Pierluigi Paganini
April 02, 2020
Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransom ...
Pierluigi Paganini
April 01, 2020
The popular Zoom app is under scrutiny, experts have discovered a vulnerability that could be exploited to steal users' Windows passwords. Experts warn of a 'UNC path injection' flaw that could be ...
Pierluigi Paganini
April 01, 2020
Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining ...
Pierluigi Paganini
April 01, 2020
Researchers published proof-of-concept (PoC) exploits for the CVE-2020-0796 Windows flaw, tracked as SMBGhost, that can be exploited for local privilege escalation. Researchers Daniel García Gut ...
April 23, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infras ...
Pierluigi Paganini
June 16, 2026
China's UNC6508 hid in North American medical research networks for 2 years, stealing credentials and forwarding emails to Gmail Google's Threat Intelligence Group published a report this week on ...
Pierluigi Paganini
June 16, 2026
Mackay Sugar, Australia's second-largest sugar producer, disclosed a cyberattack on June 10, potentially affecting key processing operations. Mackay Sugar is one of Australia's largest sugar produ ...
Pierluigi Paganini
June 15, 2026
Novo Nordisk suffered a cyberattack where clinical trial data was copied. The breach is confirmed, but no threat actor has claimed responsibility. The Danish pharmaceutical giant Novo Nordisk disc ...
Pierluigi Paganini
June 15, 2026
Palo Alto Networks warns that attackers are actively exploiting CVE-2026-0257, a PAN-OS flaw that lets unauthorized users bypass authentication and establish VPN connections. Palo Alto Networks ha ...
Pierluigi Paganini
June 15, 2026
Attackers compromised Awesome Motive CDN files, backdooring WordPress sites running OptinMonster, TrustPulse, and PushEngage. Sansec researchers discovered an active supply chain attack hitting Wo ...
Pierluigi Paganini
June 15, 2026
The Gentlemen ransomware used infostealer credentials, AI tools, and affiliates to hit 483 victims across 66 countries in under a year. The Gentlemen surfaced as a ransomware operation in Septembe ...
Pierluigi Paganini
June 15, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter IronWorm: Shai-Hulud's rustier cousin ...
Pierluigi Paganini
June 14, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
June 14, 2026
Ukrainian national Oleksii Lytvynenko pleaded guilty in the U.S. for his role in Conti ransomware attacks targeting victims worldwide. Oleksii Oleksiyovych Lytvynenko (44), a Ukrainian national ex ...
Pierluigi Paganini
June 14, 2026
Anthropic disputes restrictions on Mythos 5 and Fable 5, arguing the decision lacks transparency and isn't based on clear technical evidence. On Friday June 12 at 5:21pm ET, Anthropic received a l ...
Pierluigi Paganini
June 13, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...
Pierluigi Paganini
June 13, 2026
Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked. On June 11, 2026, the Iran-linked threat group Handala posted a claim on its ...
Pierluigi Paganini
June 12, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA ...
Pierluigi Paganini
June 12, 2026
ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google's Threat Intelligence Group pu ...
Pierluigi Paganini
June 12, 2026
21,786 live cameras stream with zero authentication. Cheap gear is the real risk, webcamXP open 46% of the time. Your home router is the broadcast tower. In May 2026, Mysterium VPN queried a publ ...
Pierluigi Paganini
June 12, 2026
Attackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. Threat actors have started exploiting a ...
Pierluigi Paganini
June 11, 2026
OnyxC2 is a MaaS stealer targeting 210+ apps, using DLL sideloading, encrypted payloads, and remote access features to evade detection. OnyxC2 appeared on a cybercrime forum earlier this year and ...
Pierluigi Paganini
June 11, 2026
GreatXML bypasses BitLocker via Defender offline scan artifacts, giving SYSTEM shell in Recovery Mode. No patch exists. Any machine that ran an offline scan is vulnerable. On June 10, security res ...
Pierluigi Paganini
June 11, 2026
Fortinet patched a critical FortiSandbox vulnerability that could let unauthenticated attackers remotely execute commands via crafted HTTP requests. Fortinet released security updates to address s ...
Pierluigi Paganini
June 11, 2026
