Pierluigi Paganini
September 13, 2017
This month, Adobe has patched only two vulnerabilities in Flash Player, both are critical issues that could be exploited for remote code execution. The vulnerabilities are tracked as CVE-2017-1128 ...
Pierluigi Paganini
September 12, 2017
Billions of mobile, desktop and IoT devices that use Bluetooth may be exposed to a new stealthy remote attack dubbed BlueBorne attack. Billions of mobile, desktop and IoT devices that use Bluetooth m ...
Pierluigi Paganini
September 12, 2017
Brute Force Attack Report - This article is going to cover an attack we have had on a new network from the second it was connected to the internet. Instantly we were collecting data showing the deter ...
Pierluigi Paganini
September 12, 2017
MongoDB company implements new data security features in response to the recent wave of ransom attacks that hit installations worldwide. You have to admit that the bad actors are very good at levera ...
January 21, 2026
January 29, 2026
SmarterTools fixed two SmarterMail flaws, including a critical bug (CVE-2026-24423) that could allow arbitrary code execution. SmarterTools fixed two security bugs in its SmarterMail email softwar ...
Pierluigi Paganini
January 30, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ...
Pierluigi Paganini
January 30, 2026
Empire Market co-founder Raheim Hamilton pleaded guilty to U.S. drug conspiracy charges in Chicago, facing a mandatory 10 years to life in prison. Raheim Hamilton (30) of Virginia, co-creator of t ...
Pierluigi Paganini
January 30, 2026
SolarWinds patched six Web Help Desk vulnerabilities, including four critical flaws exploitable without authentication for RCE or auth bypass. SolarWinds released security updates to address six W ...
Pierluigi Paganini
January 29, 2026
Google disrupted IPIDEA, a major residential proxy network that enrolled users’ devices via SDKs embedded in mobile and desktop apps. Google and partners disrupted the IPIDEA residential proxy n ...
Pierluigi Paganini
January 29, 2026
Multiple threat actors exploited a now-patched critical WinRAR flaw to gain initial access and deliver various malicious payloads. Google Threat Intelligence Group (GTIG) revealed that multiple th ...
Pierluigi Paganini
January 29, 2026
OpenSSL released security updates that address 12 flaws, including a high-severity remote code execution vulnerability. OpenSSL issued security updates fixing 12 vulnerabilities in the open-source ...
Pierluigi Paganini
January 29, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...
Pierluigi Paganini
January 28, 2026
Fortinet released fixes for a critical FortiOS SSO auth bypass (CVE-2026-24858) actively exploited, impacting FortiOS, FortiManager, and FortiAnalyzer. Fortinet started rolling out patches for a c ...
Pierluigi Paganini
January 28, 2026
Koi researchers found “PackageGate” flaws in NPM, PNPM, VLT, and Bun that let attackers perform supply chain attacks and run malicious code. Security firm Koi uncovered a set of vulnerabilitie ...
Pierluigi Paganini
January 28, 2026
Meta announced new Strict Account Settings on WhatsApp to better protect high-risk users from advanced cyber attacks. Meta announced new Strict Account Settings on WhatsApp to enhance the security ...
Pierluigi Paganini
January 27, 2026
Shadowserver researchers found 6,000+ SmarterMail servers exposed online and likely vulnerable to a critical auth bypass flaw. Nonprofit security organization Shadowserver reported that over 6,000 ...
Pierluigi Paganini
January 27, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. ...
Pierluigi Paganini
January 27, 2026
A multi-stage phishing campaign targets users in Russia with ransomware and Amnesia RAT using fake business documents as lures. FortiGuard Labs researchers uncovered a multi-stage malware campaign ...
Pierluigi Paganini
January 27, 2026
Researchers found over 20 flaws in Dormakaba access systems that could let attackers remotely unlock doors at major organizations. Researchers from SEC Consult discovered and fixed more than 20 se ...
Pierluigi Paganini
January 27, 2026
Microsoft issued emergency updates to fix an actively exploited Office zero-day, CVE-2026-21509, affecting Office 2016–2024 and Microsoft 365 Apps. Microsoft released out-of-band security update ...
Pierluigi Paganini
January 26, 2026
Crunchbase confirms a data breach after cybercrime group ShinyHunters claims to have stolen over 2 million personal records. Crunchbase confirmed a data breach after the cybercriminal group ShinyH ...
Pierluigi Paganini
January 26, 2026
Microsoft warns of a multi-stage phishing and BEC campaign hitting energy firms, abusing SharePoint links and inbox rules to steal credentials. Microsoft reports an active multi-stage phishing cam ...
Pierluigi Paganini
January 26, 2026
Check Point links an active phishing campaign to North Korea–aligned KONNI, targeting developers with fake blockchain project docs and using an AI-written PowerShell backdoor. Check Point Resear ...
Pierluigi Paganini
January 26, 2026
Russia-linked APT Sandworm launched what was described as the largest cyber attack on Poland’s power grid in Dec 2025. ESET linked a late-2025 cyberattack on Poland’s energy system to the Russ ...
Pierluigi Paganini
January 26, 2026
