Pierluigi Paganini
June 05, 2022
Hackers have stolen over $250,000 in Ethereum from Bored Ape Yacht Club (BAYC), this is the third security breach it suffered this year. Threat actors compromised Bored Ape Yacht Club (BAYC) for t ...
Pierluigi Paganini
June 05, 2022
Atlassian has addressed on Friday an actively exploited critical remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products. Early this week, Atlassian warned of a c ...
Pierluigi Paganini
June 04, 2022
Operation Russia continues, albeit much more slowly than last month, RKPLaw, Vyberi Radio, and Metprom Group are the last victims. The #OpRussia launched by Anonymous on Russia after the criminal ...
Pierluigi Paganini
June 04, 2022
GitLab addresses a critical security vulnerability, tracked as CVE-2022-1680, that could be exploited by an attacker to take over users' accounts. GitLab has fixed a critical security flaw in its ...
January 21, 2026
January 29, 2026
SmarterTools fixed two SmarterMail flaws, including a critical bug (CVE-2026-24423) that could allow arbitrary code execution. SmarterTools fixed two security bugs in its SmarterMail email softwar ...
Pierluigi Paganini
January 30, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ...
Pierluigi Paganini
January 30, 2026
Empire Market co-founder Raheim Hamilton pleaded guilty to U.S. drug conspiracy charges in Chicago, facing a mandatory 10 years to life in prison. Raheim Hamilton (30) of Virginia, co-creator of t ...
Pierluigi Paganini
January 30, 2026
SolarWinds patched six Web Help Desk vulnerabilities, including four critical flaws exploitable without authentication for RCE or auth bypass. SolarWinds released security updates to address six W ...
Pierluigi Paganini
January 29, 2026
Google disrupted IPIDEA, a major residential proxy network that enrolled users’ devices via SDKs embedded in mobile and desktop apps. Google and partners disrupted the IPIDEA residential proxy n ...
Pierluigi Paganini
January 29, 2026
Multiple threat actors exploited a now-patched critical WinRAR flaw to gain initial access and deliver various malicious payloads. Google Threat Intelligence Group (GTIG) revealed that multiple th ...
Pierluigi Paganini
January 29, 2026
OpenSSL released security updates that address 12 flaws, including a high-severity remote code execution vulnerability. OpenSSL issued security updates fixing 12 vulnerabilities in the open-source ...
Pierluigi Paganini
January 29, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...
Pierluigi Paganini
January 28, 2026
Fortinet released fixes for a critical FortiOS SSO auth bypass (CVE-2026-24858) actively exploited, impacting FortiOS, FortiManager, and FortiAnalyzer. Fortinet started rolling out patches for a c ...
Pierluigi Paganini
January 28, 2026
Koi researchers found “PackageGate” flaws in NPM, PNPM, VLT, and Bun that let attackers perform supply chain attacks and run malicious code. Security firm Koi uncovered a set of vulnerabilitie ...
Pierluigi Paganini
January 28, 2026
Meta announced new Strict Account Settings on WhatsApp to better protect high-risk users from advanced cyber attacks. Meta announced new Strict Account Settings on WhatsApp to enhance the security ...
Pierluigi Paganini
January 27, 2026
Shadowserver researchers found 6,000+ SmarterMail servers exposed online and likely vulnerable to a critical auth bypass flaw. Nonprofit security organization Shadowserver reported that over 6,000 ...
Pierluigi Paganini
January 27, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. ...
Pierluigi Paganini
January 27, 2026
A multi-stage phishing campaign targets users in Russia with ransomware and Amnesia RAT using fake business documents as lures. FortiGuard Labs researchers uncovered a multi-stage malware campaign ...
Pierluigi Paganini
January 27, 2026
Researchers found over 20 flaws in Dormakaba access systems that could let attackers remotely unlock doors at major organizations. Researchers from SEC Consult discovered and fixed more than 20 se ...
Pierluigi Paganini
January 27, 2026
Microsoft issued emergency updates to fix an actively exploited Office zero-day, CVE-2026-21509, affecting Office 2016–2024 and Microsoft 365 Apps. Microsoft released out-of-band security update ...
Pierluigi Paganini
January 26, 2026
Crunchbase confirms a data breach after cybercrime group ShinyHunters claims to have stolen over 2 million personal records. Crunchbase confirmed a data breach after the cybercriminal group ShinyH ...
Pierluigi Paganini
January 26, 2026
Microsoft warns of a multi-stage phishing and BEC campaign hitting energy firms, abusing SharePoint links and inbox rules to steal credentials. Microsoft reports an active multi-stage phishing cam ...
Pierluigi Paganini
January 26, 2026
Check Point links an active phishing campaign to North Korea–aligned KONNI, targeting developers with fake blockchain project docs and using an AI-written PowerShell backdoor. Check Point Resear ...
Pierluigi Paganini
January 26, 2026
Russia-linked APT Sandworm launched what was described as the largest cyber attack on Poland’s power grid in Dec 2025. ESET linked a late-2025 cyberattack on Poland’s energy system to the Russ ...
Pierluigi Paganini
January 26, 2026
