Hacking

Pierluigi Paganini April 18, 2026
Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access

Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Microsoft Defender to gain higher privileges on compromised systems. The vulnerabilities, called BlueHammer, RedSun, and UnDefend, were revealed by a researcher known as Chaotic Eclipse after criticizing Microsoft’s handling of the […]

Pierluigi Paganini April 17, 2026
Inside ZionSiphon: politically driven malware aims at Israeli water systems

New ZionSiphon malware targets water systems, and allows attackers to alter pressure and chlorine levels. A flaw makes it ineffective for now. Darktrace analyzed ZionSiphon, a new malware designed to target water treatment and desalination systems, which aims to disrupt operations by altering hydraulic pressure and increasing chlorine levels to unsafe levels. The malware combines […]

Pierluigi Paganini April 17, 2026
U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Apache ActiveMQ, tracked as CVE-2026-34197 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-34197 is a critical flaw in Apache ActiveMQ caused by […]

Pierluigi Paganini April 16, 2026
AI platform n8n abused for stealthy phishing and malware delivery

Attackers abuse AI automation platform n8n to run phishing campaigns, deliver malware, and evade security by using trusted infrastructure. Threat actors are exploiting the popular AI workflow automation platform n8n to launch advanced phishing campaigns, deliver malware, and collect device data through automated emails. By using trusted infrastructure, they can bypass traditional security controls and […]

Pierluigi Paganini April 16, 2026
From clinics to government: UAC-0247 expands cyber campaign across Ukraine

CERT-UA reports UAC-0247 targeting Ukrainian clinics and government bodies with malware stealing data from Chromium browsers and WhatsApp. CERT-UA has revealed a cyber campaign by the threat actor UAC-0247 targeting Ukrainian government entities and municipal healthcare facilities, including clinics and emergency hospitals. The operation between March and April 2026, used malware designed to steal sensitive […]

Pierluigi Paganini April 15, 2026
CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access

An actively exploited critical nginx-ui flaw (CVE-2026-33032) lets attackers bypass authentication and take full control of Nginx servers. A critical vulnerability in nginx-ui, tracked as CVE-2026-33032 (CVSS score of 9.8), is being actively exploited, allowing attackers to bypass authentication and fully take over Nginx servers. The issue stems from improper protection of the /mcp_message endpoint, […]

Pierluigi Paganini April 15, 2026
U.S. CISA adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first […]

Pierluigi Paganini April 15, 2026
PHP Composer flaws enable remote command execution via Perforce VCS

Two high-severity flaws in PHP Composer could let attackers run arbitrary commands via malicious repository configs and crafted inputs affecting Perforce VCS. Two high-severity vulnerabilities in PHP Composer could allow attackers to execute arbitrary commands. PHP Composer is a dependency manager for PHP that helps developers install and manage libraries their projects need. By defining […]

Pierluigi Paganini April 15, 2026
Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day

Microsoft Patch Tuesday security updates for April 2026 fixed 165 vulnerabilities, including an actively exploited SharePoint zero-day. Microsoft Patch Tuesday security updates addressed 165 vulnerabilities, making it one of the largest updates by CVE count. One of the most interesting flaws fixed by the IT giant is a critical SharePoint zero-day, tracked as CVE-2026-32201, already […]

Pierluigi Paganini April 14, 2026
Personal data of 1 million gym members compromised in Basic-Fit security incident

A breach at Basic-Fit exposed data of 1M members, including names, birth dates and bank details after unauthorized access. Basic-Fit, Europe’s largest gym chain, has disclosed a data breach affecting around 1 million members. Hackers gained unauthorized access to the company systems and stole personal. The gym chain said it recently detected the intrusion and […]