Pierluigi Paganini
December 26, 2025
Pro-Russian hacking group Noname057 claimed responsibility for the cyberattack that recently disrupted La Poste’s digital banking and online services. This week, the French national postal service La Poste confirmed a major cyber incident had knocked its information systems offline, disrupting digital banking and online services for millions of customers. On social media, La Poste said […]
Pierluigi Paganini
December 25, 2025
Fortinet reported active exploitation of a five-year-old FortiOS SSL VPN flaw, abused in the wild under specific configurations. Fortinet researchers observed “recent abuse” of a five-year-old security vulnerability, tracked as CVE-2020-12812 (CVSS score: 5.2), in FortiOS SSL VPN. The vulnerability is exploited in attacks in the wild under certain configurations. CVE-2020-12812 is an improper authentication flaw […]
Pierluigi Paganini
December 25, 2025
MongoDB addressed a high-severity vulnerability that can be exploited to achieve remote code execution on vulnerable servers. MongoDB addressed a high-severity vulnerability, tracked as CVE-2025-14847 (CVSS score 8.7), an unauthenticated, remote attacker can exploit the issue to execute arbitrary code on vulnerable servers. “An client-side exploit of the Server’s zlib implementation can return uninitialized heap […]
Pierluigi Paganini
December 24, 2025
The U.S. seized the ‘web3adspanels.org’ domain and database used by cybercriminals to store stolen bank login credentials. The FBI seized the domain web3adspanels[.]org and its database after cybercriminals used it to store bank login credentials stolen from U.S. victims. A criminal group ran fake ads on Google and Bing that mimicked real bank advertisements. Victims […]
Pierluigi Paganini
December 24, 2025
The FCC announced a ban on drones and critical components made in foreign countries, citing national security concerns. The U.S. Federal Communications Commission (FCC) said it has banned drones and key components manufactured abroad over national security concerns. The U.S. government said drones can improve safety and innovation but also pose security risks if used […]
Pierluigi Paganini
December 24, 2025
Italy fined Apple €98.6 million, ruling its App Tracking Transparency feature limited competition in the App Store. Italy’s antitrust authority fined Apple €98.6 million ($116 million) for ruling that its App Tracking Transparency framework restricted competition in the App Store. “The Italian Competition Authority has imposed a 98,635,416.67 euro fine on Apple Inc., Apple Distribution […]
Pierluigi Paganini
December 24, 2025
La Poste said a major network incident took its systems offline, disrupting digital banking and online services for millions of users. The French national postal service La Poste confirmed a major cyber incident had knocked its information systems offline, disrupting digital banking and online services for millions of customers. On social media, La Poste said […]
Pierluigi Paganini
December 23, 2025
A critical flaw in the n8n automation platform could allow attackers to execute arbitrary code if exploited under specific conditions. Researchers warn that a critical vulnerability, tracked as CVE-2025-68613 (CVSS score of 9.9), in the n8n workflow automation platform could allow attackers to achieve arbitrary code execution under certain circumstances. The package gets about 57,000 downloads per week, […]
Pierluigi Paganini
December 23, 2025
Attackers exploited a supply chain weakness, abusing trusted components to compromise systems and spread malicious activity across connected targets. Your next breach probably won’t start inside your network—it will start with someone you trust. Every supplier, contractor, and service provider needs access to your systems to keep business running, yet each login is a potential […]
Pierluigi Paganini
December 23, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Digiever DS-2105 Pro flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Digiever DS-2105 Pro vulnerability, tracked as CVE-2023-52163 (CVSS Score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. Digiever DS-2105 Pro is a network video recorder (NVR) device designed […]
