MUST READ

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

 | 

King Addons flaw lets anyone become WordPress admin

 | 

University of Pennsylvania and University of Phoenix disclose data breaches

 | 

Researchers spotted Lazarus’s remote IT workers in action

 | 

India mandates SIM-linked messaging apps to fight rising fraud

 | 

U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog

 | 

MuddyWater strikes Israel with advanced MuddyViper malware

 | 

'Korea’s Amazon' Coupang discloses a data breach impacting 34M customers

 | 

Google’s latest Android security update fixes two actively exploited flaws

 | 

Law enforcement shuts down Cryptomixer in major crypto crime takedown

 | 

Australian man jailed for 7+ years over airport and in-flight Wi-Fi attacks

 | 

Emerging Android threat ‘Albiriox’ enables full On‑Device Fraud

 | 

U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Hacking

Pierluigi Paganini May 26, 2025
Fake software activation videos on TikTok spread Vidar, StealC

Crooks use TikTok videos with fake tips to trick users into running commands that install Vidar and StealC malware in ClickFix attacks. Cybercriminals leverage AI-generated TikTok videos in ClickFix attacks to spread Vidar and StealC malware, reports Trend Micro. These videos trick users into running PowerShell commands disguised as software activation steps for tools like […]

Pierluigi Paganini May 23, 2025
Chinese threat actors exploited Trimble Cityworks flaw to breach U.S. local government networks

A Chinese threat actor, tracked as UAT-6382, exploited a patched Trimble Cityworks flaw to deploy Cobalt Strike and VShell. Cisco Talos researchers attribute the exploitation of the CVE-2025-0994 in Trimble Cityworks to Chinese-speaking threat actor UAT-6382, based on tools and TTPs used in the intrusions. The vulnerability CVE-2025-0994 (CVSS v4 score of 8.6) is a […]

Pierluigi Paganini May 22, 2025
U.S. CISA adds a Samsung MagicINFO 9 Server flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Samsung MagicINFO 9 Server vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Samsung MagicINFO 9 Server vulnerability, tracked as CVE-2025-4632 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is an improper limitation of a pathname […]

Pierluigi Paganini May 21, 2025
A cyberattack was responsible for the week-long outage affecting Cellcom wireless network

Cellcom, a regional wireless carrier based in Wisconsin (US), announced that a cyberattack is the cause of a service outage it faced during the past week. Cellcom, a regional wireless carrier in Wisconsin, confirmed a cyberattack that caused a week-long outage affecting voice and text services in Wisconsin and Upper Michigan. The company announced it […]

Pierluigi Paganini May 21, 2025
U.S. CISA adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions […]

Pierluigi Paganini May 20, 2025
4G Calling (VoLTE) flaw allowed to locate any O2 customer with a phone call

A flaw in O2 4G Calling (VoLTE) leaked user location data via network responses due to improper IMS standard implementation. A flaw in 4G Calling (VoLTE) service of the UK telecom O2 exposed user location data through network responses due to flaws in the IMS standard implementation. 4G Calling, also known as VoLTE (Voice over […]

Pierluigi Paganini May 20, 2025
China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks

China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia. ESET researchers revealed that a China-linked APT, tracked as UnsolicitedBooker, targeted an international organization in Saudi Arabia using a new backdoor called MarsSnake. The experts uncovered the attacks in March 2023 and again in 2024, noting that the group used […]

Pierluigi Paganini May 20, 2025
UK’s Legal Aid Agency discloses a data breach following April cyber attack

The UK’s Legal Aid Agency suffered a cyberattack in April and has now confirmed that sensitive data was stolen during the incident. The Legal Aid Agency (LAA) revealed that it had suffered a cyberattack on its systems on April 23.  The Legal Aid Agency (LAA), part of the UK Ministry of Justice, ensures access to […]

Pierluigi Paganini May 19, 2025
Mozilla fixed zero-days recently demonstrated at Pwn2Own Berlin 2025

Mozilla addressed two critical Firefox vulnerabilities that could be potentially exploited to access sensitive data or achieve code execution. Mozilla released security updates to fix two critical vulnerabilities in the Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. “This week at the security hacking competition pwn2own, security researchers […]

Pierluigi Paganini May 19, 2025
Pwn2Own Berlin 2025: total prize money reached $1,078,750

Pwn2Own Berlin 2025 wrapped up with $383,750 awarded on the final day, pushing the total prize money to $1,078,750 over three days. On the final day of Pwn2Own Berlin 2025, participants earned $383,750 for demonstrating zero-day in VMware Workstation, ESXi, Windows, NVIDIA, and Firefox. During the competition, the participants earned a total of $1,078,750, demonstrating […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

Hacking / December 06, 2025

Maximum-severity XXE vulnerability discovered in Apache Tika

Security / December 06, 2025

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

Uncategorized / December 05, 2025

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

Intelligence / December 05, 2025

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

Hacking / December 04, 2025