MUST READ

ShinyHunters leaked the full Odido dataset

 | 

Claude code abused to steal 150GB in cyberattack on Mexican agencies

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 86

 | 

CVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instances

 | 

Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Canadian Tire 2025 data breach impacts 38 million users

 | 

Microsoft warns of RAT delivered through trojanized gaming utilities

 | 

Aeternum botnet hides commands in Polygon smart contracts

 | 

iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification

 | 

Juniper issues emergency patch for critical PTX router RCE

 | 

How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently

 | 

12 Million exposed .env files reveal widespread security failures

 | 

ManoMano data breach impacted 38 Million customer accounts

 | 

Trend Micro fixes two critical flaws in Apex One

 | 

UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor

 | 

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control

 | 

Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries

 | 

Untrusted repositories turn Claude code into an attack vector

 | 

ShinyHunters cyberattack on CarGurus impacts 12.4 Million users

 | 

LATEST NEWS

VIEW ALL
APT
UNC1945, a sophisticated threat actor used Oracle Solaris Zero-Day exploit
Pierluigi Paganini November 04, 2020

A sophisticated threat actor, tracked as UNC1945, has been observed exploiting vulnerabilities in the Oracle Solaris operating systems for over two years. Researchers from FireEye reported that a ...

Security
Adobe addressed 4 critical vulnerabilities in Acrobat products
Pierluigi Paganini November 03, 2020

Adobe has addressed 14 vulnerabilities in its Acrobat products, including critical flaws that can be exploited by attackers for arbitrary code execution. Adobe has addressed 14 vulnerabilities in ...

Cyber Crime
Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail
Pierluigi Paganini November 03, 2020

Russian cybercriminal Aleksandr Brovko has been sentenced to eight years in jail for his role in a botnet scheme that caused at least $100 million in financial damage.  The Russian cybercriminal ...

Malware
Malicious npm library removed from the repository due to backdoor capabilities
Pierluigi Paganini November 03, 2020

The npm security team has removed a malicious JavaScript library named "twilio-npm" from its repository because contained malicious code. The npm security team has removed a malicious JavaScript l ...

top articles

FBI warns of surge in ATM Jackpotting, $20 Million lost in 2025
February 20, 2026
PayPal discloses extended data leak linked to Loan App glitch
February 20, 2026
Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries
February 26, 2026
ManoMano data breach impacted 38 Million customer accounts
February 27, 2026
iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification
February 27, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Data Breach

ShinyHunters leaked the full Odido dataset

March 01, 2026

Artificial Intelligence
Claude code abused to steal 150GB in cyberattack on Mexican agencies

March 01, 2026

Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 86

March 01, 2026

Uncategorized
CVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instances

March 01, 2026

Security
Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION

March 01, 2026

recent articles

Data Breach
ShinyHunters leaked the full Odido dataset

Cybercrime group ShinyHunters leaked the full Odido dataset, the Netherlands is facing the biggest data leak in its history. Odido is a Dutch telecommunications company and one of the largest mobi ...

Pierluigi Paganini March 01, 2026
Artificial Intelligence
Claude code abused to steal 150GB in cyberattack on Mexican agencies

Hackers abused Claude Code to build exploits and steal 150GB of data in a cyberattack targeting Mexican government systems. Hackers abused Anthropic’s Claude Code AI assistant to develop exploit ...

Pierluigi Paganini March 01, 2026
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 86

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Technical Deep Dive: The Monero Mining C ...

Pierluigi Paganini March 01, 2026
Uncategorized
CVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instances

About 900 Sangoma FreePBX systems were infected with web shells after attackers exploited a command injection flaw. Hundreds of Sangoma FreePBX instances are still infected with web shells followi ...

Pierluigi Paganini March 01, 2026
Security
Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini March 01, 2026
Data Breach
Canadian Tire 2025 data breach impacts 38 million users

A data breach at Canadian Tire exposed personal data from over 38 million accounts, including contact details and encrypted passwords. More than 38 million accounts were affected by an October 202 ...

