MUST READ

340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks

 | 

Zero-Click WhatsApp Account Takeover Hits iPhone Users Running iOS 16. No Linked Devices, No Warning

 | 

Dutch authorities dismantle hosting network allegedly used for cyberattacks and disinformation

 | 

FBI director Kash Patel’s brand website taken offline after malware reports

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98

 | 

Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Anthropic's Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious

 | 

U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog

 | 

CVE-2026-9082: Drupal's Highly Critical SQL Injection Flaw Is Already Under Active Attack

 | 

Why pure extortion is replacing traditional ransomware

 | 

Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets

 | 

Authorities arrest 23-year-old accused of running the Kimwolf botnet

 | 

One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure

 | 

U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog

 | 

Global law enforcement operation takes First VPN offline

 | 

Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown

 | 

Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix

 | 

Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload

 | 

Discord adds end-to-end encryption to voice and video calls by default

 | 

PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch

 | 

Data Breach

Pierluigi Paganini March 21, 2026
WorldLeaks ransomware group breached the City of Los Angels

WorldLeaks group hit Los Angeles and its Metro system, forcing a shutdown, while two Bay Area cities declared emergencies after ransomware attacks. WorldLeaks group hit Los Angeles and its Metro, forcing a shutdown, while two Bay Area cities declared emergencies after ransomware attacks. This week, local media reported that an unauthorized activity hit Metro’s internal […]

Pierluigi Paganini March 20, 2026
Navia data breach impacts nearly 2.7 Million people

Navia Benefit Solutions data breach exposed 2.7M people after attackers accessed systems from December 2025 to January 2026. Navia Benefit Solutions disclosed a data breach affecting 2,697,540 individuals. The company detected suspicious activity on January 23, 2026 and quickly launched an investigation to assess the incident. Navia Benefit Solutions is a U.S.-based company that provides […]

Pierluigi Paganini March 18, 2026
Robotic surgery firm Intuitive reports data breach after targeted phishing attack

Intuitive suffered a phishing attack leading to a data breach exposing customer, employee, and corporate information. Intuitive is an American company that designs, manufactures, and sells robotic systems for minimally invasive surgery. Its most well-known products include the da Vinci Surgical System for general surgery and the Ion endoluminal system for precise procedures inside the […]

Pierluigi Paganini March 14, 2026
Starbucks data breach impacts 889 employees

Starbucks disclosed a breach after phishing attacks on its employee portal led to unauthorized access to Partner Central accounts, exposing staff data. Starbucks reported a data breach affecting hundreds of employees after phishing attacks targeted its Partner Central employee portal. The security breach was detected on February 6, the incident involved unauthorized access to staff […]

Pierluigi Paganini March 12, 2026
Bell Ambulance data breach impacted over 238,000 people

Bell Ambulance confirms a February 2025 breach affecting 238,000 people, exposing personal, financial, and health information. Nearly 238,000 individuals are impacted by a February 2025 Bell Ambulance data breach. Bell Ambulance is a U.S.-based emergency medical services provider offering ambulance transport, paramedic care, and patient support. It serves communities with urgent medical response, interfacility transfers, […]

Pierluigi Paganini March 10, 2026
Ericsson US confirms breach after third-party provider attack

Ericsson US reports a data breach after attackers hacked a service provider, exposing employee and customer information. Ericsson Inc., the U.S. branch of the Swedish telecom giant, disclosed a data breach after a service provider was hacked. The attack compromised the personal information of an unspecified number of employees and customers. “On April 28, 2025, […]

Pierluigi Paganini March 09, 2026
Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients

A breach at Cognizant’s TriZetto Provider Solutions exposed sensitive health data belonging to more than 3.4 million patients. A data breach at Cognizant’s TriZetto Provider Solutions exposed sensitive information belonging to more than 3.4 million patients. At this time, no ransomware group has claimed responsibility for the attack yet. TriZetto Provider Solutions is a healthcare […]

Pierluigi Paganini March 04, 2026
Data breach at University of Hawaiʻi Cancer Center impacts 1.2 Million individuals

A ransomware attack on the University of Hawaiʻi Cancer Center exposed personal data of 1.2 million people. A 2025 ransomware attack targeting the University of Hawaiʻi Cancer Center compromised the personal information of about 1.2 million individuals. The attack hit the University of Hawaiʻi Cancer Center on August 31, 2025, impacting servers that support research […]

Pierluigi Paganini March 03, 2026
Ariomex, Iran-based crypto exchange, suffers data leak

Resecurity says Iran’s Ariomex crypto exchange suffered a data leak exposing user and transaction data from 2022 to 2025. Resecurity (USA) reports that Ariomex’s database, one of Iran’s cryptocurrency exchange platforms, suffered a data leak. The report published by the cybersecurity company presents the findings of a structured analysis of the leaked database, which contains […]

Pierluigi Paganini March 03, 2026
Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked

Madison Square Garden confirmed a data breach tied to the 2025 Oracle E-Business Suite hacking campaign. Madison Square Garden (MSG) has confirmed it was affected by a data breach linked to the 2025 cybercrime campaign targeting Oracle’s E-Business Suite (EBS) customers. Madison Square Garden (MSG) is a world-famous multi-purpose indoor arena located in New York […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks

Cyber Crime / May 25, 2026

Zero-Click WhatsApp Account Takeover Hits iPhone Users Running iOS 16. No Linked Devices, No Warning

Security / May 25, 2026

Dutch authorities dismantle hosting network allegedly used for cyberattacks and disinformation

Intelligence / May 25, 2026

FBI director Kash Patel’s brand website taken offline after malware reports

Security / May 25, 2026

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98

Malware / May 24, 2026