MUST READ

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

 | 

Massive GitHub malware operation spreads BoryptGrab stealer

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87

 | 

Security Affairs newsletter Round 566 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

FBI probing intrusion into a system managing sensitive surveillance information

 | 

Iran-linked hackers target IP cameras across Israel and Gulf states for military intelligence

 | 

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

 | 

Cisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flaws

 | 

Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer

 | 

Iran-nexus APT Dust Specter targets Iraq officials with new malware

 | 

U.S. CISA adds Apple, Rockwell, and Hikvision  flaws to its Known Exploited Vulnerabilities catalog

 | 

Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow

 | 

Phobos Ransomware admin faces up to 20 years after guilty plea

 | 

Russian APT targets Ukraine with BadPaw and MeowMeow malware

 | 

Operation Leak: FBI and Europol dismantle LeakBase Cybercrime forum

 | 

Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1

 | 

Cisco fixes maximum-severity Secure FMC bugs threatening firewall security

 | 

Automate or orchestrate? Implementing a streamlined remediation program to shorten MTTR

 | 

LastPass warns of spoofed alerts aimed at stealing master passwords

 | 

From phishing to Google Drive C2: Silver Dragon expands APT41 playbook

 | 

LATEST NEWS

VIEW ALL
Social Networks
The Socialbot Network
Pierluigi Paganini November 02, 2011

Online Social Networks(OSN) are an integral part of today's Web.  Hacktivist,Politicians, celebrities, revolutionists, and others use OSNs as carrier for their message to a wide audience. The downs ...

Malware
Duqu Trojan, Stuxnet-derived malware
Pierluigi Paganini November 02, 2011

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...

Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

Claude code abused to steal 150GB in cyberattack on Mexican agencies
March 01, 2026
Middle east crisis prompts UK NCSC warning on potential Iranian cyber activity
March 02, 2026
Ariomex, Iran-based crypto exchange, suffers data leak
March 03, 2026
LastPass warns of spoofed alerts aimed at stealing master passwords
March 04, 2026
Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1
March 05, 2026
Iran-nexus APT Dust Specter targets Iraq officials with new malware
March 06, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

March 08, 2026

Malware
Massive GitHub malware operation spreads BoryptGrab stealer

March 08, 2026

Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87

March 08, 2026

Breaking News
Security Affairs newsletter Round 566 by Pierluigi Paganini – INTERNATIONAL EDITION

March 08, 2026

Hacking
FBI probing intrusion into a system managing sensitive surveillance information

March 07, 2026

recent articles

Security
Critical Nginx UI flaw CVE-2026-27944 exposes server backups

Nginx UI flaw CVE-2026-27944 lets attackers download and decrypt server backups without authentication, exposing sensitive data on public management interfaces. A critical vulnerability in Nginx U ...

Pierluigi Paganini March 08, 2026
Malware
Massive GitHub malware operation spreads BoryptGrab stealer

Trend Micro found BoryptGrab stealer spreading through 100+ GitHub repositories, stealing browser data, crypto wallets, system information, and user files. Trend Micro uncovered a campaign distrib ...

Pierluigi Paganini March 08, 2026
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malware Reverse Engineering is no longer ...

Pierluigi Paganini March 08, 2026
Breaking News
Security Affairs newsletter Round 566 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini March 08, 2026
Hacking
FBI probing intrusion into a system managing sensitive surveillance information

The Federal Bureau of Investigation (FBI) is probing suspicious activity on an internal system containing sensitive surveillance and investigation data. The FBI is investigating suspicious cyber a ...

Pierluigi Paganini March 07, 2026
Cyber warfare
Iran-linked hackers target IP cameras across Israel and Gulf states for military intelligence

Researchers observed Iran-linked actors targeting IP cameras across Israel and Gulf countries, likely to support military intelligence and battle damage assessment. According to the Check Point Cy ...

