MUST READ

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

MoltBot Skills exploited to distribute 400+ malware packages in days

 | 

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

 | 

Hackers exploit unsecured MongoDB instances to wipe data and demand ransom

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

 | 

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

 | 

Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Security

Pierluigi Paganini December 16, 2016
More than 8,800 WordPress Plugins out of 44,705 are flawed

Security firm RIPS Technologies has analyzed 44,705 in the official WordPress plugins directory and discovered that more than 8,800 of them are flawed. Experts from the security company RIPS Technologies have conducted an interesting analysis of WordPress plugins. The researchers have analyzed 44,705 of the roughly 48,000 plugins available in the official WordPress plugins. “To do […]

Pierluigi Paganini December 12, 2016
Tor Project released an alpha version of the Sandboxed Tor Browser

Experts from the Tor project have launched an early alpha version of Sandboxed Tor Browser 0.0.2. to protect users’ anonymity. Experts from the Tor project have launched an early alpha version of Sandboxed Tor Browser 0.0.2. The Sandboxed Tor Browser aims to isolate the Tor Browser from other processes of the operating system in order to limit its ability […]

Pierluigi Paganini December 12, 2016
How much cost a StingRay? Surveillance is a profitable business

Motherboard published an interesting blog post which includes further details on the cost of StingRay phone surveillance equipment. A couple of years ago I published a post on Stingray Technology trying to explain how governments track cellular devices. A StingRay is an IMSI-catcher (International Mobile Subscriber Identity) designed and commercialized by the Harris Corporation. At the time of the […]

Pierluigi Paganini December 11, 2016
UK National Security Strategy, Cyber Security is a top priority

The UK Government published the first annual report on the implementation of the 2015 National Security Strategy. The strategy considers cyber security a top priority alongside the resurgence of state-based threats (Russia’s actions in Syria and Ukraine) and the terrorism (extremism and instability). When dealing with the impact of technology, especially cyber threats the report […]

Pierluigi Paganini December 10, 2016
Lax Cybersecurity at Nuclear Facilities is a Recipe For Widespread Disaster

Experts at the Nuclear Industry Summit (NIT) explained how to reduce the risk of damaging cyberattacks at nuclear facilities. The threat of cyber attacks on nuclear power plants and other nuclear facilities is substantial and on the increase, according to experts at the Nuclear Industry Summit, held earlier in the year. Hackers are becoming more […]

Pierluigi Paganini December 09, 2016
Hackers targeted the heavy industry ThyssenKrupp and stole industrial secrets

Alleged Asian hackers have targeted the German heavy industry giant ThyssenKrupp to steal company secrets. Hackers from Southeast Asia targeted the German heavy industry giant ThyssenKrupp in the attempt of obtaining “technological know-how and research results.” The news was announced on Thursday by a company spokesman that confirmed a report in the Wirschaftswoche weekly and added that the company […]

Pierluigi Paganini December 05, 2016
Uber asks to track your location even when you’re not using the app

The last update for the Uber app raises great concerns because it asks to track users’ location even when they’ve been dropped off and exited the program. The last update of the Uber App allows it to track the passengers’ locations even when they have been dropped off and the application is running in the […]

Pierluigi Paganini December 04, 2016
US Presidential commission presents recommendations on cybersecurity

The US Commission on Enhancing National Cybersecurity, tasked by President Barack Obama, issued its final report with recommendations on cybersecurity. Cyber security is a primary issue in the agenda of many countries, the U.S. Presidential commission has recently issued recommendations to urge a proactive cooperation between private and public sectors. The collaboration aims to improve the security […]

Pierluigi Paganini December 01, 2016
More than 1 Million Google accounts hacked by Gooligan Android Malware

Experts from the security firm CheckPoint discovered a new Android malware dubbed Gooligan that has already compromised more than a million Google Accounts. Another malware, dubbed Gooligan, is threatening Android users. The Android malware has already compromised more than 1 Million Google accounts. The Gooligan Android malware roots vulnerable Android devices in the attempt of stealing email addresses and authentication […]

Pierluigi Paganini November 30, 2016
Data on Europol terrorism investigations accidentally leaked online

According to a Dutch television program data on several investigations into the terrorism groups conducted by the Europol were accidentally leaked. According to Dutch television program Zembla, data on several investigations into the terrorism groups conducted by the Europol were accidentally leaked online. According to the program, the dossier contained information about 54 different police investigations, including […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

Security / February 06, 2026

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

Security / February 06, 2026

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Uncategorized / February 05, 2026

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Hacktivism / February 05, 2026

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

APT / February 05, 2026