MUST READ

Shadowserver finds 6,000+ likely vulnerable SmarterMail servers exposed online

 | 

U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

 | 

Amnesia RAT deployed in multi-stage phishing attacks against Russian users

 | 

Dormakaba flaws allow to access major organizations’ doors

 | 

Emergency Microsoft update fixes in-the-wild Office zero-day

 | 

ShinyHunters claims 2 Million Crunchbase records; company confirms breach

 | 

Energy sector targeted in multi-stage phishing and BEC campaign using SharePoint

 | 

North Korea–linked KONNI uses AI to build stealthy malware tooling

 | 

Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid

 | 

Nike is investigating a possible data breach, after WorldLeaks claims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 81

 | 

Security Affairs newsletter Round 560 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Osiris ransomware emerges, leveraging BYOVD technique to kill security tools

 | 

U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog

 | 

11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)

 | 

Fortinet warns of active FortiCloud SSO bypass affecting updated devices

 | 

U.S. CISA adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

 | 

Investigation underway after 72M Under Armour records surface online

 | 

Machine learning–powered Android Trojans bypass script-based Ad Click detection

 | 

Critical SmarterMail vulnerability under attack, no CVE yet

 | 

LATEST NEWS

VIEW ALL
Cyber Crime
Massive hacking campaign on Joomla sites via recently patched flaws
Pierluigi Paganini October 31, 2016

Experts from the firm Sucuri observed a spike in the number of attacks in less than 24 hours after Joomla released patches for two critical flaws. On October 25, Joomla released the version 3.6.4 to ...

Cyber Crime
Young hacker arrested for disrupting 911 Service with a TDoS attack
Pierluigi Paganini October 31, 2016

An 18-year-old man from Arizona, Meetkumar Hiteshbhai Desai, was arrested this week because he is suspected for the severe disruption of 911 service. A few weeks ago, a group of researchers from Ben ...

Cyber Crime
Crooks earned at least $1.35m with spamming campaigns
Pierluigi Paganini October 30, 2016

Authorities identified a man in Florida that powered spamming campaigns abusing an army of corporate servers and private email accounts. Spam is still a profitable business for crooks and to give you ...

Cyber Crime
AV-TEST study sees search engine results even more poisoned with malicious links
Pierluigi Paganini October 30, 2016

According to a study published by the independent anti-virus testing outfit AV-TEST, the number of malicious search engine results has been increasing. The vast majority of the Internet users blindl ...

top articles

Palo Alto Networks addressed a GlobalProtect flaw, PoC exists
January 15, 2026
Fortinet fixed two critical flaws in FortiFone and FortiSIEM
January 14, 2026
VoidLink shows how one developer used AI to build a powerful Linux malware
January 21, 2026
Crooks impersonate LastPass in campaign to harvest master passwords
January 21, 2026
Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid
January 26, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Hacking

Shadowserver finds 6,000+ likely vulnerable SmarterMail servers exposed online

January 27, 2026

Security
U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

January 27, 2026

Malware
Amnesia RAT deployed in multi-stage phishing attacks against Russian users

January 27, 2026

Hacking
Dormakaba flaws allow to access major organizations’ doors

January 27, 2026

Hacking
Emergency Microsoft update fixes in-the-wild Office zero-day

January 26, 2026

recent articles

Hacking
Shadowserver finds 6,000+ likely vulnerable SmarterMail servers exposed online

Shadowserver researchers found 6,000+ SmarterMail servers exposed online and likely vulnerable to a critical auth bypass flaw. Nonprofit security organization Shadowserver reported that over 6,000 ...

Pierluigi Paganini January 27, 2026
Security
U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. ...

Pierluigi Paganini January 27, 2026
Malware
Amnesia RAT deployed in multi-stage phishing attacks against Russian users

A multi-stage phishing campaign targets users in Russia with ransomware and Amnesia RAT using fake business documents as lures. FortiGuard Labs researchers uncovered a multi-stage malware campaign ...

Pierluigi Paganini January 27, 2026
Hacking
Dormakaba flaws allow to access major organizations’ doors

Researchers found over 20 flaws in Dormakaba access systems that could let attackers remotely unlock doors at major organizations. Researchers from SEC Consult discovered and fixed more than 20 se ...

