Pierluigi Paganini
March 18, 2026
CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company Dream disclosed a critical flaw, tracked as CVE-2026-32746 (CVSS score of 9.8), in GNU InetUtils telnetd that lets unauthenticated remote attackers execute code with elevated privileges. The issue stems from an out-of-bounds write in […]
Pierluigi Paganini
March 18, 2026
Ubuntu flaw CVE-2026-3888 lets attackers gain root via a systemd timing exploit, affecting Desktop 24.04+ with high severity. Qualys researchers found a high-severity flaw, tracked as CVE-2026-3888 (CVSS score of 7.8), in Ubuntu Desktop 24.04+, which allows attackers to exploit a systemd cleanup timing issue to escalate privileges to root and potentially take full control […]
Pierluigi Paganini
March 18, 2026
Intuitive suffered a phishing attack leading to a data breach exposing customer, employee, and corporate information. Intuitive is an American company that designs, manufactures, and sells robotic systems for minimally invasive surgery. Its most well-known products include the da Vinci Surgical System for general surgery and the Ion endoluminal system for precise procedures inside the […]
Pierluigi Paganini
March 17, 2026
EU sanctions Chinese and Iranian firms and individuals for cyberattacks targeting critical infrastructure and over 65,000 devices across member states. The Council of the European Union has imposed sanctions on three companies and two individuals linked to cyberattacks against EU countries and partners. “The Council adopted today restrictive measures against three entities and two individuals responsible for cyber-attacks carried […]
Pierluigi Paganini
March 17, 2026
ClickFix campaigns are evolving, with attackers increasingly targeting macOS users and deploying more advanced infostealers, according to Sophos researchers. ClickFix is a growing social engineering technique that tricks users into manually executing malicious commands, bypassing traditional protections. Once mainly targeting Windows, it is now increasingly affecting macOS, with recent campaigns deploying infostealers like AMOS and […]
Pierluigi Paganini
March 17, 2026
The recent cyberattack on Stryker wiped tens of thousands of employee devices through its Microsoft environment, and systems are still offline. A recent cyberattack on medical technology giant Stryker targeted its internal Microsoft environment and remotely wiped tens of thousands of employee devices without using malware. The company confirmed that its medical devices were not […]
Pierluigi Paganini
March 16, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Wing FTP Server flaw, tracked as CVE-2025-47813 (CVSS score of 4.3), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-47813 is an information disclosure vulnerability affecting Wing FTP […]
Pierluigi Paganini
March 16, 2026
Former BND VP Arndt Freytag von Loringhoven was targeted in a Signal cyberattack, part of a wave hitting officials and politicians in Germany. A cyberattack targeting Signal and WhatsApp users has hit high-ranking German officials, including former BND Vice President Arndt Freytag von Loringhoven. The official reported being contacted by someone posing as Signal support […]
Pierluigi Paganini
March 16, 2026
Researchers found nine “CrackArmor” flaws in Linux AppArmor that could let unprivileged users bypass protections, gain root privileges, and weaken container isolation. Qualys researchers disclosed nine vulnerabilities, collectively tracked as CrackArmor, in the Linux kernel’s AppArmor module. The flaws have existed since 2017 and could allow unprivileged users to bypass protections, escalate privileges to root, […]
Pierluigi Paganini
March 14, 2026
Starbucks disclosed a breach after phishing attacks on its employee portal led to unauthorized access to Partner Central accounts, exposing staff data. Starbucks reported a data breach affecting hundreds of employees after phishing attacks targeted its Partner Central employee portal. The security breach was detected on February 6, the incident involved unauthorized access to staff […]
