MUST READ

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

 | 

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

 | 

King Addons flaw lets anyone become WordPress admin

 | 

University of Pennsylvania and University of Phoenix disclose data breaches

 | 

Researchers spotted Lazarus’s remote IT workers in action

 | 

India mandates SIM-linked messaging apps to fight rising fraud

 | 

U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog

 | 

MuddyWater strikes Israel with advanced MuddyViper malware

 | 

'Korea’s Amazon' Coupang discloses a data breach impacting 34M customers

 | 

Google’s latest Android security update fixes two actively exploited flaws

 | 

Law enforcement shuts down Cryptomixer in major crypto crime takedown

 | 

Australian man jailed for 7+ years over airport and in-flight Wi-Fi attacks

 | 

Emerging Android threat ‘Albiriox’ enables full On‑Device Fraud

 | 

Security

Pierluigi Paganini November 21, 2025
SolarWinds addressed three critical flaws in Serv-U

SolarWinds patched three critical vulnerabilities in its Serv-U file transfer solution that could allow remote code execution. SolarWinds addressed three critical vulnerabilities in its Serv-U file transfer solution that could allow remote code execution. The first vulnerability, tracked as CVE-2025-40549 (CVSS score 9.1), is a path restriction bypass issue that impacts Serv-U. An attacker with […]

Pierluigi Paganini November 21, 2025
Salesforce alerts users to potential data exposure via Gainsight OAuth apps

Salesforce warns that unusual activity in Gainsight-linked OAuth apps may have enabled unauthorized access to some customers’ Salesforce data. Salesforce warned of unusual activity involving Gainsight-linked OAuth apps, noting that threat actors may have used these integrations to gain unauthorized access to some customers’ Salesforce data. “Salesforce has identified unusual activity involving Gainsight-published applications connected […]

Pierluigi Paganini November 20, 2025
Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles

Researchers disclosed a WhatsApp flaw that exposed 3.5B accounts. Meta has patched it to prevent this mass enumeration. A team of researchers at the University of Vienna found a WhatsApp flaw that could scrape 3.5 billion accounts. Meta has since patched the vulnerability to block this enumeration technique. Users discover contacts by querying WhatsApp servers […]

Pierluigi Paganini November 20, 2025
Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops

US, Australia and UK sanctioned 2 Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. US, Australia and UK sanctioned two Russian bulletproof hosting providers accused of aiding groups like LockBit, BlackSuit and Play. Coordinated sanctions hit Russia-based provider Media Land, its leaders, and sister firms for supplying bulletproof hosting that […]

Pierluigi Paganini November 20, 2025
Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks

Iran-linked actors mapped ship AIS data ahead of a missile strike attempt, highlighting the rise of cyber operations enabling real-world attacks. Iran-linked threat actors mapped ship Automatic Identification System (AIS) data shortly before an attempted missile strike, showing how Tehran-aligned groups use cyber operations to support and amplify real-world kinetic attacks. The research demonstrates that […]

Pierluigi Paganini November 19, 2025
U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium V8 flaw, tracked as CVE-2025-13223, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Google released Chrome security updates to address two flaws, including a high-severity V8 type confusion […]

Pierluigi Paganini November 19, 2025
7-Zip RCE flaw (CVE-2025-11001) actively exploited in attacks in the wild

A remote code execution vulnerability, tracked as CVE-2025-11001, in the 7-Zip software is under active exploitation. A new 7-Zip flaw tracked as CVE-2025-11001 (CVSS score of 7.0) is now being actively exploited in the wild, NHS England warns. Remote attackers can trigger the vulnerability to execute arbitrary code on affected installations of 7-Zip. “Active exploitation […]

Pierluigi Paganini November 19, 2025
Operation WrtHug hijacks 50,000+ ASUS routers to build a global botnet

Operation WrtHug hijacks tens of thousands of outdated ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, forming a large botnet. A new campaign called Operation WrtHug has compromised tens of thousands of outdated or end-of-life ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, pulling them into a large malicious network. SecurityScorecard […]

Pierluigi Paganini November 19, 2025
U.S. CISA adds a new Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA has added a second Fortinet FortiWeb vulnerability in just a few days to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiWeb flaw, tracked as CVE-2025-58034 (CVSS score of 6.7), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Fortinet patched a new FortiWeb zero-day, tracked […]

Pierluigi Paganini November 19, 2025
Eurofiber confirms November 13 hack, data theft, and extortion attempt

Eurofiber says hackers exploited a flaw on November 13, breached its ticket and customer portals, stole data, and attempted extortion. On November 13, threat actors exploited a vulnerability to breach its ticketing system and ATE customer portal of the European fiber operator Eurofiber. Attackers stole data and attempted extortion. Eurofiber focuses on B2B digital infrastructure, […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

Security / December 07, 2025

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

Hacking / December 06, 2025

Maximum-severity XXE vulnerability discovered in Apache Tika

Security / December 06, 2025

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

Uncategorized / December 05, 2025

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

Intelligence / December 05, 2025