Pierluigi Paganini March 07, 2026
APT
Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

Iran-linked APT MuddyWater targeted U.S. organizations, deploying the new Dindoor backdoor across sectors including banks, airports, and nonprofits. Broadcom’s Symantec Threat Hunter Team uncove ...

Pierluigi Paganini March 06, 2026
Security
Cisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flaws

Cisco warns that two recently patched Catalyst SD-WAN flaws, CVE-2026-20128 and CVE-2026-20122, are already being actively exploited in the wild. Cisco warned customers that threat actors are acti ...

Pierluigi Paganini March 06, 2026
Malware
Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer

Microsoft warns of ClickFix campaign using Windows Terminal to deliver Lumma Stealer via social engineering attacks. Microsoft revealed a new ClickFix campaign where attackers exploit Windows Term ...

Pierluigi Paganini March 06, 2026
APT
Iran-nexus APT Dust Specter targets Iraq officials with new malware

A campaign by Iran-linked group Dust Specter is targeting Iraqi officials with phishing emails delivering new malware families. Zscaler ThreatLabz researchers linked the Iran-nexus group Dust Spec ...

Pierluigi Paganini March 06, 2026
Security
U.S. CISA adds Apple, Rockwell, and Hikvision  flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ...

Pierluigi Paganini March 06, 2026
Security
Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow

Google’s GTIG reports 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024, with a growing share targeting enterprise systems. Google’s Threat Intelligence Group (GTIG ...

Pierluigi Paganini March 06, 2026
Security
Phobos Ransomware admin faces up to 20 years after guilty plea

Russian national Evgenii Ptitsyn (43) pleaded guilty in the U.S. for his role in the Phobos ransomware operation. Russian national Evgenii Ptitsyn pleaded guilty in the US to wire fraud conspiracy ...

Pierluigi Paganini March 05, 2026
APT
Russian APT targets Ukraine with BadPaw and MeowMeow malware

Researchers uncovered a Russian campaign targeting Ukrainian entities with new malware families BadPaw and MeowMeow delivered through phishing emails. Researchers reported a phishing campaign link ...

Pierluigi Paganini March 05, 2026
Cyber Crime
Operation Leak: FBI and Europol dismantle LeakBase Cybercrime forum

The Federal Bureau of Investigation seized the LeakBase cybercrime forum in an international crackdown led by Europol. The Federal Bureau of Investigation seized the LeakBase cybercrime forum (lea ...

Pierluigi Paganini March 05, 2026
Security
Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1

Google warns of the Coruna iOS exploit kit, using 23 exploits across five chains to target iPhones running iOS 13–17.2.1, but not the latest iOS. Google’s Threat Intelligence Group has identif ...

Pierluigi Paganini March 05, 2026
Breaking News
Cisco fixes maximum-severity Secure FMC bugs threatening firewall security

Cisco patched two critical Secure FMC vulnerabilities that could let attackers gain root access to managed firewalls. Cisco addressed two maximum-severity vulnerabilities in its Secure Firewall Ma ...

Pierluigi Paganini March 04, 2026
Security
Automate or orchestrate? Implementing a streamlined remediation program to shorten MTTR

Security teams want lower MTTR, but flaws persist. How to use automation vs. orchestration to reduce risk effectively? Almost all security teams want to reduce their Mean Time to Remediate (MTTR). ...

Pierluigi Paganini March 04, 2026
Security
LastPass warns of spoofed alerts aimed at stealing master passwords

LastPass warns of a phishing campaign using fake security alerts about unauthorized access or password changes to steal users’ master passwords. LastPass has warned users about a new phishing ca ...

Pierluigi Paganini March 04, 2026
APT
From phishing to Google Drive C2: Silver Dragon expands APT41 playbook

APT group Silver Dragon, linked to APT41, targets governments via server exploits and phishing, using Cobalt Strike and Google Drive for C2. Check Point researchers have identified Silver Dragon, ...

Pierluigi Paganini March 04, 2026