Pierluigi Paganini
January 06, 2026
Android’s January 2026 update fixes CVE-2025-54957, a critical Dolby audio decoder flaw discovered by Google researchers in October 2025. A critical Dolby audio decoder vulnerability, tracked as CVE-2025-54957, was addressed in the January 2026 Android security update. Google fixed the flaw in December 2025 for Pixel phones and has now rolled out the fix to […]
Pierluigi Paganini
January 05, 2026
The Kimwolf botnet has infected over 2 million Android devices, spreading mainly through residential proxy networks, researchers say. The Kimwolf botnet has compromised more than 2 million Android devices, spreading primarily via residential proxy networks, according to cybersecurity firm Synthient. Kimwolf is a newly discovered Android botnet linked to the Aisuru botnet that has infected over 1.8 […]
Pierluigi Paganini
January 05, 2026
Ilya Lichtenstein, who was sentenced to prison for his role in the Bitfinex hack that occurred in 2016, has been released from prison early. Ilya Lichtenstein (38), convicted for the hack of the cryptocurrency stock exchange Bitfinex in 2016, has been released from prison early. A Trump administration official told CNBC that Lichtenstein served significant prison time […]
Pierluigi Paganini
January 05, 2026
Sedgwick confirmed a cyber incident at its federal contractor unit after TridentLocker claimed to steal 3.4GB of data. Sedgwick is a leading global claims management and risk services provider operating in the insurance and risk solutions sector. It employs roughly 33,000 people worldwide, across more than 80 countries. Estimated annual revenue is in the multi-billion […]
Pierluigi Paganini
January 04, 2026
Resecurity caught ShinyHunters (SLH) using decoy accounts; the group attacked airlines, telecoms, and law enforcement in Sept 2025. In an interesting development, Resecurity has caught actors known as “ShinyHunters” or “Scattered Lapsus$ Hunters” (SLH) leveraging honeypot (decoy) accounts. The company was one of the first to release a public report detailing the group’s activities in September […]
Pierluigi Paganini
January 04, 2026
In light of the tragic events that have occurred in Venezuela, what is happening to the Internet in the country, and how are users accessing it? Yesterday, the United States launched a “large scale strike” in Venezuela, capturing Venezuelan President Nicolas Maduro and his wife. Former Venezuelan leader Nicolás Maduro and his wife were taken […]
Pierluigi Paganini
January 04, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Evasive Panda APT poisons DNS requests to deliver MgBot Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations EmEditor Supply Chain Incident Details Disclosed: Distribution of Information-Stealing Malware Sweeps […]
Pierluigi Paganini
January 04, 2026
Trump ordered the divestment of a $2.9M chip deal, citing U.S. national security risks if HieFo retained control of Emcore ’s technology. President Trump ordered the divestment of a $2.9 million chips deal, citing national security risks tied to HieFo Corp.’s control of Emcore ’s chip technology. HieFo (short for High Efficiency Photonics) is a […]
Pierluigi Paganini
January 03, 2026
France will probe AI-generated sexual deepfakes made with Grok on X after hundreds of women and teens reported “undressed” images shared online. French authorities will investigate AI-generated sexually explicit deepfakes created with Grok on X after hundreds of women and teens reported manipulated “undressed” images shared on social media. Grok is an artificial intelligence chatbot […]
Pierluigi Paganini
January 03, 2026
GreyNoise observed thousands of attacks targeting about a dozen Adobe ColdFusion vulnerabilities during the Christmas 2025 holiday. GreyNoise reports a coordinated campaign exploiting about a dozen Adobe ColdFusion vulnerabilities, with thousands of attack attempts observed during the Christmas 2025 holiday. “GreyNoise observed a coordinated exploitation campaign targeting Adobe ColdFusion servers over the Christmas 2025 holiday period.” reads […]
