Pierluigi Paganini
October 08, 2015
The Cleaver group is once again in the headlines managing a well-developed network of fake LinkedIn profiles for cyber espionage purpose. Do you remember the Iran-based APT Cleaver? In December the s ...
Pierluigi Paganini
October 08, 2015
Microsoft web applications, such as Outlook or OneDrive and account pages, expose visitors’ Microsoft Identifier (CID) in plain text. A Chinese developer, which uses the pseudonym of ramen-hero, di ...
Pierluigi Paganini
October 07, 2015
A group of researchers from the iTrust has demonstrated how to use a Drone to intercept wireless printer transmissions from outside an office building. Recently I wrote a blog post on the Infosec ...
Pierluigi Paganini
October 07, 2015
Don’t throw away your old Boarding Pass, it may contain personal information that could allow attackers to run targeted attacks on you! Don’t throw away your old Boarding Pass, it may contain per ...
September 18, 2025
September 22, 2025
September 22, 2025
September 24, 2025
September 24, 2025
September 24, 2025
State-sponsored hackers exploited a vulnerability, tracked as CVE-2025-59689, in Libraesva Email Gateway via malicious attachments. Nation-state actors exploited a command injection flaw, tracked ...
Pierluigi Paganini
September 24, 2025
SolarWinds fixed a critical flaw in its Web Help Desk software that could allow attackers to execute arbitrary commands on vulnerable systems. SolarWinds has released hot fixes to address a critic ...
Pierluigi Paganini
September 24, 2025
US CISA revealed that threat actors exploited an unpatched vulnerability in GeoServer to breach a U.S. federal civilian agency’s network. Threat actors breached a U.S. federal agency via unpatch ...
Pierluigi Paganini
September 24, 2025
Cloudflare blocked a new record-breaking DDoS attack peaking at 22.2 Tbps and 10.6 billion packets per second. Cloudflare announced it has mitigated a new record-breaking distributed denial-of-ser ...
Pierluigi Paganini
September 24, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (C ...
Pierluigi Paganini
September 23, 2025
Secret Service seizes a covert communications network near U.N. composed of sophisticated equipment, including 100K SIMs and 300 servers The U.S. Secret Service uncovered a covert communications n ...
Pierluigi Paganini
September 23, 2025
A suspected Scattered Spider member linked to cyber attacks on Las Vegas casinos was arrested on September 17. The Las Vegas Metropolitan Police Department arrested on September 17 a suspected Sca ...
Pierluigi Paganini
September 23, 2025
Researchers earned $150K for “L1TF Reloaded,” combining L1TF and half-Spectre to leak VM memory from public clouds despite mitigations. Researchers from Vrije Universiteit Amsterdam earned $15 ...
Pierluigi Paganini
September 23, 2025
RCMP shuts down TradeOgre, seizing $40M from crime, the first crypto exchange closure and largest asset seizure in Canada’s history. The Royal Canadian Mounted Police shut down the crypto exchan ...
Pierluigi Paganini
September 23, 2025
Stellantis is investigating a data breach after unauthorized access to a third-party provider’s platform potentially exposed customer data. Car maker giant Stellantis announced it is investigati ...
Pierluigi Paganini
September 22, 2025
The FBI warns that criminals are spoofing the IC3 site to steal personal data and commit fraud targeting cybercrime reporters. The FBI warned that attackers are spoofing the official Crime Complai ...
Pierluigi Paganini
September 22, 2025
The EU cybersecurity agency ENISA confirmed that airport check-in disruptions were caused by a cyberattack, and law enforcement is investigating. A cyber attack on Collins Aerospace disrupted chec ...
Pierluigi Paganini
September 22, 2025
SentinelOne uncovered MalTerminal, the earliest known malware with built-in LLM capabilities, and presented it at LABScon 2025. SentinelLABS researchers discovered MalTerminal, the earliest known ...
Pierluigi Paganini
September 22, 2025
LastPass warns macOS users of fake GitHub repos distributing Atomic infostealer malware disguised as legitimate tools. LastPass warns macOS users about fake GitHub repositories spreading malware d ...
Pierluigi Paganini
September 22, 2025
ESET found evidence that Russia-linked groups Gamaredon and Turla collaborated in cyberattacks on Ukraine between February and April 2025. ESET reported Russia-linked groups Gamaredon and Turla co ...
Pierluigi Paganini
September 21, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter SmokeLoader Rises From the Ashes Hi ...
Pierluigi Paganini
September 21, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
September 21, 2025
A cyberattack on Collins Aerospace disrupted operations at major European airports, with Heathrow, Brussels, and Berlin most affected. A cyber attack on Collins Aerospace disrupted check-in and b ...
Pierluigi Paganini
September 20, 2025
Fortra addressed a critical flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands. Fortra addressed a critical vulnerability, tracked as ...
Pierluigi Paganini
September 19, 2025
U.K. police arrested two teens from the Scattered Spider group for their role in the August 2024 cyberattack on Transport for London. U.K. law enforcement authorities arrested two teenagers who ar ...
Pierluigi Paganini
September 19, 2025
