Pierluigi Paganini
October 05, 2025
Attackers can weaponize AWS X-Ray as a covert bidirectional C2 channel, abusing legitimate cloud tracing infrastructure for C2. Summary & Background: Before we get started, if you haven’t had a chance to read my MeetC2 log post yet, do give a read. I’ve been using MeetC2 in my RedTeam campaigns for months now, and with the […]
Pierluigi Paganini
October 04, 2025
GreyNoise saw a 500% spike in scans on Palo Alto Networks login portals on Oct. 3, 2025, the highest in three months. Cybersecurity firm GreyNoise reported a 500% surge in scans targeting Palo Alto Networks login portals on October 3, 2025, marking the highest activity in three months. On October 3, the researchers observed that […]
Pierluigi Paganini
October 04, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these […]
Pierluigi Paganini
October 03, 2025
Trinity of Chaos, tied to Lapsus$, Scattered Spider & ShinyHunters, hit 39 firms via Salesforce flaws, launching a TOR data leak site. The Trinity of Chaos, a ransomware collective presumably associated with Lapsus$, Scattered Spider, and ShinyHunters groups, launched a Data Leak Site (DLS) on the TOR network containing 39 companies including but not limited […]
Pierluigi Paganini
October 03, 2025
Researchers uncovered two Android spyware campaigns, ProSpy and ToSpy, posing as Signal and ToTok in the UAE to steal data via fake sites. ESET cybersecurity researchers uncovered two spyware campaigns, dubbed ProSpy and ToSpy, that target Android users in the United Arab Emirates (U.A.E.) by impersonating apps like Signal and ToTok. The cybersecurity firm tracks the campaigns separately due […]
Pierluigi Paganini
October 02, 2025
The cybercrime group calling itself the Crimson Collective claimed to have compromised Red Hat ‘s private GitHub repositories. The Crimson Collective claimed it had stolen 570GB from Red Hat ’s private GitHub repositories, including 28,000 projects and approximately 800 Customer Engagement Reports (CERs) with sensitive network data. CERs often contain sensitive info, including infrastructure details, […]
Pierluigi Paganini
October 01, 2025
WestJet confirms June cyberattack that disrupted certain internal systems, exposed customer passports and IDs. WestJet airline confirmed the June security breach exposed customer passports and IDs. WestJet is a Canadian airline that operates both domestic and international flights. Founded in 1996, it started as a low-cost carrier and has grown to become Canada’s second-largest airline, […]
Pierluigi Paganini
September 30, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions […]
Pierluigi Paganini
September 30, 2025
Japan’s top brewer Asahi suspends operations after a cyberattack, halting ordering, shipping, and customer service activities. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest brewing company, known for producing top-selling beers like Asahi Super Dry, as well as soft drinks and other beverages. It operates both domestically and internationally, with a strong presence […]
Pierluigi Paganini
September 30, 2025
Resecurity warns the “Trinity of Chaos” (LAPSUS$, ShinyHunters, Scattered Spider) is driving a global cybercrime wave, with major breaches undisclosed. A new Resecurity report has uncovered a rapidly unfolding—and potentially much larger—global cybercrime campaign led by the notorious alliance of LAPSUS$, ShinyHunters, and Scattered Spider. Contrary to recent claims of “retirement,” the so-called “Trinity of […]
