MUST READ

iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded

 | 

Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack

 | 

CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation

 | 

U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog

 | 

China-linked actor spent two years inside medical research networks

 | 

Australian Sugar Producer Mackay Sugar Reports Cyber Incident

 | 

Novo Nordisk Confirms Data Theft: What Attackers Took and What They Didn't

 | 

Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw

 | 

Supply Chain Attack Hits Popular WordPress Plugins Through Awesome Motive CDN

 | 

Infostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s Rise

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 101

 | 

Security Affairs newsletter Round 581 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ukrainian Extradited from Ireland Pleads Guilty Over Role in Conti Ransomware Scheme

 | 

Washington Pulled the Plug on Anthropic 's Fable 5 and Mythos 5 models. The Rest of the World Is Watching.

 | 

U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog

 | 

Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That.

 | 

U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14

 | 

Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign

 | 

21,786 Home Cameras, No Password, No Warning

 | 

CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release

 | 

Security

Pierluigi Paganini September 16, 2021
Bitdefender released free REvil ransomware decryptor that works for past victims

Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation that allows past victims to recover their files for free. Good news for the victims of REvil ransomware gangs that were infected before the operations were temporarily halted on July 13th, Bitdefender released a free master decryptor that allows them to recover […]

Pierluigi Paganini September 15, 2021
OMIGOD vulnerabilities expose thousands of Azure users to hack

OMIGOD – Microsoft addressed four vulnerabilities in the Open Management Infrastructure (OMI) software agent that could expose Azure users to attacks. Recently released September 2021 Patch Tuesday security updates have addressed four severe vulnerabilities, collectively tracked as OMIGOD, in the Open Management Infrastructure (OMI) software agent that exposes Azure users to attack. Below is the list of the […]

Pierluigi Paganini September 15, 2021
Microsoft announces passwordless authentication for consumer accounts

Microsoft announced that users can access their consumer accounts without providing passwords and using more secure authentication methods. Microsoft will allow its users to log into their consumer accounts without using passwords, they will be able to use Microsoft’s Authenticator app, Windows Hello, physical security keys, or phone/email verification codes. “Which is why I’m so […]

Pierluigi Paganini September 15, 2021
Three formers NSA employees fined for providing hacker-for-hire services to UAE firm

Three former NSA employees entered into a deferred prosecution agreement that restricts their future activities and employment and requires the payment of a penalty. Three former NSA employees (Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40) entered into a deferred prosecution agreement that restricts their future activities and employment. The trio has worked as hackers-for-hire […]

Pierluigi Paganini September 15, 2021
US CISA appointed Kiersten Todt as new chief of staff

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has appointed Kiersten Todt as its new chief of staff. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced to have appointed Kiersten Todt as its new chief of staff, she will replace Acting Chief of Staff Kate Nichols. “The Cybersecurity and Infrastructure Security Agency (CISA) announced today Kiersten […]

Pierluigi Paganini September 15, 2021
Microsoft Patch Tuesday fixes CVE-2021-40444 MSHTML zero-day

Microsoft Patch Tuesday security updates for September 2021 addressed a high severity zero-day flaw actively exploited in targeted attacks. Microsoft Patch Tuesday security updates for September 2021 addressed a high severity zero-day RCE actively exploited in targeted attacks aimed at Microsoft Office and Office 365 on Windows 10 computers. The flaw, tracked as CVE-2021-40444, resides in the MSHTML, […]

Pierluigi Paganini September 14, 2021
Millions of HP OMEN gaming PCs impacted by CVE-2021-3437 driver flaw

A high severity vulnerability, tracked as CVE-2021-3437, in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS and privilege escalation attacks. Millions of HP OMEN laptop and desktop gaming computers are exposed to multiple attacks by a high severity vulnerability tracked as CVE-2021-3437 that was discovered by SentinelLabs researchers. “Potential security vulnerabilities […]

Pierluigi Paganini September 14, 2021
Google addresses a new Chrome zero-day flaw actively exploited in the wild

Google Chrome 93.0.4577.82 for Windows, Mac, and Linux that addressed eleven security issues, including two zero-days actively exploited. Google released Chrome 93.0.4577.82 for Windows, Mac, and Linux that fixed eleven security issues, including two zero-days vulnerabilities actively exploited in the wild. This is the tenth zero-day vulnerability in Chrome fixed by Google that was exploited […]

Pierluigi Paganini September 14, 2021
Popular NPM package Pac-Resolver affected by a critical flaw

Experts found a critical flaw, tracked as CVE-2021-23406, in the popular NPM package ‘Pac-Resolver‘ that has millions of downloads every week. The development team behind a popular NPM package called ‘Pac-Resolver‘ for the JavaScript programming language fixed a high-severity remote code execution vulnerability tracked as CVE-2021-23406. The vulnerability can be exploited by remote attackers to run […]

Pierluigi Paganini September 13, 2021
Apple fixes actively exploited FORCEDENTRY zero-day flaws

Apple released security patches to fix two zero-day vulnerabilities in iOS and macOS that are actively exploited in attacks in the wild. Apple rolled out security patches to fix a couple of zero-day flaws in iOS and macOS (CVE-2021-30860, CVE-2021-30858), the IT giant also warns its customers that these issues are actively exploited in attacks […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded

Data Breach / June 16, 2026

Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack

Artificial Intelligence / June 16, 2026

CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation

Security / June 16, 2026

U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog

Security / June 16, 2026

China-linked actor spent two years inside medical research networks

APT / June 16, 2026