Pierluigi Paganini
May 06, 2025
A new BYOI technique lets attackers bypass SentinelOne EDR, disable protection, and deploy Babuk ransomware by exploiting the agent upgrade process. Aon’s Stroz Friedberg discovered a new "Bring ...
Pierluigi Paganini
May 06, 2025
Resecurity found a new smishing kit called 'Panda Shop,' mimicking Smishing Triad tactics with improved features and new templates. Resecurity (USA) was the first company to identify the Smishing ...
Pierluigi Paganini
May 05, 2025
Kelly Benefits has determined that the impact of the recently disclosed data breach is much bigger than initially believed. Benefits and payroll solutions firm Kelly & Associates Insurance Gro ...
Pierluigi Paganini
May 05, 2025
A hacker stole data from TeleMessage, exposing messages from its modified Signal, WhatsApp, and other apps sold to the U.S. government. A hacker stole customer data from TeleMessage, an Israeli fi ...
April 09, 2026
April 12, 2026
Mastodon suffered a major DDoS attack shortly after a similar incident hit Bluesky. The outage was significant but resolved within a few hours. Mastodon was hit by a major DDoS attack just days af ...
Pierluigi Paganini
April 22, 2026
Mirai botnet is targeting old D-Link routers using CVE-2025-29635, a command injection flaw exploitable via crafted POST requests after public PoC disclosure. A Mirai botnet is actively exploiting ...
Pierluigi Paganini
April 22, 2026
Microsoft fixed critical ASP.NET Core vulnerability, tracked as CVE-2026-40372 (CVSS score of 9.1), that lets attackers escalate privileges. Microsoft released out-of-band updates to address a ser ...
Pierluigi Paganini
April 22, 2026
22 BRIDGE:BREAK flaws hit Lantronix and Silex Technology converters, exposing approximately 20,000 devices to hijacking and data tampering. Researchers at Forescout Research Vedere Labs found 22 B ...
Pierluigi Paganini
April 22, 2026
Lotus Wiper hit Venezuelan energy systems, used scripts to disable defenses, then erased all data beyond recovery. Kaspersky researchers found Lotus Wiper targeting Venezuela’s energy and utilit ...
Pierluigi Paganini
April 22, 2026
Angelo Martino pleaded guilty to helping BlackCat ransomware group while acting as a ransomware negotiator. Another U.S. cybersecurity expert, Angelo Martino, admitted helping the BlackCat ransomw ...
Pierluigi Paganini
April 21, 2026
Axios reports the National Security Agency uses Anthropic Mythos model despite Department of Defense concerns, blurring AI risk vs defense lines. The reported use of Anthropic’s Mythos model by ...
Pierluigi Paganini
April 21, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited V ...
Pierluigi Paganini
April 21, 2026
Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its se ...
Pierluigi Paganini
April 21, 2026
A cyberattack hit France’s ANTS website, possibly exposing personal data from users applying for IDs, passports, and driver’s licenses. A cyberattack targeted France’s ANTS platform, which h ...
Pierluigi Paganini
April 20, 2026
Tyler Buchanan, linked to Scattered Spider, pleaded guilty in the US to hacking companies and stealing millions in cryptocurrency. Tyler Buchanan, a 24-year-old from Scotland linked to the Scatter ...
Pierluigi Paganini
April 20, 2026
Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. Hackers have been trying for over a year to exploit a serious flaw ...
Pierluigi Paganini
April 20, 2026
Vercel suffered a breach after a hacked Context.ai tool exposed an employee account, letting attackers access limited internal systems and non-sensitive data. Vercel reported a security breach cau ...
Pierluigi Paganini
April 20, 2026
Claude Opus created a working Chrome exploit for $2,283, showing that widely available AI models can already find and weaponize vulnerabilities. Claude Opus managed to produce a functional Chrome ...
Pierluigi Paganini
April 20, 2026
Hackers infiltrate logistics firms to steal cargo and divert payments, cyberattacks are linked to organized crime and rising losses. Proofpoint researchers observed crooks targeting trucking and l ...
Pierluigi Paganini
April 19, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CPU-Z / HWMonitor watering hole infection – a copy-pasted at ...
Pierluigi Paganini
April 19, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
April 19, 2026
Attackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU, ...
Pierluigi Paganini
April 18, 2026
A Mirai variant called Nexcorium exploits a flaw in TBK DVRs to infect devices and use them in DDoS attacks, along with outdated TP-Link routers. Fortinet researchers found that threat actors are ...
Pierluigi Paganini
April 18, 2026
Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Micr ...
Pierluigi Paganini
April 18, 2026
