MUST READ

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

 | 

King Addons flaw lets anyone become WordPress admin

 | 

University of Pennsylvania and University of Phoenix disclose data breaches

 | 

Researchers spotted Lazarus’s remote IT workers in action

 | 

India mandates SIM-linked messaging apps to fight rising fraud

 | 

U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog

 | 

MuddyWater strikes Israel with advanced MuddyViper malware

 | 

'Korea’s Amazon' Coupang discloses a data breach impacting 34M customers

 | 

Google’s latest Android security update fixes two actively exploited flaws

 | 

Law enforcement shuts down Cryptomixer in major crypto crime takedown

 | 

Australian man jailed for 7+ years over airport and in-flight Wi-Fi attacks

 | 

Emerging Android threat ‘Albiriox’ enables full On‑Device Fraud

 | 

U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Hacking

Pierluigi Paganini February 12, 2017
Apple’s iCloud saved the deleted Safari browsing history over the years

According to the Russian forensic firm Elcomsoft the Apple iCloud saved deleted Safari browsing history over the years open the door to surveillance. According to digital forensics firm Elcomsof, Apple iCloud maintained deleted internet Safari browsing history over the years. The experts at Elcomsof discovered the issue while trying to extract records from iCloud accounts, they were able to retrieve supposedly deleted Safari browser […]

Pierluigi Paganini February 11, 2017
Sports Direct hacked but it still hasn’t disclosed the breach to its staff

Sports Direct, the UK’s largest sports retail business, was hacked last year, and still hasn’t disclosed the incident to its staff. The Register confirmed that the Sports Direct, the UK’s largest sports retail business, was hacked last year, and still hasn’t disclosed the incident to its staff. In the autumn a hacker broke into the internal systems […]

Pierluigi Paganini February 11, 2017
Privacy groups claim FBI hacking operation in the PlayPen case was unconstitutional

According to Privacy groups, the FBI search warrant used to hack into thousands of computers around the world in the PlayPen case was unconstitutional, Privacy groups are claiming the FBI hacking campaign against the Playpen child pornography community violated international law. According to the court documents, the FBI monitored the Playpen bulletin board Tor hidden service […]

Pierluigi Paganini February 11, 2017
Recent WordPress flaw exploited to deface more than 1.5 million web sites

According to security firm WordFence, the content injection flaw in WordPress recently disclosed has already been exploited to deface over 1.5M websites. A recently patched security vulnerability in the popular WordPress CMS has been exploited to deface roughly 1.5 million web pages. The vulnerability was discovered by a security researcher at firm Sucuri who explained that […]

Pierluigi Paganini February 10, 2017
Every website that uses jQuery Mobile, and has any open redirect is vulnerable to XSS

Every website that uses jQuery Mobile, and has any open redirect anywhere is vulnerable to cross-site scripting (XSS) attacks. The jQuery Foundation’s jQuery Mobile project is an HTML5-based framework that allows users to design a single responsive web site or application that will work on all popular mobile devices and desktop systems. According to the foundation, […]

Pierluigi Paganini February 09, 2017
Ticketbleed flaw in F5 Networks BIG-IP appliances exposed to remote attacks

F5 Networks BIG-IP appliances are affected by a serious vulnerability, tracked as CVE-2016-9244 and dubbed ‘Ticketbleed’ that exposes it to remote attacks The F5 Networks BIG-IP appliances are affected by a serious flaw, tracked as CVE-2016-9244 and dubbed ‘Ticketbleed’, that can be exploited by a remote attacker to extract the content of the memory, including sensitive […]

Pierluigi Paganini February 09, 2017
ENISA Threat Landscape Report 2016, who is attacking us, and how?

ENISA has issued the annual ENISA Threat Landscape Report 2016, a document that synthesizes the emerging trends in cyber security The European Union Agency for Network and Information Security (ENISA) is an EU Agency composed of security experts that work with these states, public organizations and private groups to develop advice and recommendations on good practice […]

Pierluigi Paganini February 08, 2017
Researchers at Dr Web spotted a Windows version of the Mirai bot

Researchers at the antivirus firm Dr.Web discovered a new strain of the Mirai bot, a Windows variant, targeting more ports. Security experts at the antivirus firm Dr.Web discovered a new strain of the Mirai bot targeting more ports, and it is a Windows version of the popular IoT malware. The Windows version of the Mirai bot […]

Pierluigi Paganini February 08, 2017
Iranian hackers are back with the MACDOWNLOADER MAC malware

An Iranian espionage group has been using an unsophisticated strain of malware, dubbed MacDownloader, to steal credentials and other data from Mac users. A cyber espionage group linked to the Iranian Government has been using an unsophisticated strain of malware, dubbed MacDownloader, to steal credentials and other data from Mac computers. The researchers Claudio Guarnieri and […]

Pierluigi Paganini February 08, 2017
Valve is going to fix a serious vulnerability in Steam online gaming platform

The online game platform Steam is fixing a serious bug that could be exploited to redirect users to malicious websites and take over their profile. The popular online game platform Steam is going to fix a serious vulnerability that could be exploited by hackers to redirect users to malicious websites, use their market funds, and also change their profile. […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

Hacking / December 06, 2025

Maximum-severity XXE vulnerability discovered in Apache Tika

Security / December 06, 2025

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

Uncategorized / December 05, 2025

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

Intelligence / December 05, 2025

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

Hacking / December 04, 2025