MUST READ

Machine learning–powered Android Trojans bypass script-based Ad Click detection

 | 

Critical SmarterMail vulnerability under attack, no CVE yet

 | 

Arctic Wolf detects surge in automated Fortinet FortiGate firewall configuration attacks

 | 

U.S. CISA adds a flaw in Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog

 | 

Zoom fixed critical Node Multimedia Routers flaw

 | 

ACME flaw in Cloudflare allowed attackers to reach origin servers

 | 

Crooks impersonate LastPass in campaign to harvest master passwords

 | 

VoidLink shows how one developer used AI to build a powerful Linux malware

 | 

PDFSIDER Malware - Exploitation of DLL Side-Loading for AV and EDR Evasion

 | 

Access broker caught: Jordanian pleads guilty to hacking 50 companies

 | 

Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems

 | 

Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions

 | 

UK NCSC warns of Russia-linked hacktivists DDoS attacks

 | 

Ransomware attack on Ingram Micro impacts 42,000 individuals

 | 

StealC malware control panel flaw leaks details on active attacker

 | 

Hacker pleads guilty to hacking Supreme Court, AmeriCorps, and VA Systems

 | 

Hacktivists hijacked Iran ’s state TV to air anti-regime messages and an appeal to protest from Reza Pahlavi

 | 

GootLoader uses malformed ZIP files to bypass security controls

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 80

 | 

Security Affairs newsletter Round 559 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

LATEST NEWS

VIEW ALL
Malware
Duqu Trojan, Stuxnet-derived malware
Pierluigi Paganini November 02, 2011

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...

Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

Palo Alto Networks addressed a GlobalProtect flaw, PoC exists
January 15, 2026
Fortinet fixed two critical flaws in FortiFone and FortiSIEM
January 14, 2026
AZ Monica hospital in Belgium shuts down servers after cyberattack
January 13, 2026
VoidLink shows how one developer used AI to build a powerful Linux malware
January 21, 2026
Crooks impersonate LastPass in campaign to harvest master passwords
January 21, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Malware

Machine learning–powered Android Trojans bypass script-based Ad Click detection

January 22, 2026

Hacking
Critical SmarterMail vulnerability under attack, no CVE yet

January 22, 2026

Hacking
Arctic Wolf detects surge in automated Fortinet FortiGate firewall configuration attacks

January 22, 2026

Uncategorized
U.S. CISA adds a flaw in Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog

January 22, 2026

Security
Zoom fixed critical Node Multimedia Routers flaw

January 21, 2026

recent articles

Malware
Machine learning–powered Android Trojans bypass script-based Ad Click detection

A new Android click-fraud trojan family uses TensorFlow ML to visually detect and tap ads, bypassing traditional script-based click techniques. Researchers at cybersecurity firm Dr.Web discovered ...

Pierluigi Paganini January 22, 2026
Hacking
Critical SmarterMail vulnerability under attack, no CVE yet

A SmarterMail flaw (WT-2026-0001) is under active attack just days after its January 15 patch, with no CVE assigned yet. A newly disclosed flaw in SmarterTools SmarterMail is being actively exploi ...

Pierluigi Paganini January 22, 2026
Hacking
Arctic Wolf detects surge in automated Fortinet FortiGate firewall configuration attacks

Arctic Wolf warned of a new wave of automated attacks making unauthorized firewall configuration changes on Fortinet FortiGate devices. Arctic Wolf researchers reported a new automated attack clus ...

Pierluigi Paganini January 22, 2026
Uncategorized
U.S. CISA adds a flaw in Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity ...

Pierluigi Paganini January 22, 2026
Security
Zoom fixed critical Node Multimedia Routers flaw

Zoom addressed a critical security vulnerability, tracked as CVE-2026-22844, that could result in remote code execution. Cloud-based video conferencing and online collaboration platform Zoom relea ...

Pierluigi Paganini January 21, 2026
Security
ACME flaw in Cloudflare allowed attackers to reach origin servers

Cloudflare fixed a flaw in its ACME validation logic that could let attackers bypass security checks and access protected origin servers. Cloudflare fixed a flaw in its ACME HTTP-01 validation log ...

