MUST READ

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

MoltBot Skills exploited to distribute 400+ malware packages in days

 | 

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

 | 

Hackers exploit unsecured MongoDB instances to wipe data and demand ransom

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

 | 

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

 | 

Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Security

Pierluigi Paganini August 22, 2021
Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP

Google disclosed the details of a Windows ​​AppContainer vulnerability because Microsoft initially had no plans to fix it. Google Project Zero experts disclosed the details of a Windows ​​AppContainer flaw after Microsoft announced it had no plans to fix it. The team focused its analysis on Windows Firewall and AppContainer that were designed by Microsoft […]

Pierluigi Paganini August 21, 2021
US CISA releases guidance on how to prevent ransomware data breaches

The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks. Most of the recent ransomware attack resulted in data breaches for the victims, threat actors implemented a double-extortion schema threatening the victims to data stolen before encrypting them on compromised systems. Over the past several […]

Pierluigi Paganini August 20, 2021
Internet Systems Consortium (ISC) fixes High-Severity DoS flaw in BIND DNS Software

The Internet Systems Consortium (ISC) addressed a high-severity denial-of-service (DoS) flaw (CVE-2021-25218) affecting the BIND DNS software. The Internet Systems Consortium (ISC) has released security updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2021-25218, that affects its BIND DNS software. The vulnerability affects only BIND 9 releases 9.16.19, 9.17.16, and release 9.16.19-S1 of […]

Pierluigi Paganini August 20, 2021
Cisco warns of Server Name Identification data exfiltration flaw in multiple products

Unauthenticated attackers could bypass TLS inspection filtering solution in multiple products to exfiltrate data from previously compromised servers, Cisco warns. Cisco warns of a vulnerability in Server Name Identification (SNI) request filtering that affects multiple products (Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine) that could be exploited […]

Pierluigi Paganini August 20, 2021
637 flaws in industrial control system (ICS) products were published in H1 2021

During the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors. Industrial cybersecurity firm Claroty published its third Biannual ICS Risk & Vulnerability Report that analyzes the vulnerability landscape relevant to leading automation products used across the ICS domain. The company reported that during the […]

Pierluigi Paganini August 19, 2021
Cisco will not patch critical flaw CVE-2021-34730 in EoF routers

Cisco has no plan to fix a critical code execution flaw (CVE-2021-34730) in small business RV110W, RV130, RV130W, and RV215W routers Cisco has no plan to address a critical code execution vulnerability, tracked as CVE-2021-34730, that affects small business RV110W, RV130, RV130W, and RV215W routers. The CVE-2021-34730 flaw resides in the Universal Plug-and-Play (UPnP) service […]

Pierluigi Paganini August 19, 2021
NK-linked InkySquid APT leverages IE exploits in recent attacks

North Korea-linked InkySquid group leverages two Internet Explorer exploits to deliver a custom implant in attacks aimed at a South Korean online newspaper. Experts from cybersecurity firm Volexity reported that North Korea-linked InkySquid group (aka ScarCruft, APT37, Group123, and Reaper) leverages two Internet Explorer exploits to deliver a custom backdoor in watering hole attacks aimed at the […]

Pierluigi Paganini August 18, 2021
Adobe addresses two critical vulnerabilities in Photoshop

Adobe has addressed two critical security vulnerabilities affecting its Photoshop image manipulation software. Adobe released security updates to address two critical security vulnerabilities, tracked as CVE-2021-36065 and CVE-2021-36066, affecting the popular image manipulation software Photoshop. The flaws affect versions of the software for both Windows and macOS, their exploitation could lead to arbitrary code execution in the […]

Pierluigi Paganini August 18, 2021
Hamburg’s data protection agency (DPA) states that using Zoom violates GDPR

The German state’s data protection agency (DPA) warns that the use of the videoconferencing platform Zoom violates the European Union’s GDPR. The German state’s data protection agency (DPA) warns that the Senate Chancellory’s use of the popular videoconferencing tool violates the European Union’s General Data Protection Regulation (GDPR). The DPA is concerned by the transfer of […]

Pierluigi Paganini August 17, 2021
Kalay cloud platform flaw exposes millions of IoT devices to hack

FireEye Mandiant researchers have discovered a critical vulnerability in the Kalay cloud platform that exposes millions of IoT devices to attacks. Researchers at FireEye’s Mandiant have discovered a critical vulnerability, tracked as CVE-2021-28372, in a core component of the Kalay cloud platform which is used by millions of IoT devices from many vendors. The flaw […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

Security / February 06, 2026

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

Security / February 06, 2026

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Uncategorized / February 05, 2026

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Hacktivism / February 05, 2026

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

APT / February 05, 2026