Pierluigi Paganini
December 04, 2015
Ponmocup is one of the oldest botnet that infected more than 15 million machines across the years, but many experts still ignore it. Ponmocup is one of the largest and oldest botnets in circulation, ...
Pierluigi Paganini
December 03, 2015
Open Whisper Systems issued a beta version of the Signal app for Desktop that for now works only as a Chrome app and links only to Android devices. Signal is a free and open-source encrypted voice ...
Pierluigi Paganini
December 03, 2015
Researchers have conducted a series of tests on popular 3G/4G mobile modems (data dongles) and routers discovered an impressive number of serious flaws. Sometimes old news came back threatening our ...
Pierluigi Paganini
December 03, 2015
Trend Micro uncovered a large-scale operation dubbed Black Atlas operation, in reference to notorious BlackPOS PoS malware. It's Christmas time also for crooks, in this period the number of credit ...
April 23, 2026
16,699 ransomware leak posts over 2 years show 84% drop Monday–Friday, peak at European afternoon hours. October spikes yearly. Someone analyzed 16,699 ransomware leak-site posts across 200 gro ...
Pierluigi Paganini
June 01, 2026
CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create WordPress admin accounts. 2,858 attacks blocked in 24 hours. WP Maps Pro plugin allows WordPress site owners to embed Google Maps ...
Pierluigi Paganini
June 01, 2026
CIFSwitch is a 19-year-old Linux logic bug turning forged CIFS auth keys into root. Affects Mint, CentOS, Rocky, Kali, SLES. CIFSwitch stands apart from typical privilege escalation vulnerabilitie ...
Pierluigi Paganini
June 01, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...
Pierluigi Paganini
June 01, 2026
The Pentagon confirmed adversaries are using commercial location data to track U.S. troops, exposing risks tied to smartphones and ad-tech networks. For years, security researchers, privacy advoca ...
Pierluigi Paganini
June 01, 2026
CVE-2026-0257 lets attackers forge Palo Alto GlobalProtect auth cookies and bypass VPN login. Exploitation confirmed since May 17. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on M ...
Pierluigi Paganini
May 31, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026- ...
Pierluigi Paganini
May 31, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
May 31, 2026
Cybercrime group ShinyHunters leaked data allegedly stolen from Charter Communications, exposing millions of customer records after a failed extortion attempt. The ShinyHunters extortion group has ...
Pierluigi Paganini
May 30, 2026
Attackers are texting Signal users posing as Support, asking for backup recovery keys. Once obtained, they can decrypt the entire message history, not just future chats. A phishing campaign is cur ...
Pierluigi Paganini
May 30, 2026
Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet of at least 17 million devices and sei ...
Pierluigi Paganini
May 30, 2026
GREYVIBE, a Russia-linked group active since 2025, targets Ukraine with AI-assisted malware and five attack chains. Researchers say it's part spy op, part crime gang. Security firm WithSecure has ...
Pierluigi Paganini
May 29, 2026
Digital Intelligence Lab (DIL) launches an observatory for reading cyber events as what they actually are: signals of a broader social and geopolitical reality. The timing rarely lies, and the con ...
Pierluigi Paganini
May 29, 2026
A researcher dropped 6 Windows zero-days with no warning. Three are now exploited in the wild. Microsoft is angry. The researcher says Microsoft ignored them first. Over the past month, a research ...
Pierluigi Paganini
May 29, 2026
BTMOB sells Android full-device takeover as a kit, no coding needed. It steals data, records screens, and hands attackers remote control for $5,000 lifetime. Most Android malware requires at least ...
Pierluigi Paganini
May 29, 2026
Carnival disclosed a data breach affecting nearly 6 million people after hackers used social engineering to access employee accounts. Carnival Corporation is notifying nearly 6 million people afte ...
Pierluigi Paganini
May 28, 2026
Threat actors are exploiting a critical FortiClient EMS flaw, tracked as CVE-2026-35616, to deploy malware on unpatched systems. Threat actors are exploiting a critical FortiClient EMS vulnerabili ...
Pierluigi Paganini
May 28, 2026
Microsoft and Resecurity disrupted Fox Tempest, a malware-signing service that used fake Microsoft certificates to make malware look legitimate. Resecurity supported Microsoft’s Digital Crimes U ...
Pierluigi Paganini
May 28, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...
Pierluigi Paganini
May 28, 2026
A third-party UK visa site exposed passports and selfies on a public AWS server. It’s not official GOV.UK and affected at least 100,000 documents. UK Visa Portal is not run by the British govern ...
Pierluigi Paganini
May 28, 2026
