Pierluigi Paganini
October 23, 2015
The Pawn Storm APT group set up rogue VPN and SFTP servers to target Dutch Safety Board employees involved in the MH17 crash investigation. July 17, 2014, Flight MH17, traveling from Amsterdam to Kual ...
Pierluigi Paganini
October 23, 2015
Imperva has discovered that attackers hijack CCTV cameras to launch powerful DDoS attacks exploiting weak credentials and poor configurations of IoT devices. Internet of Things devices are becom ...
Pierluigi Paganini
October 23, 2015
The British Internet Service Provider TalkTalk discloses possible breach and admits some data are not encrypted. The investigation is still ongoing. Another illustrious victim of a data breach is i ...
Pierluigi Paganini
October 23, 2015
Experts at MalwareBytes uncovered a new malvertising campaign operated by Technical Support Scammers that are targeting Apple Mac owners. Scammers are prolific and ingenious guys, this time they are ...
November 26, 2025
December 04, 2025
December 04, 2025
December 08, 2025
December 07, 2025
The FBI warns of criminals altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom scams. The FBI warns that criminals are altering publicly ...
Pierluigi Paganini
December 08, 2025
Clop ransomware stole data from Barts Health NHS after exploiting a zero-day in its Oracle E-Business Suite. Barts Health NHS confirmed that Clop ransomware group stole data by exploiting zero-day ...
Pierluigi Paganini
December 08, 2025
Multiple China-linked threat actors began exploiting the CVE-2025-55182, aka React2Shell flaw, within hours, AWS Security warns. Multiple China-linked threat actors began exploiting the CVE-2025-5 ...
Pierluigi Paganini
December 08, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secu ...
Pierluigi Paganini
December 08, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Analysis of ShadowPad Attack Exploiting ...
Pierluigi Paganini
December 07, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
December 07, 2025
Hundreds of Porsche cars in Russia became undrivable due to a malfunction in their factory-installed satellite security system, owners say. Hundreds of Porsche cars in Russia became undrivable aft ...
Pierluigi Paganini
December 07, 2025
A hacking campaign is targeting GlobalProtect logins and scannig SonicWall APIs since December 2, 2025. A campaign began on December 2 targeting Palo Alto GlobalProtect portals with login attempts ...
Pierluigi Paganini
December 06, 2025
A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516 carries a maximum CVSS rating of 10.0 because it ...
Pierluigi Paganini
December 06, 2025
Array Networks AG gateways have been under active exploitation since August 2025 due to a command injection flaw, JPCERT/CC warns. A command injection flaw in Array Networks AG Series gateways, af ...
Pierluigi Paganini
December 05, 2025
CISA details BRICKSTORM, a China-linked backdoor used by China-linked APTs to secure long-term persistence on compromised systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ...
Pierluigi Paganini
December 05, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a new OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agen ...
Pierluigi Paganini
December 04, 2025
Hackers breached fintech firm Marquis, stealing personal and financial data, the security breach impacted over 780,000 people. Hackers breached fintech firm Marquis and stole personal and financia ...
Pierluigi Paganini
December 04, 2025
ASUS confirms a third-party breach after Everest leaks sample data. Hackers also claim ArcSoft and Qualcomm. ASUS says a third-party breach exposed data after Everest ransomware leaked samples, cl ...
Pierluigi Paganini
December 04, 2025
Cloudflare blocked a record 29.7 Tbps DDoS attack from the AISURU botnet. The 69-second attack set a new high, though the target remains undisclosed. Cloudflare stopped a record 29.7 Tbps DDoS att ...
Pierluigi Paganini
December 04, 2025
Hackers are exploiting a King Addons flaw (CVE-2025-8489) that lets anyone register and instantly gain admin privileges on WordPress sites. Hackers are exploiting a critical vulnerability, tracked ...
Pierluigi Paganini
December 03, 2025
The University of Pennsylvania and the University of Phoenix confirm they were hit in the Oracle E-Business Suite hacking campaign. The University of Pennsylvania (Penn) and the University of Phoe ...
Pierluigi Paganini
December 03, 2025
Researchers exposed a Lazarus scheme using remote IT workers tied to North Korea’s Famous Chollima APT group in a joint investigation. Researchers filmed Lazarus APT group’s remote-worker sche ...
Pierluigi Paganini
December 03, 2025
India ordered messaging apps to work only with active SIM cards linked to users’ phone numbers to curb fraud and misuse. India's Department of Telecommunications (DoT) now requires providers of ...
Pierluigi Paganini
December 03, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Framework flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...
Pierluigi Paganini
December 02, 2025
