MUST READ

Fintech firm Figure disclosed data breach after employee phishing attack

 | 

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

 | 

Suspected Russian hackers deploy CANFAIL malware against Ukraine

 | 

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

 | 

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

 | 

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

 | 

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

 | 

Odido confirms massive breach; 6.2 Million customers impacted

 | 

ApolloMD data breach impacts 626,540 people

 | 

LummaStealer activity spikes post-law enforcement disruption

 | 

Apple fixed first actively exploited zero-day in 2026

 | 

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

 | 

Volvo Group hit in massive Conduent data breach

 | 

Reynolds ransomware uses BYOVD to disable security before encryption

 | 

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

 | 

U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

 | 

ZeroDayRAT spyware grants attackers total access to mobile devices

 | 

Senegal shuts National ID office after ransomware attack

 | 

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

 | 

Security

Pierluigi Paganini July 25, 2020
US CISA warns of attacks exploiting CVE-2020-5902 flaw in F5 BIG-IP

The U.S. CISA is warning of the active exploitation of the unauthenticated remote code execution CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about the active exploitation of the unauthenticated remote code execution (RCE) CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices. The alert includes additional […]

Pierluigi Paganini July 24, 2020
CVE-2020-3452 flaw in Cisco ASA/FTD exploited within hours after the disclosure

Cisco fixed CVE-2020-3452 high-severity path traversal flaw in its firewalls that can be exploited by remote attackers to obtain sensitive files from the targeted system. Cisco addressed a high-severity path traversal vulnerability in its firewalls, tracked as CVE-2020-3452, that can be exploited by remote attackers to obtain potentially sensitive files from the targeted system. Cisco […]

Pierluigi Paganini July 22, 2020
Adobe fixed critical code execution flaws in Bridge, Photoshop and Prelude products

This week, Adobe has addressed several critical code execution vulnerabilities in its Bridge, Photoshop and Prelude products. Adobe has released security updates to address several critical code execution vulnerabilities in its Bridge, Photoshop and Prelude products. “Adobe has published security bulletins for Adobe Bridge (APSB20-44), Adobe Photoshop (APSB20-45), Adobe Prelude (APSB20-46) and Adobe Reader Mobile […]

Pierluigi Paganini July 21, 2020
BadPower attack could burn your device through fast charging

Researchers devised a technique dubbed BadPower to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch fire Security researchers from Tencent have devised a technique, dubbed BadPower, to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch […]

Pierluigi Paganini July 20, 2020
Two more cyber attacks hit Israel’s water facilities in June

In April a cyber attack hit an Israeli water facility, last week, officials revealed two more cyber attacks against other water management facilities. In April an attack hit an Israeli water facility attempting to modify water chlorine levels, last week officials from the Water Authority revealed two more cyber attacks on other facilities in the […]

Pierluigi Paganini July 20, 2020
A flaw in Zoom’s Vanity URL feature could have been exploited in phishing attacks

A vulnerability affecting the Zoom feature dubbed Vanity URL could have been exploited by hackers for phishing attacks. A vulnerability affecting the Zoom feature dubbed Vanity URLs could have been exploited by hackers for phishing attacks. The popularity of the Zoom video conferencing service exploded during the COVID-19 outbreak when it was chosen by organizations, schools, […]

Pierluigi Paganini July 18, 2020
Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability

Hackers have been scanning the Internet for SAP systems affected by RECON vulnerability, researchers from Bad Packets warn. Researchers from Bad Packets reported that threat actors have been scanning the Internet for SAP systems affected by RECON vulnerability, , tracked as  CVE-2020-6287. Immediately after a researcher released a proof-of-concept (PoC) exploit for the RECON vulnerability, […]

Pierluigi Paganini July 16, 2020
Cisco fixes 5 critical flaws that could allow router firewall takeover

Cisco addresses a critical remote code execution (RCE), authentication bypass, and static default credential flaws that could lead to full router takeover. Cisco has released security updates to address critical remote code execution (RCE), authentication bypass, and static default credential vulnerabilities affecting multiple router and firewall devices. An attacker could exploit the vulnerabilities to completely […]

Pierluigi Paganini July 15, 2020
How to Extend Security Across Your Kubernetes Infrastructure

How to enhance the security across a Kubernetes Infrastructure and mitigate the risk of cyber attacks. By David Bisson The security risks surrounding containers are well-known. Container images suffer from vulnerabilities that malicious actors could exploit for the purpose of gaining access to the larger container environment, for instance. Containers might also be able to […]

Pierluigi Paganini July 15, 2020
Microsoft July 2020 Security Updates address 123 vulnerabilities

Microsoft July 2020 addressed 123 security flaws across 13 products, including a 17-year-old wormable issue for hijacking Microsoft Windows Server dubbed SigRed. Microsoft July 2020 addressed 123 security vulnerabilities impacting 13 products, none of them has been observed being exploited in attacks in the wild. The July 2020 security release consists of security updates for […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Fintech firm Figure disclosed data breach after employee phishing attack

Data Breach / February 14, 2026

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

Breaking News / February 14, 2026

Suspected Russian hackers deploy CANFAIL malware against Ukraine

Hacking / February 14, 2026

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

Artificial Intelligence / February 13, 2026

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

Uncategorized / February 13, 2026