Pierluigi Paganini January 21, 2026
Cyber Crime
Crooks impersonate LastPass in campaign to harvest master passwords

Password manager LastPass warns of an active phishing campaign impersonating the service to steal users’ master passwords. LastPass warned users about an active phishing campaign that began arou ...

Pierluigi Paganini January 21, 2026
Malware
VoidLink shows how one developer used AI to build a powerful Linux malware

VoidLink is a cloud-focused Linux malware, likely built by one person using AI, offering loaders, implants, rootkit evasion, and modular plugins. Check Point researchers uncovered VoidLink, a clou ...

Pierluigi Paganini January 21, 2026
Malware
PDFSIDER Malware - Exploitation of DLL Side-Loading for AV and EDR Evasion

Threat actors use PDFSIDER malware with social engineering and DLL sideloading to bypass AV/EDR, and ransomware gangs already abuse it. Resecurity has learned about PDFSIDER during an investigatio ...

Pierluigi Paganini January 20, 2026
Cyber Crime
Access broker caught: Jordanian pleads guilty to hacking 50 companies

A Jordanian man pleaded guilty in the US to selling illegal access to 50 compromised enterprise networks after an undercover sting. A Jordanian national Feras Khalil Ahmad Albashiti (40), living i ...

Pierluigi Paganini January 20, 2026
Hacking
Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems

TP-Link fixed a critical flaw that exposed over 32 VIGI C and VIGI InSight camera models to remote hacking, with over 2,500 internet-exposed devices identified. TP-Link fixed a high-severity flaw, ...

Pierluigi Paganini January 20, 2026
Cyber Crime
Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions

Major Telegram-based illicit marketplace Tudou Guarantee appears to be shutting down its operations, according to Elliptic. Blockchain cybersecurity firm Elliptic reports that Tudou Guarantee, a m ...

Pierluigi Paganini January 20, 2026
Hacktivism
UK NCSC warns of Russia-linked hacktivists DDoS attacks

The UK government warns Russia-linked hacktivists are still carrying out DDoS attacks on critical infrastructure and local government systems The UK government warns that Russia-linked hacktivists ...

Pierluigi Paganini January 20, 2026
Data Breach
Ransomware attack on Ingram Micro impacts 42,000 individuals

Ingram Micro says a ransomware attack exposed personal data of about 42,000 people, including names, birth dates, SSNs, and job-related details. Ingram Micro is a global technology distributor and ...

Pierluigi Paganini January 19, 2026
Malware
StealC malware control panel flaw leaks details on active attacker

Researchers uncovered an XSS flaw in StealC malware’s control panel, exposing key details about a threat actor using the info stealer. StealC is an infostealer that has been active since at leas ...

Pierluigi Paganini January 19, 2026
Security
Hacker pleads guilty to hacking Supreme Court, AmeriCorps, and VA Systems

An actor who goes online with the alias @ihackthegovernment posted stolen personal data from his victims, including the U.S. Supreme Court. Nicholas Moore, 24, from Tennessee, pleaded guilty to re ...

Pierluigi Paganini January 19, 2026
Hacktivism
Hacktivists hijacked Iran ’s state TV to air anti-regime messages and an appeal to protest from Reza Pahlavi

Activists hacked Iran ’s Badr satellite, briefly broadcasting Reza Pahlavi’s anti-regime protest messages on state TV channels. Anti-regime activists briefly took control of Iran ’s Badr sat ...

Pierluigi Paganini January 18, 2026
Cyber Crime
GootLoader uses malformed ZIP files to bypass security controls

GootLoader malware uses malformed ZIP files made of hundreds of concatenated archives to evade detection. GootLoader is used by ransomware actors for initial access, then handed off to others. Bui ...

Pierluigi Paganini January 18, 2026
Uncategorized
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 80

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Gogs 0-Day Exploited in the Wild SHAD ...

Pierluigi Paganini January 18, 2026
Breaking News
Security Affairs newsletter Round 559 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini January 18, 2026