MUST READ

Critical FortiWeb flaw under attack, allowing complete compromise

 | 

Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs

 | 

Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

 | 

Chrome extension “Safery” steals Ethereum wallet seed phrases

 | 

A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet

 | 

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Amazon alerts: advanced threat actor exploits Cisco ISE & Citrix NetScaler zero-days

 | 

Google sues cybercriminal group Smishing Triad

 | 

New Danabot Windows version appears in the threat landscape after May disruption

 | 

Australia’s spy chief warns of China-linked threats to critical infrastructure

 | 

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

 | 

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

 | 

Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug

 | 

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

 | 

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

 | 

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

 | 

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Triofox bug exploited to run malicious payloads via AV configuration

 | 

GlassWorm malware has resurfaced on the Open VSX registry

 | 

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

 | 

Malware

Pierluigi Paganini March 29, 2021
New Purple Fox version includes Rootkit and implements wormable propagation

Researchers from Guardicore have spotted a new variant of the Purple Fox Windows malware that implements worm-like propagation capabilities. Researchers from Guardicore have discovered a new version of the Purple Fox Windows malware that implements worm-like propagation capabilities.Up until recently, Purple Fox’s operators infected machines by using exploit kits and phishing emails. Previous versions of […]

Pierluigi Paganini March 27, 2021
Clop Ransomware gang now contacts victims’ customers to force victims into pay a ransom

Clop ransomware operators now email victim’s customers and ask them to demand a ransom payment to protect their privacy to force victims into paying the ransom. Clop ransomware operators are switching to a new tactic to force victims into paying the ransom by emailing their customers and asking them to demand a ransom payment to […]

Pierluigi Paganini March 27, 2021
Experts spotted a new advanced Android spyware posing as “System Update”

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application. The malware is able to collect system data, messages, images and take over the infected Android […]

Pierluigi Paganini March 26, 2021
Hades ransomware gang targets big organizations in the US

Accenture security researchers published an analysis of the latest Hades campaign, which is ongoing since at least December 2020.  Accenture’s Cyber Investigation & Forensic Response (CIFR) and Cyber Threat Intelligence (ACTI) teams published an analysis of the latest campaign conducted by financially motivated threat group Hades which have been operating since at least December 2020.  Experts discovered that threat actors targeted […]

Pierluigi Paganini March 26, 2021
FBI published a flash alert on Mamba Ransomware attacks

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. The Federal Bureau of Investigation (FBI) published an alert to warn that the Mamba ransomware is abusing the DiskCryptor open-source tool (aka HDDCryptor, HDD Cryptor) to encrypt entire drives. […]

Pierluigi Paganini March 25, 2021
Facebook took action against China-linked APT targeting Uyghur activists

Facebook has closed accounts used by a China-linked APT to distribute malware to spy on Uyghurs activists, journalists, and dissidents living outside China. Facebook has taken action against a series of accounts used by a China-linked cyber-espionage group, tracked as Earth Empusa or Evil Eye, to deploy surveillance malware on devices used by Uyghurs activists, journalists, and dissidents living […]

Pierluigi Paganini March 24, 2021
Black Kingdom ransomware is targeting Microsoft Exchange servers

Security experts reported that a second ransomware gang, named Black Kingdom, is targeting Microsoft Exchange servers. After the public disclosure of ProxyLogon vulnerabilities, multiple threat actors started targeting vulnerable Microsoft Exchange servers exposed online. The first ransomware gang exploiting the above issues in attacks in the wild was a group tracked as DearCry. Last crew […]

Pierluigi Paganini March 23, 2021
Sierra Wireless halted production at its manufacturing sites due to ransomware attack

This week, IoT company Sierra Wireless disclosed a ransomware attack that hit its internal IT systems on March 20 and disrupted its production. Sierra Wireless is a Canadian multinational wireless communications equipment designer and manufacturer headquartered in Richmond, British Columbia, Canada. The company sells mobile computing and machine-to-machine (M2M) communications products that work over cellular […]

Pierluigi Paganini March 22, 2021
Which is the Threat landscape for the ICS sector in 2020?

The Kaspersky ICS CERT published a report that provided details about the threat landscape for computers in the ICS engineering and integration sector in 2020. Kaspersky ICS CERT published a report that provided details about the threat landscape for ICS engineering and integration sector in 2020. The experts gathered data related to the cyberthreats that […]

Pierluigi Paganini March 20, 2021
REvil ransomware gang hacked Acer and is demanding a $50 million ransom

Taiwanese multinational hardware and electronics corporation Acer was victim of a REvil ransomware attack, the gang demanded a $50,000,000 ransom. Taiwanese computer giant Acer was victim of the REvil ransomware attack, the gang is demanding the payment of a $50,000,000 ransom, the largest one to date. Acer is the world’s 6th-largest PC vendor by unit sales as of […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Critical FortiWeb flaw under attack, allowing complete compromise

Hacking / November 14, 2025

Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs

Security / November 14, 2025

Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

Data Breach / November 14, 2025

Chrome extension “Safery” steals Ethereum wallet seed phrases

Malware / November 13, 2025

A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet

Cyber Crime / November 13, 2025