Pierluigi Paganini
July 14, 2017
The AlphaBay Market was shut down by the law enforcement, exactly like its predecessor Silk Road, and the alleged mastermind committed suicide in jail. AlphaBay Market was considered the largest ...
Pierluigi Paganini
July 14, 2017
A 20 years-old vulnerability in Kerberos, dubbed Orpheus' Lyre, was parched this week for both Microsoft and Linux distros. A 20 years-old vulnerability in Kerberos was parched this week for both M ...
Pierluigi Paganini
July 14, 2017
Attackers are using automated scans to target freshly installed WordPress websites, WordFence experts dubbed the technique WPSetup attack. According to experts at the WordPress security plugin WordFe ...
Pierluigi Paganini
July 13, 2017
The Eternal Blues scanner allowed administrators worldwide to discover more than 50,000 computers vulnerable to the NSA-linked EternalBlue exploit. Recently the security researcher Elad Erez develop ...
December 18, 2025
December 26, 2025
December 28, 2025
December 26, 2025
Two U.S. cybersecurity professionals pleaded guilty to charges tied to their roles in BlackCat/Alphv ransomware attacks. The U.S. cybersecurity professionals Ryan Goldberg and Kevin Martin pleaded ...
Pierluigi Paganini
January 02, 2026
Covenant Health suffered a ransomware attack by the Qilin group in May 2025, compromising data of over 478,000 individuals. Covenant Health, Inc., based in Andover, Massachusetts, is a healthcare ...
Pierluigi Paganini
January 02, 2026
Researchers uncovered a phishing campaign abusing Google Cloud Application Integration to send emails posing as legitimate Google messages. Check Point researchers have revealed a phishing campaig ...
Pierluigi Paganini
January 02, 2026
IBM disclosed a critical API Connect flaw (CVE-2025-13915, CVSS 9.8) that allows remote access via an authentication bypass. IBM addressed a critical API Connect vulnerability, tracked as CVE-2025 ...
Pierluigi Paganini
January 02, 2026
Trust Wallet says a second Shai-Hulud supply-chain attack likely compromised its Chrome extension, leading to the theft of about $8.5M in crypto. Trust Wallet linked a second Shai-Hulud supply-cha ...
Pierluigi Paganini
January 01, 2026
RondoDox botnet exploits the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. CloudSEK researchers warn that the RondoDox botnet is e ...
Pierluigi Paganini
January 01, 2026
ESA confirmed a data breach after a hacker offered to sell stolen data, confirming that external science servers were compromised. The European Space Agency (ESA) disclosed a data breach after a t ...
Pierluigi Paganini
December 31, 2025
Singapore’s CSA warns of CVE-2025-52691, a critical SmarterMail flaw enabling unauthenticated remote code execution via arbitrary file upload. Singapore’s Cyber Security Agency of Singapore ( ...
Pierluigi Paganini
December 31, 2025
MongoBleed (CVE-2025-14847) lets attackers remotely leak memory from unpatched MongoDB servers using zlib compression, without authentication. A critical vulnerability, CVE-2025-14847 (MongoBleed) ...
Pierluigi Paganini
December 31, 2025
Coupang will spend about $1.17B to compensate 33.7 million users affected by a data breach, providing purchase vouchers to those impacted. Coupang announced it will spend about $1.17 billion to co ...
Pierluigi Paganini
December 30, 2025
China-linked APT Mustang Panda used a signed kernel-mode rootkit driver to load shellcode and deploy its ToneShell backdoor. China-linked APT Mustang Panda (aka Hive0154, HoneyMyte, Camaro Dragon ...
Pierluigi Paganini
December 30, 2025
A Lithuanian national was arrested for allegedly spreading KMSAuto malware that stole clipboard data and infected 2.8 million Windows and Office systems. A Lithuanian man (29) was arrested for all ...
Pierluigi Paganini
December 30, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a MongoDB Server flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (C ...
Pierluigi Paganini
December 30, 2025
A ransomware attack hit Romania’s Oltenia Energy Complex on December 26, knocking out IT systems at the country’s largest coal power producer. A ransomware attack disrupted Oltenia Energy Comp ...
Pierluigi Paganini
December 29, 2025
Korean Air employee discloses a data breach after a hack of its catering and duty-free supplier, KC&D, affecting thousands of staff. Korean Air suffered a data breach after its in-flight cater ...
Pierluigi Paganini
December 29, 2025
A recently disclosed MongoDB flaw (MongoBleed) is under active exploitation, with over 87,000 potentially vulnerable instances exposed worldwide. A newly disclosed MongoDB vulnerability, tracked a ...
Pierluigi Paganini
December 29, 2025
China-linked APT Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted cyber-espionage attacks in Türkiye, China, and India. Kaspersky researchers spotted the China-linked AP ...
Pierluigi Paganini
December 29, 2025
Hacker claims Condé Nast breach, leaking 2.3M WIRED subscriber records and threatening to expose up to 40M more from other brands. A hacker known as “Lovely” claims to have leaked personal da ...
Pierluigi Paganini
December 28, 2025
Stolen vault backups from the 2022 LastPass breach are still being cracked, allowing attackers to steal crypto as late as 2025. The blockchain intelligence firm TRM Labs warns that encrypted vault ...
Pierluigi Paganini
December 28, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Choose Your Fighter: A New Stage in the ...
Pierluigi Paganini
December 28, 2025
