Pierluigi Paganini
January 07, 2026
Veeam patched a critical RCE flaw in Backup & Replication, CVE-2025-59470, rated CVSS 9.0, along with other vulnerabilities. Veeam released patches for multiple Backup & Replication flaws, including a critical RCE vulnerability tracked as CVE-2025-59470 (CVSS score of 9.0). A Backup or Tape Operator can achieve remote code execution as the postgres user by abusing […]
Pierluigi Paganini
January 07, 2026
Attackers are exploiting a critical flaw (CVE-2026-0625) in old D-Link DSL routers that allows remote command execution. Threat actors are actively exploiting a critical RCE flaw, tracked as CVE-2026-0625 (CVSS score of 9.3), in legacy D-Link DSL routers. The vulnerability is an improper neutralization of special elements used in an OS Command (‘OS Command Injection’), […]
Pierluigi Paganini
January 07, 2026
PHALT#BLYX targets European hotels with fake Booking emails and BSoD lures, tricking staff into installing the DCRat remote access trojan. Researchers uncovered a late-December 2025 campaign, dubbed PHALT#BLYX, targeting European hotels with fake Booking-themed emails. Victims are redirected to bogus BSoD pages using ClickFix-style lures that prompt them to apply “fixes.” The multi-stage attack ultimately […]
Pierluigi Paganini
January 06, 2026
CERT/CC disclosed an unpatched flaw in the TOTOLINK EX200 that allows a remote authenticated attacker to fully compromise the device. CERT/CC warns of an unpatched vulnerability, tracked as CVE-2025-65606, in the TOTOLINK EX200 range extender that lets a remote authenticated attacker fully take over the device. The TOTOLINK EX200 is a compact Wi-Fi range extender […]
Pierluigi Paganini
January 06, 2026
Android’s January 2026 update fixes CVE-2025-54957, a critical Dolby audio decoder flaw discovered by Google researchers in October 2025. A critical Dolby audio decoder vulnerability, tracked as CVE-2025-54957, was addressed in the January 2026 Android security update. Google fixed the flaw in December 2025 for Pixel phones and has now rolled out the fix to […]
Pierluigi Paganini
January 05, 2026
The Kimwolf botnet has infected over 2 million Android devices, spreading mainly through residential proxy networks, researchers say. The Kimwolf botnet has compromised more than 2 million Android devices, spreading primarily via residential proxy networks, according to cybersecurity firm Synthient. Kimwolf is a newly discovered Android botnet linked to the Aisuru botnet that has infected over 1.8 […]
Pierluigi Paganini
January 05, 2026
Ilya Lichtenstein, who was sentenced to prison for his role in the Bitfinex hack that occurred in 2016, has been released from prison early. Ilya Lichtenstein (38), convicted for the hack of the cryptocurrency stock exchange Bitfinex in 2016, has been released from prison early. A Trump administration official told CNBC that Lichtenstein served significant prison time […]
Pierluigi Paganini
January 05, 2026
Sedgwick confirmed a cyber incident at its federal contractor unit after TridentLocker claimed to steal 3.4GB of data. Sedgwick is a leading global claims management and risk services provider operating in the insurance and risk solutions sector. It employs roughly 33,000 people worldwide, across more than 80 countries. Estimated annual revenue is in the multi-billion […]
Pierluigi Paganini
January 04, 2026
Resecurity caught ShinyHunters (SLH) using decoy accounts; the group attacked airlines, telecoms, and law enforcement in Sept 2025. In an interesting development, Resecurity has caught actors known as “ShinyHunters” or “Scattered Lapsus$ Hunters” (SLH) leveraging honeypot (decoy) accounts. The company was one of the first to release a public report detailing the group’s activities in September […]
Pierluigi Paganini
January 04, 2026
In light of the tragic events that have occurred in Venezuela, what is happening to the Internet in the country, and how are users accessing it? Yesterday, the United States launched a “large scale strike” in Venezuela, capturing Venezuelan President Nicolas Maduro and his wife. Former Venezuelan leader Nicolás Maduro and his wife were taken […]
