MUST READ

European Commission breach exposed data of 30 EU entities, CERT-EU says

 | 

North Korea–linked hackers drain $285M from Drift in sophisticated attack

 | 

CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access

 | 

Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies

 | 

Cisco fixed critical and high-severity flaws

 | 

Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing

 | 

Italian spyware vendor creates Fake WhatsApp app, targeting 200 users

 | 

Google fixes fourth actively exploited Chrome zero-day of 2026

 | 

Google links Axios npm supply chain attack to North Korea-linked APT UNC1069

 | 

SentinelOne autonomous detection blocks trojaned LiteLLM triggered by Claude Code

 | 

Anthropic accidentally leaks Claude Code

 | 

Attackers hijack Axios npm account to spread RAT malware

 | 

Nearly half a Million mobile customers of Lloyds Banking Group affected by security incident

 | 

Dutch Ministry of Finance takes treasury systems offline amid cyber incident investigation

 | 

U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog

 | 

Qilin Ransomware allegedly breached chemical manufacturer giant Dow Inc

 | 

China-Linked groups target Southeast Asian government with advanced malware in 2025

 | 

It's a mystery ... alleged unpatched Telegram zero-day allows device takeover, but Telegram denies

 | 

Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution

 | 

New macOS Infinity Stealer uses Nuitka Python payload and ClickFix

 | 

LATEST NEWS

VIEW ALL
Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

Citrix NetScaler critical flaw could leak data, update now
March 24, 2026
Data breach at Dutch Ministry of Finance impacts staff following cyberattack
March 24, 2026
Coruna exploit reveals evolution of Triangulation iOS exploitation framework
March 26, 2026
ShinyHunters claims the hack of the European Commission
March 28, 2026
It's a mystery ... alleged unpatched Telegram zero-day allows device takeover, but Telegram denies
March 30, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

European Commission breach exposed data of 30 EU entities, CERT-EU says

April 04, 2026

Hacking
North Korea–linked hackers drain $285M from Drift in sophisticated attack

April 03, 2026

Breaking News
CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access

April 03, 2026

Data Breach
Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies

April 03, 2026

Security
Cisco fixed critical and high-severity flaws

April 02, 2026

recent articles

Security
European Commission breach exposed data of 30 EU entities, CERT-EU says

CERT-EU says a European Commission cloud hack exposed data from 30 EU entities and links the breach to the TeamPCP group. CERT-EU attributed a European Commission cloud breach to the TeamPCP threa ...

Pierluigi Paganini April 04, 2026
Hacking
North Korea–linked hackers drain $285M from Drift in sophisticated attack

Drift lost $285M in a sophisticated attack, likely by North Korea, who used nonce-based tricks to gain control and quickly drain funds Drift suffered a $285 million cryptocurrency heist in a highl ...

Pierluigi Paganini April 03, 2026
Breaking News
CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access

CrystalX RAT, a new sophisticated MaaS malware, combines spyware, data theft, and remote access, allowing attackers to monitor victims. In March 2026, Kaspersky researchers uncovered a Telegram-ba ...

Pierluigi Paganini April 03, 2026
Data Breach
Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies

Iran-linked hackers claim to have breached Israeli air defence contractor PSK Wind, which develops command and control systems. Pro-Iran Handala group announced on April 2 that it breached PSK Win ...

Pierluigi Paganini April 03, 2026
Security
Cisco fixed critical and high-severity flaws

Cisco fixed critical flaws that could allow attackers to bypass authentication, run code, and gain access to sensitive data. Cisco released patches for two critical and six high-severity vulnerabi ...

Pierluigi Paganini April 02, 2026
Hacking
Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing

Threat actors impersonated CERT-UA to send phishing emails with AGEWHEEZE malware, tricking victims into installing a fake “security tool.” A threat actor, tracked as UAC-0255, impersonated CE ...

