Pierluigi Paganini
August 26, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2024-8069 is a limited remote code execution with privilege […]
Pierluigi Paganini
August 13, 2025
SAPâs August 2025 Patch Tuesday released 15 new security notes, including critical fixes, plus four updates to previously released patches. SAPâs August 2025 Patch Tuesday delivers 15 new security notes, including critical fixes, plus four updates to older patches. Of a total of 26 vulnerabilities addressed by the company, four have been classified as âhot […]
Pierluigi Paganini
July 20, 2025
Singapore says China-linked group UNC3886 targeted its critical infrastructure by hacking routers and security devices. Singapore accused China-linked APT group UNC3886 of targeting its critical infrastructure. UNC3886 is a sophisticated China-linked cyber espionage group that targets network devices and virtualization technologies using zero-day exploits. Its primary focus is on defense, technology, and telecommunications sectors in […]
Pierluigi Paganini
July 03, 2025
A data breach at Kelly Benefits has impacted 550,000 people, with the number of affected individuals growing as the investigation continues. Benefits and payroll solutions firm Kelly Benefits has confirmed that a recent data breach has affected 550,000 individuals. As the investigation continued, the scale of the impact expanded, revealing that more people were affected […]
Pierluigi Paganini
June 15, 2025
Canada’s airline WestJet has suffered a cyberattack that impacted access to some internal systems and the company app. WestJet is a Canadian airline that operates both domestic and international flights. Founded in 1996, it started as a low-cost carrier and has grown to become Canadaâs second-largest airline, after Air Canada. WestJet is investigating a cybersecurity […]
Pierluigi Paganini
June 08, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts found 4 billion user records online, the largest known leak of Chinese personal data from […]
Pierluigi Paganini
June 05, 2025
Cisco fixed a critical flaw in the Identity Services Engine (ISE) that could allow unauthenticated attackers to conduct malicious actions. A vulnerability tracked as CVE-2025-20286 (CVSS score 9.9) in cloud deployments of Cisco ISE on AWS, Microsoft Azure, and Oracle Cloud Infrastructure allows unauthenticated remote attackers to access sensitive data, perform limited administrative actions, modify […]
Pierluigi Paganini
May 21, 2025
A critical flaw in OpenPGP.js, tracked as CVE-2025-47934, lets attackers spoof message signatures; updates have been released to address the flaw. A critical vulnerability, tracked as CVE-2025-47934, in OpenPGP.js allowed spoofing of message signature verification. OpenPGP.js is an open-source JavaScript library that implements the OpenPGP standard for email and data encryption. It allows developers to […]
Pierluigi Paganini
May 16, 2025
Over half of firms adopted AI in 2024, but cloud tools like Azure OpenAI raise growing concerns over data security and privacy risks. As enterprises embrace artificial intelligence (AI) to streamline operations and accelerate decision-making, a growing number are turning to cloud-based platforms like Azure OpenAI, AWS Bedrock, and Google Bard. In 2024 alone, over […]
Pierluigi Paganini
February 23, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. You’ve Got Malware: FINALDRAFT Hides in Your Drafts  Telegram Abused as C2 Channel for New Golang Backdoor Infostealing Malware Infections in the U.S. Military & Defense Sector: A Cybersecurity Disaster in the Making Analyzing ELF/Sshdinjector.A!tr with […]
Security / November 12, 2025
Cyber Crime / November 12, 2025
