Pierluigi Paganini
June 30, 2017
Microsoft is warning sysadmins to check their Azure Active Directory Connect installs and patch them against an important Privilege Escalation flaw. Microsoft fixed an important privilege escalat ...
Pierluigi Paganini
June 29, 2017
UK.gov leaves data dashboard users' details on publicly accessible on a third-party system. Users are urge to reset their password. Are you a user of the UK Government website UK.gov? Change your pa ...
Pierluigi Paganini
June 29, 2017
According to the researchers, the Petya variant (NotPetya) used in the massive attack is a wiper disguised by a ransomware. In these hours the massive global attack based on Petya variant made the he ...
Pierluigi Paganini
June 29, 2017
Shadow Brokers has sent out the first round of exploits to the subscribers of its service, the hackers also threaten to dox former NSA hacker. In May the notorious Shadow Brokers group announced the ...
March 28, 2026
Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to poor validation of user-supplied JavaScri ...
Pierluigi Paganini
April 07, 2026
A major outage hit Russian banking apps and payments, blocking card use, cash withdrawals, and mobile access for hours. A widespread outage disrupted banking apps and payment systems across Russia ...
Pierluigi Paganini
April 07, 2026
China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially d ...
Pierluigi Paganini
April 07, 2026
GPUBreach attack technique uses GPU memory bit-flips to escalate privileges and potentially take full control of a system. New research shows that attacks like GPUBreach exploit RowHammer bit-flip ...
Pierluigi Paganini
April 07, 2026
DPRK-linked hackers use GitHub C2s, starting attacks via phishing LNK files that drop a PDF and PowerShell script in South Korea. North Korea-linked threat actors target South Korean organizations ...
Pierluigi Paganini
April 06, 2026
German police BKA identified two key REvil ransomware members, linking them to over 130 attacks in Germany. Germany’s Federal Criminal Police (BKA) has identified two key figures behind the REvi ...
Pierluigi Paganini
April 06, 2026
Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000 F5 BIG-IP APM instances remain exposed on ...
Pierluigi Paganini
April 06, 2026
Fortinet issued emergency patches for a critical FortiClient EMS flaw (CVE-2026-35616) actively exploited in the wild. Fortinet released out-of-band patches for a critical FortiClient EMS vulnerab ...
Pierluigi Paganini
April 06, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer: a new macOS infostealer using ClickFix and P ...
Pierluigi Paganini
April 05, 2026
A malicious email delivered a .cmd malware that escalates privileges, bypasses antivirus, downloads payloads, sets persistence, and self-deletes. I received this email from a friend to make an ana ...
Pierluigi Paganini
April 05, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
April 05, 2026
Qilin ransomware claims it stole data from Germany’s Die Linke and threatens to leak it; the party confirmed the incident, but not a breach. The Qilin ransomware group claims it stole data from ...
Pierluigi Paganini
April 04, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Ag ...
Pierluigi Paganini
April 04, 2026
CERT-EU says a European Commission cloud hack exposed data from 30 EU entities and links the breach to the TeamPCP group. CERT-EU attributed a European Commission cloud breach to the TeamPCP threa ...
Pierluigi Paganini
April 04, 2026
Drift lost $285M in a sophisticated attack, likely by North Korea, who used nonce-based tricks to gain control and quickly drain funds Drift suffered a $285 million cryptocurrency heist in a highl ...
Pierluigi Paganini
April 03, 2026
CrystalX RAT, a new sophisticated MaaS malware, combines spyware, data theft, and remote access, allowing attackers to monitor victims. In March 2026, Kaspersky researchers uncovered a Telegram-ba ...
Pierluigi Paganini
April 03, 2026
Iran-linked hackers claim to have breached Israeli air defence contractor PSK Wind, which develops command and control systems. Pro-Iran Handala group announced on April 2 that it breached PSK Win ...
Pierluigi Paganini
April 03, 2026
Cisco fixed critical flaws that could allow attackers to bypass authentication, run code, and gain access to sensitive data. Cisco released patches for two critical and six high-severity vulnerabi ...
Pierluigi Paganini
April 02, 2026
Threat actors impersonated CERT-UA to send phishing emails with AGEWHEEZE malware, tricking victims into installing a fake “security tool.” A threat actor, tracked as UAC-0255, impersonated CE ...
Pierluigi Paganini
April 02, 2026
WhatsApp blocked a fake app by Italian firm SIO/Asigint that targeted 200 users with spyware, urging them to reinstall the official app. WhatsApp has recently uncovered a malicious fake version of ...
Pierluigi Paganini
April 02, 2026