Pierluigi Paganini April 02, 2026
Malware
Italian spyware vendor creates Fake WhatsApp app, targeting 200 users

WhatsApp blocked a fake app by Italian firm SIO/Asigint that targeted 200 users with spyware, urging them to reinstall the official app. WhatsApp has recently uncovered a malicious fake version of ...

Pierluigi Paganini April 02, 2026
Hacking
Google fixes fourth actively exploited Chrome zero-day of 2026

Google fixed a new Chrome zero-day, tracked as CVE-2026-5281, in the WebGPU Dawn component that is already exploited in the wild. Google released Chrome updates fixing 21 vulnerabilities, includin ...

Pierluigi Paganini April 01, 2026
Security
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069

Google links the Axios npm supply chain attack to North Korean threat group UNC1069, targeting financial gain. Google has attributed the recent Axios npm supply chain compromise to a North Korean ...

Pierluigi Paganini April 01, 2026
Security
SentinelOne autonomous detection blocks trojaned LiteLLM triggered by Claude Code

SentinelOne AI stopped a LiteLLM supply chain attack in seconds, blocking malicious code automatically without human intervention. SentinelOne’s AI-based security detected and blocked a supply c ...

Pierluigi Paganini April 01, 2026
Data Breach
Anthropic accidentally leaks Claude Code

Anthropic accidentally exposed Claude Code source via npm, causing the code to quickly spread online after discovery. Anthropic accidentally leaked the source code of its Claude Code tool after a ...

Pierluigi Paganini March 31, 2026
Security
Attackers hijack Axios npm account to spread RAT malware

Threat actors hijacked the npm account of Axios to distribute RAT malware via malicious package updates. Threat actors compromised the npm account of Axios, a widely used library with over 100M we ...

Pierluigi Paganini March 31, 2026
Data Breach
Nearly half a Million mobile customers of Lloyds Banking Group affected by security incident

Lloyds Banking Group data incident exposed transactions of ~450,000 mobile banking users due to a faulty update. A faulty software update at Lloyds Banking Group exposed transaction details of nea ...

Pierluigi Paganini March 31, 2026
Hacking
Dutch Ministry of Finance takes treasury systems offline amid cyber incident investigation

The Dutch Ministry of Finance took treasury banking portal offline after a cyberattack; core tax systems were not affected. The Dutch Ministry of Finance took parts of its infrastructure offline, ...

Pierluigi Paganini March 31, 2026
Security
U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...

Pierluigi Paganini March 31, 2026
Cyber Crime
Qilin Ransomware allegedly breached chemical manufacturer giant Dow Inc

Qilin ransomware claims a breach of Dow Inc., listing it on its Tor leak site, but no proof of the hack has been released yet. Qilin Ransomware group allegedly breached the chemical manufacturing ...

Pierluigi Paganini March 31, 2026
APT
China-Linked groups target Southeast Asian government with advanced malware in 2025

China-linked groups hit a Southeast Asian government in 2025, deploying multiple malware families in a sophisticated cyber campaign. In 2025, three China-linked threat clusters targeted a Southeas ...

Pierluigi Paganini March 30, 2026
Security
It's a mystery ... alleged unpatched Telegram zero-day allows device takeover, but Telegram denies

A critical Telegram flaw could allow zero-click remote code execution on devices, but Telegram denies it. Researcher Michael DePlante (@izobashi) of TrendAI Zero Day disclosed a new Telegram vulne ...

Pierluigi Paganini March 30, 2026
Security
Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution

Attackers are exploiting a critical Fortinet FortiClient EMS flaw (CVE-2026-21643) that allows remote code execution via SQL injection. A critical Fortinet FortiClient EMS vulnerability, tracked a ...

Pierluigi Paganini March 30, 2026
Security
New macOS Infinity Stealer uses Nuitka Python payload and ClickFix

Infinity Stealer targets macOS via fake Cloudflare CAPTCHA, using Nuitka; first such campaign per Malwarebytes. Researchers at Malwarebytes spotted a new macOS infostealer, named Infinity Stealer, ...

Pierluigi Paganini March 30, 2026