LATEST NEWS

VIEW ALL
Verizon Wireless tracks its clients with the UIDH technology
Pierluigi Paganini October 28, 2014

Verizon Wireless injects UIDH headers to every user's Web request to track its web experience including visited websites and his habits. Verizon Wireless, the greatest US Telecom operator is tra ...

The Fappening part 6 is out ... a boring saga
Pierluigi Paganini October 27, 2014

The part 6 of the Fappening archive is online, it includes image of Nicola Peltz, Krysten Ritter, Angie Miller, Aubrey Cleland and Tobie Perciva. The effects of the Fappening, aka the iCloud Hack, a ...

Backoff infections rise up to 57 percent increase in Q3
Pierluigi Paganini October 27, 2014

Security firm Damballa issued the 'State of Infections Report Q3 2014' that highlights a 57% increase in infections of the notorious Backoff POS malware. Security experts at Damballa security firm d ...

RRVS, Facebook and Yahoo work to prevent identity theft
Pierluigi Paganini October 27, 2014

Facebook and Yahoo have designed an SMTP extension dubbed RRVS, Require-Recipient-Valid-Since, to prevent illegal use of emails with a new  ownership. Last year Yahoo announced the decision to reset ...

recent articles

Hacking
The popular xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack

The xrpl.js Ripple cryptocurrency library was compromised in a supply chain attack aimed at stealing users' private keys. Threat actors compromised the Ripple cryptocurrency npm JavaScript library ...

Pierluigi Paganini April 23, 2025
Hacking
British retailer giant Marks & Spencer (M&S) is managing a cyber incident

Marks & Spencer (M&S) confirmed it's managing a cyber incident after multiple customer complaints surfaced on social media. Marks and Spencer Group plc (M&S) announced it has been mana ...

Pierluigi Paganini April 23, 2025
Cyber Crime
Chinese Cybercriminals Released Z-NFC Tool for Payment Fraud

Cybercriminals leverage NFC fraud against ATMs and POS terminals, stealing money from consumers at scale. Resecurity (USA) investigated multiple incidents identified in Q1 2025, exceeding several ...

Pierluigi Paganini April 23, 2025
Data Breach
Millions of SK Telecom customers are potentially at risk following USIM data compromise

SK Telecom warned that threat actors accessed customer Universal Subscriber Identity Module (USIM) info through a malware attack. SK Telecom is South Korea’s largest wireless telecom company, a ...

Pierluigi Paganini April 22, 2025
Hacking
Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms' sites

Japan ’s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. Japan ’s Financial Services Agency (FSA) reported that the da ...

Pierluigi Paganini April 22, 2025
APT
Kimsuky APT exploited BlueKeep RDP flaw in attacks against South Korea and Japan

Researchers spotted a new North Korea-linked group Kimsuky 's campaign, exploiting a patched Microsoft Remote Desktop Services flaw to gain initial access. While investigating a security breach, t ...

Pierluigi Paganini April 21, 2025
Malware
New sophisticate malware SuperCard X targets Androids via NFC relay attacks

‘SuperCard X’ - a new MaaS - targets Androids via NFC relay attacks, enabling fraudulent POS and ATM transactions with stolen card data. Cleafy researchers discovered a new malware-as-a-servic ...

Pierluigi Paganini April 21, 2025
APT
Russia-linked APT29 targets European diplomatic entities with GRAPELOADER malware

Russia-linked group APT29 targeted diplomatic entities across Europe with a new malware loader codenamed GRAPELOADER. Check Point Research team reported that Russia-linked cyberespionage group APT ...

Pierluigi Paganini April 21, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 42

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware V ...

Pierluigi Paganini April 20, 2025
Breaking News
Security Affairs newsletter Round 520 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini April 20, 2025
Security
Attackers exploited SonicWall SMA appliances since January 2025

Threat actors are actively exploiting a remote code execution flaw in SonicWall Secure Mobile Access (SMA) appliances since January 2025. Arctic Wolf researchers warn that threat actors actively e ...

Pierluigi Paganini April 19, 2025
Security
ASUS routers with AiCloud vulnerable to auth bypass exploit

ASUS warns of an authentication bypass vulnerability in routers with AiCloud enabled that could allow unauthorized execution of functions on the device. ASUS warns of an authentication bypass vuln ...

Pierluigi Paganini April 18, 2025
Hacking
U.S. CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrast ...

Pierluigi Paganini April 18, 2025
Data Breach
Entertainment venue management firm Legends International disclosed a data breach

Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues. Legends International is a global leader in sports and entertainment ve ...

Pierluigi Paganini April 18, 2025
Hacking
Node.js malvertising campaign targets crypto users

Microsoft warns of a malvertising campaign using Node.js to deliver info-stealing malware via fake crypto trading sites like Binance and TradingView. Microsoft has observed Node.js increasingly us ...

Pierluigi Paganini April 17, 2025
Security
Apple released emergency updates for actively exploited flaws

Apple released emergency updates to fix iOS, iPadOS & macOS vulnerabilities actively exploited in sophisticated attacks. Apple released out‑of‑band security updates to address two vulnerab ...

Pierluigi Paganini April 17, 2025
Hacking
U.S. CISA adds SonicWall SMA100 Appliance flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SMA100 Appliance flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...

Pierluigi Paganini April 17, 2025
Security
CISA's 11-Month extension ensures continuity of MITRE's CVE Program

MITRE’s U.S.-funded CVE program, a core cybersecurity tool for tracking vulnerabilities, faces funding expiry Wednesday, risking disruption to global security. U.S. government funding for MITRE ...

Pierluigi Paganini April 16, 2025
Hacking
Cyber Threats Against Energy Sector Surge as Global Tensions Mount

Resecurity warns of rising cyberattacks on the energy sector, some linked to large-scale campaigns targeting national infrastructure for geopolitical aims. Resecurity warns about the increase in ...

Pierluigi Paganini April 16, 2025
Data Breach
Government contractor Conduent disclosed a data breach

The business services provider Conduent told the SEC a January cyberattack exposed personal data, including names and Social Security numbers. The business services provider Conduent revealed that ...

Pierluigi Paganini April 16, 2025