Hacking Archives - Page 2 of 963

Pierluigi Paganini August 16, 2025

Taiwan Web Infrastructure targeted by APT UAT-7237 with custom toolset

APT group UAT-7237, linked to UAT-5918, targets web infrastructure in Taiwan using customized open-source tools to maintain long-term access. A Chinese-speaking advanced persistent threat (APT) group, tracked as UAT-7237, has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. […]

Pierluigi Paganini August 15, 2025

Hackers exploit Microsoft flaw to breach Canada ’s House of Commons

Hackers breached Canada ’s House of Commons, exploiting a recent Microsoft flaw, compromising data, according to CBC News. Threat actors reportedly breached Canada’s House of Commons by exploiting a recently disclosed Microsoft vulnerability. “The House of Commons and Canada’s cybersecurity agency are investigating a significant data breach caused by an unknown “threat actor” targeting employee […]

Pierluigi Paganini August 14, 2025

Norway confirms dam intrusion by Pro-Russian hackers

Norway’s security service PST says pro-Russian hackers took over a dam in April, opening outflow valves. Norway’s Police Security Service (PST) says pro-Russian hackers seized control of a dam’s systems in April, opening outflow valves. On April 7, the attackers took control of a dam in Bremanger, western Norway, opening a flood gate to release […]

Pierluigi Paganini August 14, 2025

U.S. CISA adds N-able N-Central flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds N-able N-Central flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added N-able N-Central flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: N-able N-central is an Remote Monitoring and Management (RMM) platform for MSPs to […]

Pierluigi Paganini August 14, 2025

Manpower data breach impacted 144,180 individuals

Global staffing and workforce solutions firm Manpower reports a January RansomHub ransomware attack that compromised data of 140,000 individuals. Manpower in Lansing, Michigan, reported that the ransomware attack that disrupted its systems on January 20, 2025, resulted in a breach that impacted 144,180 individuals. The company launched an investigation into the incident with the help […]

Pierluigi Paganini August 14, 2025

U.S. CISA adds Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: According […]

Pierluigi Paganini August 13, 2025

Critical FortiSIEM flaw under active exploitation, Fortinet warns

Fortinet warns of a critical FortiSIEM vulnerability, tracked as CVE-2025-25256, that is actively exploited in attacks in the wild. Fortinet warns customers of a critical vulnerability, tracked as CVE-2025-25256 (CVSS score of 9.8), affecting FortiSIEM for which an exploit exists in the wild. Fortinet gave no details about the exploit, noting it leaves no clear Indicators […]

Pierluigi Paganini August 13, 2025

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

Hackers leaked 2.8M sensitive records from Allianz Life, exposing data on business partners and customers in ongoing Salesforce data theft attacks. Hackers leaked 2.8 million sensitive records of US insurance giant Allianz Life, exposing data on business partners and customers as part of ongoing Salesforce data theft attacks. At the end of July, Allianz Life […]

Pierluigi Paganini August 12, 2025

August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day

Microsoft Patch Tuesday security updates for August 2025 fixed 107 flaws, including a publicly disclosed Windows Kerberos zero-day. Microsoft Patch Tuesday security updates for August 2025 fixed 107 vulnerabilities in Windows and Windows Components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, GitHub Copilot, Dynamics 365, SQL Server, and Hyper-V Server. 12 vulnerabilities are rated […]

Pierluigi Paganini August 12, 2025

Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs

Dutch NCSC warns CVE-2025-6543 Citrix bug, a memory overflow flaw, is being exploited to breach critical organizations in the Netherlands. The Dutch NCSC warns that the critical Citrix NetScaler flaw CVE-2025-6543 has been exploited to breach critical organizations in the Netherlands. Dutch NCSC experts pointed out that CVE-2025-6543 was exploited for remote code execution. Threat […]

Hacking

Taiwan Web Infrastructure targeted by APT UAT-7237 with custom toolset

Hackers exploit Microsoft flaw to breach Canada ’s House of Commons

Norway confirms dam intrusion by Pro-Russian hackers

U.S. CISA adds N-able N-Central flaws to its Known Exploited Vulnerabilities catalog

Manpower data breach impacted 144,180 individuals

U.S. CISA adds Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities catalog

Critical FortiSIEM flaw under active exploitation, Fortinet warns

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day

Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

A Scattered Spider member gets 10 years in prison

FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage

US CERT/CC warns of flaws in Workhorse Software accounting software used by hundreds of municipalities in Wisconsin

DOJ takes action against 22-year-old running RapperBot Botnet

Google fixed Chrome flaw found by Big Sleep AI

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!