Pierluigi Paganini
August 06, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...
Pierluigi Paganini
August 06, 2024
Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel. Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting ...
Pierluigi Paganini
August 06, 2024
Ransomware attacks are the most significant risk for modern organizations, why organizations should avoid paying ransoms. Ransomware attacks are the most significant risk for modern organizations, ...
Pierluigi Paganini
August 06, 2024
South Korea's National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. South Korea's national security and intelligence agenc ...
February 09, 2026
February 12, 2026
February 11, 2026
Hackers used a fake Oura MCP server to trick users into downloading malware that installs the StealC info-stealer. Straiker's AI Research (STAR) Labs team uncovered a SmartLoader campaign in which ...
Pierluigi Paganini
February 17, 2026
Officers from Poland's Central Bureau of Cybercrime Control (CBZC) police arrested a 47-year-old man linked to the Phobos ransomware operation. Polish authorities arrested a 47-year-old man suspec ...
Pierluigi Paganini
February 17, 2026
Attackers used a fake PDF incident report hosted on AWS to scare victims into enabling 2FA, though a poorly crafted phishing campaign. Freelance security consultant Xavier Mertens reported a phis ...
Pierluigi Paganini
February 17, 2026
South Korea fined Dior, Louis Vuitton, and Tiffany $25M after hackers breached their Salesforce systems, exposing customer data. South Korea’s Personal Information Protection Commission fined lu ...
Pierluigi Paganini
February 17, 2026
Apple is testing end-to-end encrypted Rich Communications Services (RCS) messaging in the iOS 26.4 developer beta. Apple has added end-to-end encrypted RCS messaging to the iOS and iPadOS 26.4 dev ...
Pierluigi Paganini
February 17, 2026
Researchers found an infostealer stole a victim’s OpenClaw configuration, marking a shift toward targeting personal AI agents. Cybersecurity researchers have uncovered a new information stealer ...
Pierluigi Paganini
February 17, 2026
Eurail B.V. revealed that traveler data were stolen in a recent security breach, and are now being sold on the dark web. Eurail B.V. confirmed that the traveler data stolen in a breach earlier thi ...
Pierluigi Paganini
February 17, 2026
A security flaw at DavaIndia Pharmacy exposed customer data and gave outsiders full admin control of its systems. DavaIndia is a large Indian pharmacy retail chain focused on selling affordable ge ...
Pierluigi Paganini
February 16, 2026
ShinyHunters leaked 600,000+ Canada Goose customer records, though the company insists its systems were not breached. Data extortion group ShinyHunters has published over 600,000 Canada Goose cust ...
Pierluigi Paganini
February 16, 2026
Microsoft warns of a new ClickFix variant that tricks users into running DNS commands to fetch malware via nslookup. Microsoft has revealed a new ClickFix variant that deceives users into running ...
Pierluigi Paganini
February 16, 2026
Google patched Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw actively exploited in the wild. Google has released urgent security updates to address a high-severity zero-da ...
Pierluigi Paganini
February 16, 2026
Researchers found malicious npm and PyPI packages tied to a fake recruitment campaign linked to North Korea’s Lazarus Group. ReversingLabs researcher uncovered new malicious packages on npm and ...
Pierluigi Paganini
February 15, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Stan Ghouls targeting Russia and Uzbekis ...
Pierluigi Paganini
February 15, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
February 15, 2026
Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an employee and steal a limited number of files. Blockchain-based lending firm Figure confirmed a data br ...
Pierluigi Paganini
February 14, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Sec ...
Pierluigi Paganini
February 14, 2026
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL malware. Google Threat Intelligence Group identified a previously undocumented threat ...
Pierluigi Paganini
February 14, 2026
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial organizations, Cisco Talos reports. Cisco Talos spotted a previously unknown threat actor, trac ...
Pierluigi Paganini
February 13, 2026
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code execution. Threat actors rapidly began exploiting a newly patched BeyondTru ...
Pierluigi Paganini
February 13, 2026
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations. Google DeepMind and GTIG report a rise in model extraction or “distillation” attacks a ...
Pierluigi Paganini
February 13, 2026