Pierluigi Paganini February 28, 2026
Malware
Microsoft warns of RAT delivered through trojanized gaming utilities

Attackers spread trojanized gaming tools to deliver a stealthy RAT using PowerShell, LOLBins, and Defender evasion tactics. Threat actors are tricking users into running trojanized gaming utilitie ...

Pierluigi Paganini February 28, 2026
Mobile
Aeternum botnet hides commands in Polygon smart contracts

Aeternum botnet uses Polygon blockchain smart contracts for C&C, making its infrastructure harder to detect and disrupt. Qrator Labs researchers uncovered Aeternum, a botnet that runs its comm ...

Pierluigi Paganini February 27, 2026
Security
iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification

Apple’s iPhone and iPad are now NATO-approved for classified use, listed in the alliance’s Information Assurance Product Catalogue. Apple announced that its iPhone and iPad have received NATO ...

Pierluigi Paganini February 27, 2026
Security
Juniper issues emergency patch for critical PTX router RCE

Juniper released an emergency patch for Junos OS Evolved to fix CVE-2026-21902, a critical RCE flaw affecting PTX routers. Juniper Networks issued an out-of-band security update for Junos OS Evolv ...

Pierluigi Paganini February 27, 2026
Artificial Intelligence
How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently

AI accelerates incident response by correlating alerts and generating reports in minutes, helping teams scale beyond manual limits. Incident response has always been a race against the clock. It s ...

Pierluigi Paganini February 27, 2026
Hacking
12 Million exposed .env files reveal widespread security failures

Mysterium VPN found 12M IPs exposing .env files, leaking credentials and revealing widespread security misconfigurations worldwide. Configuration mistakes rarely trigger alarms. A forgotten deny r ...

Pierluigi Paganini February 27, 2026
Data Breach
ManoMano data breach impacted 38 Million customer accounts

European DIY platform ManoMano suffered a data breach via a third-party provider, exposing personal data of 38 million customers. European DIY e-commerce platform ManoMano disclosed a major data b ...

Pierluigi Paganini February 27, 2026
Security
Trend Micro fixes two critical flaws in Apex One

Trend Micro fixed two critical Apex One flaws enabling remote code execution on vulnerable Windows systems and urged immediate updates. Trend Micro has addressed two critical vulnerabilities in Ap ...

Pierluigi Paganini February 26, 2026
APT
UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor

UAT-10027 campaign is targeting U.S. education and healthcare sectors to deploy a new Dohdoor backdoor. Cisco Talos has identified a new threat cluster, tracked as UAT-10027, targeting U.S. educat ...

Pierluigi Paganini February 26, 2026
Hacking
U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA ...

Pierluigi Paganini February 26, 2026
Security
Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control

Cisco SD-WAN vulnerability CVE-2026-20127 has been exploited since 2023 to gain unauthenticated admin access. A critical Cisco SD-WAN vulnerability, tracked as CVE-2026-20127 (CVSS score of 10.0), ...

Pierluigi Paganini February 26, 2026
APT
Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries

Google and partners disrupted UNC2814, a suspected China-linked group that hacked 53 organizations across 42 countries. Google, with industry partners, disrupted the infrastructure of UNC2814, a s ...

Pierluigi Paganini February 26, 2026
Security
Untrusted repositories turn Claude code into an attack vector

Flaws in Anthropic’s Claude Code could allow remote code execution and theft of API keys when users open untrusted repositories. Check Point Research team found multiple vulnerabilities in Anthr ...

Pierluigi Paganini February 25, 2026
Cyber Crime
ShinyHunters cyberattack on CarGurus impacts 12.4 Million users

ShinyHunters leaked data from 12.4M CarGurus accounts, exposing personal information from the U.S.-based auto research and shopping platform. The ShinyHunters group published personal data from ov ...

Pierluigi Paganini February 25, 2026