South ...

Pierluigi Paganini May 09, 2025
Cyber Crime
Cybercriminal services target end-of-life routers, FBI warns

The FBI warns that attackers are using end-of-life routers to deploy malware and turn them into proxies sold on 5Socks and Anyproxy networks. The FBI released a FLASH alert warning about 5Socks an ...

Pierluigi Paganini May 09, 2025
APT
Russia-linked ColdRiver used LostKeys malware in recent attacks

Since early 2025, Russia-linked ColdRiver has used LostKeys malware to steal files in espionage attacks on Western governments and organizations. Google's Threat Intelligence Group discovered LOST ...

Pierluigi Paganini May 09, 2025
Hacking
SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code

SonicWall addressed three SMA 100 flaws, including a potential zero-day, that could allow remote code execution if chained. SonicWall patches three SMA 100 vulnerabilities (CVE-2025-32819, CVE-202 ...

Pierluigi Paganini May 09, 2025
Cyber Crime
The LockBit ransomware site was breached, database dump was leaked online

Lockbit ransomware group has been compromised, attackers stole and leaked data contained in the backend infrastructure of their dark web site. Hackers compromised the dark web leak site of the Loc ...

Pierluigi Paganini May 08, 2025
Security
Cisco fixed a critical flaw in its IOS XE Wireless Controller

Cisco addressed a flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files. Cisco released software updates to address a vulnerability ...

Pierluigi Paganini May 08, 2025
Security
U.S. CISA adds GoVision device flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds GoVision device flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (C ...

Pierluigi Paganini May 08, 2025
Cyber Crime
Polish authorities arrested 4 people behind DDoS-for-hire platforms

Polish police arrested 4 people behind DDoS-for-hire platforms used in global attacks, offering takedowns for as little as €10 via six stresser services. Polish authorities arrested 4 people lin ...

Pierluigi Paganini May 08, 2025
Cyber Crime
Play ransomware affiliate leveraged zero-day to deploy malware

The Play ransomware gang exploited a high-severity Windows Common Log File System flaw in zero-day attacks to deploy malware. The Play ransomware gang has exploited a Windows Common Log File Sys ...

Pierluigi Paganini May 07, 2025
Security
Canary Exploit tool allows to find servers affected by Apache Parquet flaw

F5 Labs researchers released a PoC tool to find servers vulnerable to the Apache Parquet vulnerability CVE-2025-30065. A working proof-of-concept exploit for the critical Apache Parquet vulnerabil ...

Pierluigi Paganini May 07, 2025
Security
Unsophisticated cyber actors are targeting the U.S. Energy sector

CISA, FBI, EPA, and DoE warn of cyberattacks on the U.S. Energy sector carried out by unsophisticated cyber actors targeting ICS/SCADA systems. The US cybersecurity agency CISA, the FBI, EPA, and ...

Pierluigi Paganini May 07, 2025
Laws and regulations
NSO Group must pay WhatsApp over $167M in damages for attacks on its users

NSO Group must pay WhatsApp over $167M in damages for a 2019 hack targeting 1,400+ users, per U.S. jury ruling after a five-year legal battle. A U.S. jury ordered NSO Group to pay WhatsApp over $1 ...

Pierluigi Paganini May 07, 2025
Hacking
U.S. CISA adds FreeType flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds FreeType flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)&nb ...

Pierluigi Paganini May 07, 2025
Hacking
Samsung MagicINFO flaw exploited days after PoC exploit publication

Threat actors started exploiting a vulnerability in Samsung MagicINFO only days after a PoC exploit was published. Arctic Wolf researchers observed threat actors beginning to exploit a high-severi ...

Pierluigi Paganini May 06, 2025
Hacking
Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324

Threat actors launch second wave of attacks on SAP NetWeaver, exploiting webshells from a recent zero-day vulnerability. In April, ReliaQuest researchers warned that a zero-day vulnerability, trac ...

Pierluigi Paganini May 06, 2025