LATEST NEWS

VIEW ALL
Flashback botnet is still active, Mac users are warned
Pierluigi Paganini January 12, 2014

Intego Malware Research Team discovered that OSX Flashback trojan is still active with sinkholing activity. Mac users must be aware. Flashback Trojan is a cyber threat known since 2011, it is a troja ...

Target announces customer data leak was bigger, 70 million victims
Pierluigi Paganini January 11, 2014

The giant US retailer Target announces that the extent of the credit-card leak was even bigger, further 70 million customers are victims of the data breach. We all remember the holiday attack again ...

Perception of cyberwarfare in US Defence and society
Pierluigi Paganini January 11, 2014

Which is the perception of cyberwarfare in the US Government and within the American population? How much cost Information warfare to the US citizens? In this post I desire to put together a series o ...

Large communities of Eastern Europe cybercriminals Verified was hacked
Pierluigi Paganini January 10, 2014

  One of the largest communities of Eastern Europe cybercriminals “Verified” was hacked, more than 18,894 bad actors revealed after several hours. According to sources at IntelCrawler, cybe ...

recent articles

Deep Web
Operation RapTor led to the arrest of 270 dark web vendors and buyers

Law enforcement operation codenamed 'Operation RapTor' led to the arrest of 270 dark web vendors and buyers across 10 countries. Police arrested 270 suspects following an international law enforce ...

Pierluigi Paganini May 23, 2025
Hacking
Chinese threat actors exploited Trimble Cityworks flaw to breach U.S. local government networks

A Chinese threat actor, tracked as UAT-6382, exploited a patched Trimble Cityworks flaw to deploy Cobalt Strike and VShell. Cisco Talos researchers attribute the exploitation of the CVE-2025-0994 ...

Pierluigi Paganini May 23, 2025
Hacking
U.S. CISA adds a Samsung MagicINFO 9 Server flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Samsung MagicINFO 9 Server vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrast ...

Pierluigi Paganini May 22, 2025
Digital ID
New Signal update stops Windows from capturing user chats

Signal implements new screen security on Windows 11, blocking screenshots by default to protect user privacy from Microsoft’s Recall feature. A Signal update for the Windows app prevents the sys ...

Pierluigi Paganini May 22, 2025
Cyber Crime
Law enforcement dismantled the infrastructure behind Lumma Stealer MaaS

Microsoft found 394,000 Windows systems talking to Lumma stealer controllers, a victim pool that included global manufacturers. A US court order, with Europol and Japan’s JC3 dismantled the Lumm ...

Pierluigi Paganini May 22, 2025
APT
Russia-linked APT28 targets western logistics entities and technology firms

CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains Russia-linked cyberespionage group APT28 intensifies i ...

Pierluigi Paganini May 22, 2025
Security
A cyberattack was responsible for the week-long outage affecting Cellcom wireless network

Cellcom, a regional wireless carrier based in Wisconsin (US), announced that a cyberattack is the cause of a service outage it faced during the past week. Cellcom, a regional wireless carrier in W ...

Pierluigi Paganini May 21, 2025
Data Breach
Coinbase data breach impacted 69,461 individuals

Cryptocurrency exchange Coinbase announced that the recent data breach exposed data belonging to 69,461 individuals. Coinbase disclosed that a data breach impacted 69,461 individuals after oversea ...

Pierluigi Paganini May 21, 2025
Security
U.S. CISA adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vul ...

Pierluigi Paganini May 21, 2025
Uncategorized
A critical flaw in OpenPGP.js lets attackers spoof message signatures

A critical flaw in OpenPGP.js, tracked as CVE-2025-47934, lets attackers spoof message signatures; updates have been released to address the flaw. A critical vulnerability, tracked as CVE-2025-479 ...

Pierluigi Paganini May 21, 2025
Data Breach
SK Telecom revealed that malware breach began in 2022

South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Korea’s largest wireless telecom company, a major player i ...

Pierluigi Paganini May 21, 2025
Hacking
4G Calling (VoLTE) flaw allowed to locate any O2 customer with a phone call

A flaw in O2 4G Calling (VoLTE) leaked user location data via network responses due to improper IMS standard implementation. A flaw in 4G Calling (VoLTE) service of the UK telecom O2 exposed user ...

Pierluigi Paganini May 20, 2025
Malware
China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks

China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia. ESET researchers revealed that a China-linked APT, tracked as UnsolicitedBoo ...

Pierluigi Paganini May 20, 2025
Data Breach
UK’s Legal Aid Agency discloses a data breach following April cyber attack

The UK’s Legal Aid Agency suffered a cyberattack in April and has now confirmed that sensitive data was stolen during the incident. The Legal Aid Agency (LAA) revealed that it had suffered a cyb ...

Pierluigi Paganini May 20, 2025
Malware
Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang

Cybersecurity Observatory of the Unipegaso's malware lab published a detailed analysis of the Sarcoma ransomware. It is with great pleasure and honor that I present the first report produced by th ...

Pierluigi Paganini May 20, 2025
Security
Mozilla fixed zero-days recently demonstrated at Pwn2Own Berlin 2025

Mozilla addressed two critical Firefox vulnerabilities that could be potentially exploited to access sensitive data or achieve code execution. Mozilla released security updates to fix two critical ...

Pierluigi Paganini May 19, 2025
Laws and regulations
Japan passed a law allowing preemptive offensive cyber actions

Japan passed a law allowing preemptive offensive cyber actions, shifting from its pacifist stance to bolster defenses like major Western powers. Japan has enacted the Active Cyberdefense Law, allo ...

Pierluigi Paganini May 19, 2025
Laws and regulations
James Comey is under investigation by Secret Service for a seashell photo showing “8647”

James Comey is under investigation for a seashell photo showing “8647,” seen by some as a coded threat against Trump. Former FBI chief James Comey is under investigation by the Secret Service ...

Pierluigi Paganini May 19, 2025
Hacking
Pwn2Own Berlin 2025: total prize money reached $1,078,750

Pwn2Own Berlin 2025 wrapped up with $383,750 awarded on the final day, pushing the total prize money to $1,078,750 over three days. On the final day of Pwn2Own Berlin 2025, participants earned $38 ...

Pierluigi Paganini May 19, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 45

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape PupkinStealer : A .NET-Based Info-Stealer  Interlock r ...

Pierluigi Paganini May 18, 2025