Pierluigi Paganini
October 15, 2014
The POODLE against SSL 3.0. A new attack on SSL is threatening the Internet again, it allows bad actors to decrypt traffic over secure channels. Another critical flaw affects one of the protocols mo ...
Pierluigi Paganini
October 15, 2014
Last ICS-CERT MONITOR report reveals that hackers had access to the systems of an unnamed manufacturing organization for several months. According to the ICS-CERT MONITOR report, which summarizes the ...
Pierluigi Paganini
October 14, 2014
Hundreds of Dropbox Passwords allegedly Leaked were publisehd online, but the company reassures its users confirming that its systems were not violated. It's up to DropBox, an archive of nearly 7 mil ...
Pierluigi Paganini
October 14, 2014
iSIGHT Partners firm uncovered a Russian hacking team dubbed Sandworm that was running a cyber espionage campaign on NATO and other Government entities. According to a new report issued by the cyber s ...
March 28, 2026
Hackers used an Adobe Reader zero-day for months. Researcher Haifei Li found a malicious PDF and asks the community to help analyze it. Hackers used an Adobe Reader zero-day for months to deliver ...
Pierluigi Paganini
April 09, 2026
Masjesu is a stealthy DDoS-for-hire botnet targeting IoT devices, active since 2023 and designed to stay hidden by avoiding high-profile networks. Masjesu is a stealthy botnet active since 2023, a ...
Pierluigi Paganini
April 09, 2026
A hacker allegedly stole 10+ PB of sensitive military and aerospace data from China’s National Supercomputing Center, risking national security. A massive alleged breach has hit China’s Nation ...
Pierluigi Paganini
April 09, 2026
Exposed ICS devices and insecure protocols like Modbus increase risks to critical infrastructure, enabling disruption, data access, and potential sabotage. Malware targeting industrial control sys ...
Pierluigi Paganini
April 09, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency ...
Pierluigi Paganini
April 08, 2026
APT28 targets Ukraine and allies with PRISMEX malware, using stealthy techniques for espionage and command-and-control. Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Stor ...
Pierluigi Paganini
April 08, 2026
Massachusetts’ Signature Healthcare diverts ambulances and cancels services after a cyberattack disrupts hospital operations and pharmacy access. The hospital Signature Healthcare in Brockton, M ...
Pierluigi Paganini
April 08, 2026
Anthropic unveiled Claude Mythos, a powerful AI for cybersecurity that could also be misused to enhance cyberattacks. Anthropic has unveiled Claude Mythos, a new AI model designed to strengthen cy ...
Pierluigi Paganini
April 08, 2026
U.S. agencies warn Iran-linked threat actors are targeting internet-exposed PLCs used in critical infrastructure networks. U.S. agencies, including the FBI and CISA, warn that Iran-linked hackers ...
Pierluigi Paganini
April 08, 2026
Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to poor validation of user-supplied JavaScri ...
Pierluigi Paganini
April 07, 2026
A major outage hit Russian banking apps and payments, blocking card use, cash withdrawals, and mobile access for hours. A widespread outage disrupted banking apps and payment systems across Russia ...
Pierluigi Paganini
April 07, 2026
China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially d ...
Pierluigi Paganini
April 07, 2026
GPUBreach attack technique uses GPU memory bit-flips to escalate privileges and potentially take full control of a system. New research shows that attacks like GPUBreach exploit RowHammer bit-flip ...
Pierluigi Paganini
April 07, 2026
DPRK-linked hackers use GitHub C2s, starting attacks via phishing LNK files that drop a PDF and PowerShell script in South Korea. North Korea-linked threat actors target South Korean organizations ...
Pierluigi Paganini
April 06, 2026
German police BKA identified two key REvil ransomware members, linking them to over 130 attacks in Germany. Germany’s Federal Criminal Police (BKA) has identified two key figures behind the REvi ...
Pierluigi Paganini
April 06, 2026
Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000 F5 BIG-IP APM instances remain exposed on ...
Pierluigi Paganini
April 06, 2026
Fortinet issued emergency patches for a critical FortiClient EMS flaw (CVE-2026-35616) actively exploited in the wild. Fortinet released out-of-band patches for a critical FortiClient EMS vulnerab ...
Pierluigi Paganini
April 06, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer: a new macOS infostealer using ClickFix and P ...
Pierluigi Paganini
April 05, 2026
A malicious email delivered a .cmd malware that escalates privileges, bypasses antivirus, downloads payloads, sets persistence, and self-deletes. I received this email from a friend to make an ana ...
Pierluigi Paganini
April 05, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
April 05, 2026
