MUST READ

U.S. CISA adds a flaw in Cisco Catalyst SD-WAN  to its Known Exploited Vulnerabilities catalog

 | 

Linux Kernel bug Fragnesia allows local root access attacks

 | 

Broadcom releases VMware Fusion security update for root access bug

 | 

NGINX Rift: an 18-year-old flaw in the world's most deployed web server just came to light

 | 

FamousSparrow targets Azerbaijani energy sector in multi-wave espionage campaign

 | 

Nitrogen Ransomware claims massive data theft from Foxconn

 | 

Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming

 | 

OpenLoop Health confirms January 2026 Data breach affecting 716,000

 | 

Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations

 | 

Instructure settles with hackers following massive student data theft

 | 

Critical Fortinet vulnerabilities fixed in FortiSandbox and FortiAuthenticator

 | 

Hackers accessed BWH Hotels reservation system for months

 | 

The world's most "Dangerous" AI, Anthropic’s Mythos, found only one flaw in curl

 | 

Attackers exploit cPanel CVE-2026-41940 to deploy Filemanager Backdoor

 | 

WannaCry, the ransomware attack that changed the history of cybersecurity

 | 

Android banking Trojan TrickMo evolves using TON network for C2

 | 

Identity security firm SailPoint discloses GitHub repository breach

 | 

Google warns artificial intelligence is accelerating cyberattacks and zero-day exploits

 | 

Crimenetwork returns after takedown, dismantled again by German authorities

 | 

U.S. CISA adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog

 | 

Security

Pierluigi Paganini February 18, 2025
Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers

Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP services. Rapid7 researchers discovered vulnerabilities in Xerox Versalink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP services. The vulnerabilities are: The vulnerabilities impact Xerox […]

Pierluigi Paganini February 17, 2025
Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

Dutch police seized 127 servers of the bulletproof hosting service Zservers/XHost after government sanctions. On February 11, 2025, the US, UK, and Australia sanctioned a Russian bulletproof hosting services provider and two Russian administrators because they supported Russian ransomware LockBit operations. Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov are the two Russian nationals and administrators of Zservers. […]

Pierluigi Paganini February 17, 2025
Pro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sites

Pro-Russia collective NoName057(16) launched DDoS attacks on Italian sites, targeting airports, the Transport Authority, major ports, and banks. The pro-Russia hacker group NoName057(16) launched a new wave of DDoS attacks this morning against multiple Italian entities. The group targeted the websites of Linate and Malpensa airports, the Transport Authority, the bank Intesa San Paolo, and […]

Pierluigi Paganini February 16, 2025
Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog […]

Pierluigi Paganini February 15, 2025
U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS and iPadOS and Mitel SIP Phones vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple iOS and iPadOS and Mitel SIP Phones vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The two vulnerabilities are: This week Apple released […]

Pierluigi Paganini February 15, 2025
Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

Threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls. Researchers warn that threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls. The Shadowserver Foundation researchers observed several CVE-2025-0108 attempts since 4 am UTC 2024-02-13 in their honeypots. The experts said […]

Pierluigi Paganini February 14, 2025
U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SimpleHelp vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a SimpleHelp vulnerability, tracked as CVE-2024-57727, to its Known Exploited Vulnerabilities (KEV) catalog. At the end of January, Horizon3 researchers discovered three vulnerabilities, tracked as CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, that could be used […]

Pierluigi Paganini February 14, 2025
Experts discovered PostgreSQL flaw chained with BeyondTrust zeroday in targeted attacks

Threat actors are exploiting a zero-day SQL injection vulnerability in PostgreSQL, according to researchers from cybersecurity firm Rapid7. Rapid7 researchers discovered a high-severity SQL injection flaw, tracked as CVE-2025-1094, in PostgreSQL’s psql tool. The experts discovered the flaw while investigating the exploitation of the vulnerability CVE-2024-12356 for remote code execution. BeyondTrust patched CVE-2024-12356 in December […]

Pierluigi Paganini February 13, 2025
The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets

Researchers at cybersecurity firm Resecurity detected a rise in cyberattacks targeting UAV and counter-UAV technologies. Resecurity identified an increase in malicious cyber activity targeting UAV and counter-UAV (C-UAV/C-UAS) technologies. That was especially notable during active periods of local conflicts, including the escalation of the Russia-Ukraine war and the Israel-Hamas confrontation. The trend of malicious targeting […]

Pierluigi Paganini February 13, 2025
China-linked APTs’ tool employed in RA World Ransomware attack

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. Broadcom researchers reported that threat actors behind an RA World ransomware attack against an Asian software and services firm employed a tool that was explosively associated in the past with China-linked APT groups. “Tools that […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds a flaw in Cisco Catalyst SD-WAN  to its Known Exploited Vulnerabilities catalog

Hacking / May 14, 2026

Linux Kernel bug Fragnesia allows local root access attacks

Uncategorized / May 14, 2026

Broadcom releases VMware Fusion security update for root access bug

Security / May 14, 2026

NGINX Rift: an 18-year-old flaw in the world's most deployed web server just came to light

Hacking / May 14, 2026

FamousSparrow targets Azerbaijani energy sector in multi-wave espionage campaign

APT / May 14, 2026