MUST READ

Red Hat GitLab breach exposes data of 21,000 Nissan customers

 | 

Critical n8n flaw could enable arbitrary code execution

 | 

Why Third-Party Access Remains the Weak Link in Supply Chain Security

 | 

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

 | 

Romanian Waters confirms cyberattack, critical water operations unaffected

 | 

Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.

 | 

Infy Returns: Iran-linked hacking group shows renewed activity

 | 

University of Sydney discloses a data breach impacting 27,000 people

 | 

Waymo suspends service after power outage hit San Francisco

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76

 | 

Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ATM Jackpotting ring busted: 54 indicted by DoJ

 | 

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

 | 

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

 | 

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

LATEST NEWS

VIEW ALL
Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity
December 16, 2025
Experts found an unsecured 16TB database containing 4.3B professional records
December 14, 2025
GNV ferry Fantastic under cyberattack probe amid remote hijack fears
December 17, 2025
SonicWall warns of actively exploited flaw in SMA 100 AMC
December 17, 2025
GhostPairing campaign abuses WhatsApp device linking to hijack accounts
December 18, 2025
ATM Jackpotting ring busted: 54 indicted by DoJ
December 20, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Data Breach

Red Hat GitLab breach exposes data of 21,000 Nissan customers

December 23, 2025

Hacking
Critical n8n flaw could enable arbitrary code execution

December 23, 2025

Security
Why Third-Party Access Remains the Weak Link in Supply Chain Security

December 23, 2025

Security
U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

December 23, 2025

Cyber Crime
Romanian Waters confirms cyberattack, critical water operations unaffected

December 22, 2025

recent articles

Data Breach
Red Hat GitLab breach exposes data of 21,000 Nissan customers

Hackers breached Red Hat’s GitLab, stealing data of 21,000 customers; Nissan confirmed exposure via a self-managed GitLab instance. Japanese carmaker Nissan disclosed a data breach tied to a sel ...

Pierluigi Paganini December 23, 2025
Hacking
Critical n8n flaw could enable arbitrary code execution

A critical flaw in the n8n automation platform could allow attackers to execute arbitrary code if exploited under specific conditions. Researchers warn that a critical vulnerability, tracked as C ...

Pierluigi Paganini December 23, 2025
Security
Why Third-Party Access Remains the Weak Link in Supply Chain Security

Attackers exploited a supply chain weakness, abusing trusted components to compromise systems and spread malicious activity across connected targets. Your next breach probably won’t start inside ...

Pierluigi Paganini December 23, 2025
Security
U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Digiever DS-2105 Pro flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Age ...

Pierluigi Paganini December 23, 2025
Cyber Crime
Romanian Waters confirms cyberattack, critical water operations unaffected

Romania’s national water management authority, Romanian Waters, was hit by a ransomware attack over the weekend. Romanian Waters (Administrația Națională Apele Române), the country’s water ...

Pierluigi Paganini December 22, 2025
Cyber Crime
Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.

Ukrainian Artem Stryzhak (35) pleaded guilty in the U.S. for Nefilim ransomware attacks; he was arrested in Spain in 2024, extradited in April 2025. A 35-year-old Ukrainian, Artem Aleksandrovych S ...

Pierluigi Paganini December 22, 2025
Security
Infy Returns: Iran-linked hacking group shows renewed activity

Researchers report renewed activity by Iran-linked Infy (Prince of Persia), showing the hacking group remains active and dangerous after years of silence. SafeBreach researchers have spotted renew ...

Pierluigi Paganini December 22, 2025
Breaking News
University of Sydney discloses a data breach impacting 27,000 people

Hackers stole personal data of about 27,500 people from the University of Sydney after accessing an online code library, the university confirmed. The University of Sydney disclosed a data breach ...

Pierluigi Paganini December 22, 2025
Security
Waymo suspends service after power outage hit San Francisco

Waymo temporarily halted its San Francisco robotaxi service after a major blackout left multiple autonomous vehicles stranded on city streets. Waymo temporarily halted its robotaxi service in San ...

Pierluigi Paganini December 22, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter CyberVolk | A Deep Dive into the Hacktiv ...

Pierluigi Paganini December 21, 2025
Breaking News
Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini December 21, 2025
Malware
Massive Android botnet Kimwolf infects millions, strikes with DDoS

The Kimwolf Android botnet has infected 1.8M+ devices, launching massive DDoS attacks and boosting its C&C domain, says XLab. Kimwolf is a newly discovered Android botnet linked to the Aisuru ...

Pierluigi Paganini December 21, 2025
Cyber Crime
ATM Jackpotting ring busted: 54 indicted by DoJ

The U.S. Department of Justice has indicted 54 individuals over a multi-million-dollar ATM jackpotting fraud scheme. U.S. DoJ indicted 54 people for a nationwide ATM jackpotting scheme that stole ...

Pierluigi Paganini December 20, 2025
Hacking
U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a WatchGuard Fireware OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security A ...

Pierluigi Paganini December 20, 2025
Hacking
Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

Denmark has blamed Russia for a destructive cyberattack on a water utility, calling it part of Moscow’s hybrid campaign against Western critical infrastructure. Denmark has accused Russia of orc ...

Pierluigi Paganini December 20, 2025
Cyber Crime
CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

The Clop ransomware group is targeting Gladinet CentreStack file servers in a new large-scale extortion campaign. The Clop ransomware group is targeting Gladinet CentreStack file servers in a new ...

Pierluigi Paganini December 19, 2025
Security
ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

A new UEFI flaw exposes some ASRock, ASUS, GIGABYTE, and MSI motherboards to early-boot DMA attacks, bypassing IOMMU protections. Researchers warn of a new UEFI vulnerability that affects select A ...

Pierluigi Paganini December 19, 2025
APT
China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

Cisco disclosed a critical zero-day (CVE-2025-20393) in Secure Email Gateway and Secure Email and Web Manager, actively exploited by a China-linked group. Cisco disclosed a critical zero-day, trac ...

Pierluigi Paganini December 19, 2025
Security
Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

Hewlett Packard Enterprise (HPE) fixed a critical OneView flaw that could allow attackers to achieve remote code execution. Hewlett Packard Enterprise (HPE) addressed a maximum-severity security v ...

Pierluigi Paganini December 18, 2025
Cyber Crime
DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

Resecurity reports a Q4 2025 surge in criminal use of DIG AI on Tor, enabling scalable illicit activity and posing new risks ahead of major 2026 events. During Q4 2025, Resecurity observed a notab ...

Pierluigi Paganini December 18, 2025