MUST READ

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

MoltBot Skills exploited to distribute 400+ malware packages in days

 | 

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

 | 

Hackers exploit unsecured MongoDB instances to wipe data and demand ransom

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

 | 

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

 | 

Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Security

Pierluigi Paganini October 30, 2017
Investigation Underway at Heathrow Airport After USB Drive Containing Sensitive Security Documents Found on Sidewalk

Security personnel at Heathrow Airport have an exciting investigation underway after confidential security documentation was found on a sidewalk in West London. An unnamed man, on his way to the library, spotted a thumb drive on the sidewalk in Queen’s Park, West London. He pocketed the USB drive and continued on his way. He remembered the USB […]

Pierluigi Paganini October 19, 2017
October 2017 Oracle Critical Patch Update addresses 252 Vulnerabilities

Oracle released the October 2017 Critical Patch Update (CPU) that addresses a total of 252 security vulnerabilities that affect multiple products. Most of the vulnerabilities fixed by Oracle could be remotely exploitable without authentication. This is the last Oracle Critical Patch Update of 2017, this year the tech giant already resolved 1119 vulnerabilities, or 22% […]

Pierluigi Paganini October 18, 2017
Google introduces new Advanced Protection feature to protect its users

Google continues working to improve the security of its users, the last measure introduced by the company it the ‘Advanced Protection’ feature. The Advanced Protection feature was designed to improve the security of users, who are at high risk of targeted attacks. “We took this unusual step because there is an overlooked minority of our users that […]

Pierluigi Paganini October 10, 2017
4G/5G Wireless Networks as Vulnerable as WiFi and putting SmartCities at Risk

Researchers from security firm Positive Technologies warns of 4G/5G Wireless Networks as vulnerable as WiFi and putting smart-cities at risk The Internet of Things (IoT) presents many new opportunities and some different challenges. The vast number of devices makes it very expensive to connect everything with traditional network cabling and in many cases the equipment […]

Pierluigi Paganini October 07, 2017
Experts spotted KnockKnock attacks, a new ingenious attack technique on Office 365 System Accounts

Security experts from Skyhigh Networks discovered a wide-scale attack with a new stealthy technique, dubbed KnockKnock, that targets Office 365 accounts. The cloud access security broker Skyhigh Networks discovered a wide-scale attack with a new stealthy technique, dubbed KnockKnock, that targets Office 365 (O365) accounts. The massive campaign leverages a low-key attack, started in May and is […]

Pierluigi Paganini October 06, 2017
Securing smart grid and advanced metering infrastructure

The year is 2020, high economic, military and cultural tension between Russia & the US. You are at the London office, entering a video meeting with the sales team in America, the American team presents with enthusiasm the sales achievement of the recent quarter, then, suddenly the call is disconnected. You are trying to re-establish […]

Pierluigi Paganini October 05, 2017
Russian firm provides North Korea with second Internet route

Dyn Research discovered traffic coming from North Korea running over the Russian TransTeleCom network, this is the second internet route of the regime. North Korea gets a second Internet connection thanks to the support of a state-owned Russian firm. From the perspective of security analysts, this second connection will improve in a significant way the cyber […]

Pierluigi Paganini October 04, 2017
Which are most frequently blacklisted apps by enterprises?

Mobile security firm Appthority published an interesting report that revealed which Android and iOS applications are most frequently blacklisted by enterprises. The company Appthority has published an interesting report that reveals which mobile apps, both Android and iOS, are most frequently blacklisted by enterprises. “The mobile ecosystem in an enterprise comprises apps from managed devices, BYOD and COPE. Appthority compiled […]

Pierluigi Paganini September 30, 2017
High-severity flaw opens Siemens Industrial Switches to attacks

Siemens has started releasing security patches to fix a high severity access control vulnerability in its industrial switches tracked as CVE-2017-12736. The flaw was discovered by experts at Siemens and could be exploited by remote attackers to hack some of Siemens industrial communications devices. The vulnerability affects SCALANCE X industrial Ethernet switches, and Ruggedcom switches and serial-to-ethernet […]

Pierluigi Paganini September 29, 2017
FBI Director – Terrorists could launch drone attacks very soon

FBI director Christopher Wray warns of terrorists are planning to use drones in attacks, the threat is considered as imminent. This week, FBI Director Christopher Wray warned Congress that terrorists may use drones in attacks against the United States, the official described the threat as imminent. “We do know that terrorist organizations have an interest in using […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

Security / February 06, 2026

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

Security / February 06, 2026

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Uncategorized / February 05, 2026

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Hacktivism / February 05, 2026

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

APT / February 05, 2026