MUST READ

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

 | 

King Addons flaw lets anyone become WordPress admin

 | 

University of Pennsylvania and University of Phoenix disclose data breaches

 | 

Researchers spotted Lazarus’s remote IT workers in action

 | 

India mandates SIM-linked messaging apps to fight rising fraud

 | 

U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog

 | 

MuddyWater strikes Israel with advanced MuddyViper malware

 | 

'Korea’s Amazon' Coupang discloses a data breach impacting 34M customers

 | 

Google’s latest Android security update fixes two actively exploited flaws

 | 

Law enforcement shuts down Cryptomixer in major crypto crime takedown

 | 

Australian man jailed for 7+ years over airport and in-flight Wi-Fi attacks

 | 

Emerging Android threat ‘Albiriox’ enables full On‑Device Fraud

 | 

U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Hacking

Pierluigi Paganini March 06, 2025
The U.S. DoJ charges 12 Chinese nationals for state-linked cyber operations

The U.S. Department of Justice (DoJ) charges 12 Chinese nationals for their alleged involvement in state-linked cyber operations. The U.S. DoJ charged 12 Chinese nationals, including PRC security officers, employees of the hacking firm i-Soon, and members of the APT27 group (aka Emissary Panda, TG-3390, Bronze Union, and Lucky Mouse), for data theft and suppressing dissent worldwide. “The Justice […]

Pierluigi Paganini March 06, 2025
Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor

China-linked Lotus Blossom APT targets governments and industries in Asian countries with new Sagerunex backdoor variants. Talos researchers linked China-backed Lotus Blossom APT (also known as Elise and Esile) to multiple campaigns targeting organizations in sectors such as government, manufacturing, telecommunications and media with the Sagerunex backdoor. The victims of the attacks are in the […]

Pierluigi Paganini March 05, 2025
China-linked APT Silk Typhoon targets IT Supply Chain

Microsoft warns that China-backed APT Silk Typhoon linked to US Treasury hack, is now targeting global IT supply chains, using IT firms to spy and move laterally. Microsoft reported that China-linked APT group Silk Typhoon has shifted tactics to target IT solutions like remote management tools and cloud apps for initial access. Silk Typhoon is […]

Pierluigi Paganini March 05, 2025
Polish Space Agency POLSA disconnected its network following a cyberattack

The Polish space agency POLSA announced it has disconnected its network from the internet following a cyberattack. The Polish space agency POLSA was forced to disconnect its network from the internet in response to a cyberattack. The agency revealed that it has disconnected its infrastructure to contain the attack and secure data, a circumstance that […]

Pierluigi Paganini March 05, 2025
U.S. CISA adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The first issue, tracked as CVE-2024-50302, was addressed by Google with the release of the Android […]

Pierluigi Paganini March 04, 2025
VMware fixed three actively exploited zero-days in ESX products

Broadcom has addressed three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. Broadcom released security updates to address three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. The flaws, respectively tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, impact multiple VMware ESX products, including VMware ESXi, vSphere, […]

Pierluigi Paganini March 04, 2025
Google fixed two actively exploited Android flaws

Android March 2025 security update addresses over 40 vulnerabilities, including two flaws actively exploited in attacks in the wild. Android March 2025 security update addressed over 40 vulnerabilities, including two flaws, respectively tracked as CVE-2024-43093 and CVE-2024-50302, which are actively exploited in attacks in the wild. “There are indications that the following may be under […]

Pierluigi Paganini March 04, 2025
CISA maintains stance on Russian cyber threats despite policy shift

US CISA confirms no change in defense against Russian cyber threats despite the Trump administration’s pause on offensive operations. US CISA stated there is no change in defending against Russian cyber threats, despite the Trump administration’s temporary pause on offensive cyber operations. US Defense Secretary Pete Hegseth has recently ordered US Cyber Command to pause […]

Pierluigi Paganini March 03, 2025
U.S. CISA adds Multiple Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Below are the descriptions for […]

Pierluigi Paganini March 03, 2025
U.S. Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist

U.S. authorities have recovered $31 million in cryptocurrency stolen during the 2021 cyberattacks on Uranium Finance. U.S. authorities recovered $31 million in cryptocurrency stolen in 2021 cyberattacks on Uranium Finance, which is a decentralized finance (DeFi) protocol built on Binance’s BNB Chain. The protocol operated as an automated market maker (AMM), similar to Uniswap, allowing […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

Hacking / December 06, 2025

Maximum-severity XXE vulnerability discovered in Apache Tika

Security / December 06, 2025

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

Uncategorized / December 05, 2025

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

Intelligence / December 05, 2025

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

Hacking / December 04, 2025