Pierluigi Paganini January 27, 2026
Hacking
Emergency Microsoft update fixes in-the-wild Office zero-day

Microsoft issued emergency updates to fix an actively exploited Office zero-day, CVE-2026-21509, affecting Office 2016–2024 and Microsoft 365 Apps. Microsoft released out-of-band security update ...

Pierluigi Paganini January 26, 2026
Data Breach
ShinyHunters claims 2 Million Crunchbase records; company confirms breach

Crunchbase confirms a data breach after cybercrime group ShinyHunters claims to have stolen over 2 million personal records. Crunchbase confirmed a data breach after the cybercriminal group ShinyH ...

Pierluigi Paganini January 26, 2026
Cyber Crime
Energy sector targeted in multi-stage phishing and BEC campaign using SharePoint

Microsoft warns of a multi-stage phishing and BEC campaign hitting energy firms, abusing SharePoint links and inbox rules to steal credentials. Microsoft reports an active multi-stage phishing cam ...

Pierluigi Paganini January 26, 2026
APT
North Korea–linked KONNI uses AI to build stealthy malware tooling

Check Point links an active phishing campaign to North Korea–aligned KONNI, targeting developers with fake blockchain project docs and using an AI-written PowerShell backdoor. Check Point Resear ...

Pierluigi Paganini January 26, 2026
Breaking News
Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid

Russia-linked APT Sandworm launched what was described as the largest cyber attack on Poland’s power grid in Dec 2025. ESET linked a late-2025 cyberattack on Poland’s energy system to the Russ ...

Pierluigi Paganini January 26, 2026
Data Breach
Nike is investigating a possible data breach, after WorldLeaks claims

Nike is investigating a possible cyber incident after the WorldLeaks group claimed it stole data from the company’s systems. Nike is probing a potential security breach after the WorldLeaks cybe ...

Pierluigi Paganini January 25, 2026
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 81

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter UNO reverse card: stealing cookies from ...

Pierluigi Paganini January 25, 2026
Breaking News
Security Affairs newsletter Round 560 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini January 25, 2026
Security
Osiris ransomware emerges, leveraging BYOVD technique to kill security tools

Researchers identified a new Osiris ransomware used in a November 2025 attack, abusing the POORTRY driver via BYOVD to disable security tools. Symantec and Carbon Black researchers uncovered a new ...

Pierluigi Paganini January 24, 2026
Security
U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Broadcom VMware vCenter to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruc ...

Pierluigi Paganini January 24, 2026
Security
11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)

Critical telnetd flaw CVE-2026-24061 (CVSS 9.8) affects all GNU InetUtils versions 1.9.3–2.7 and went unnoticed for nearly 11 years. A critical vulnerability, tracked as CVE-2026-24061 (CVSS sco ...

Pierluigi Paganini January 24, 2026
Security
Fortinet warns of active FortiCloud SSO bypass affecting updated devices

Fortinet confirmed attacks are bypassing FortiCloud SSO authentication, affecting even fully patched devices, similar to recent SSO flaws. Fortinet confirmed attacks bypass FortiCloud SSO on fully ...

Pierluigi Paganini January 23, 2026
Security
U.S. CISA adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite f ...

Pierluigi Paganini January 23, 2026
Data Breach
Investigation underway after 72M Under Armour records surface online

Under Armour is investigating a data breach after 72M customer records were posted online by a cybercriminal. Under Armour is an American company that designs, manufactures, and sells sportswear, ...

Pierluigi Paganini January 23, 2026
Malware
Machine learning–powered Android Trojans bypass script-based Ad Click detection

A new Android click-fraud trojan family uses TensorFlow ML to visually detect and tap ads, bypassing traditional script-based click techniques. Researchers at cybersecurity firm Dr.Web discovered ...

Pierluigi Paganini January 22, 2026
Hacking
Critical SmarterMail vulnerability under attack, no CVE yet

A SmarterMail flaw (WT-2026-0001) is under active attack just days after its January 15 patch, with no CVE assigned yet. A newly disclosed flaw in SmarterTools SmarterMail is being actively exploi ...

Pierluigi Paganini January 22, 2026