Pierluigi Paganini
June 07, 2023
June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. Security updates released this month also addressed a vulnerability, tracked […]
Pierluigi Paganini
June 06, 2023
A flaw in NASA website dedicated to astrobiology could have tricked users into visiting malicious websites by disguising a dangerous URL with NASAâs name. Space travel is undoubtedly dangerous. And, apparently, so is visiting NASA âs legitimate websites. The Cybernews research team independently discovered an open redirect vulnerability plaguing NASAâs Astrobiology website. After finding the […]
Pierluigi Paganini
June 05, 2023
KeePass addressed the CVE-2023-32784 bug that allows the extraction of the cleartext master password from the memory of the client. KeePass has addressed the CVE-2023-32784 vulnerability, which allowed the retrieval of the clear-text master password from the client’s memory. KeePass is a free and open-source software used to securely manage passwords. It functions as a […]
Pierluigi Paganini
June 04, 2023
Zyxel has published guidance for protecting firewall and VPN devices from the ongoing attacks recently discovered. Zyxel has published guidance for protecting firewall and VPN devices from ongoing attacks exploiting  CVE-2023-28771, CVE-2023-33009, and CVE-2023-33010 vulnerabilities. “Simultaneously, Zyxel has been urging users to install the patches through multiple channels, including issuing several security advisory newsletters to registered users […]
Pierluigi Paganini
June 02, 2023
US CISA added actively exploited Progress MOVEit Transfer zero-day vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a Progress MOVEit Transfer SQL injection vulnerability, tracked as CVE-2023-34362, to its Known Exploited Vulnerabilities Catalog. Threat actors are actively exploiting a zero-day vulnerability in the Progress MOVEit Transfer file transfer product […]
Pierluigi Paganini
June 02, 2023
A new botnet malware dubbed Horabot is targeting Spanish-speaking users in Latin America since at least November 2020. Cisco Talos researchers were observed deploying a previously unidentified botnet, dubbed Horabot, that is targeting Spanish-speaking users in the Americas. The botnet is used to deliver a banking trojan and spam tool to the infected systems, Horabot has been […]
Pierluigi Paganini
June 02, 2023
Threat actors are exploiting a zero-day flaw in Progress Softwareâs MOVEit Transfer product to steal data from organizations. Threat actors are actively exploiting a zero-day vulnerability in the Progress MOVEit Transfer file transfer product to steal data from organizations. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files […]
Pierluigi Paganini
June 01, 2023
Prosperix leaked nearly 250,000 files. The breach exposed job seekersâ sensitive data, including home addresses and phone numbers. Prosperix, formally Crowdstaffing, calls itself a âworkforce innovationâ company that develops software solutions for businesses to build an âextraordinaryâ workforce. It lists KPMG, Walmart, NBCUniversal and Avon among brands that trust the company. On May 1st, the […]
Pierluigi Paganini
June 01, 2023
Researchers discovered spyware, dubbed SpinOk, hidden in 101 Android apps with over 400 million downloads in Google Play. The malicious module is distributed as a marketing SDK that developers behind the apps embedded in their applications and games, including those available on Google Play. Upon executing the module, the malware-laced SDK connects to the C2 […]
Pierluigi Paganini
May 31, 2023
Apple fixed a vulnerability discovered by Microsoft researchers that lets attackers with root privileges bypass System Integrity Protection (SIP). Researchers from Microsoft discovered a vulnerability, tracked as CVE-2023-32369 and dubbed Migraine, that can allow attackers with root privileges to bypass System Integrity Protection (SIP). System Integrity Protection (also referred to as rootless) is a macOS security feature […]
Security / November 12, 2025
Cyber Crime / November 12, 2025
