MUST READ

Activist Phone Hacked With Cellebrite After Russia Contract Cancellation

 | 

U.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog

 | 

Third-Party Breach at Polymarket Leads to $2.94M Crypto Theft

 | 

macOS.Gaslight: North Korea-Linked Malware That Tries to Gaslight the Analyst

 | 

Tata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and Tesla

 | 

Curl Fixes a 25-Year-Old Bug in Its Largest CVE Release Yet

 | 

Inside Mistic, the New Stealth Backdoor in Ransomware Intrusions

 | 

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure

 | 

Nathan Austad Pleads Guilty in DraftKings Hacking Scheme, Gets 18 Months

 | 

Europol Disrupts StealC and Amadey Malware Infrastructure in Operation Endgame

 | 

Why Frontier AI makes prioritization the most important part of your CTEM program

 | 

Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild

 | 

U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog

 | 

FortiBleed: The Broker Who Turned 73,000 Firewalls Into a Product Catalog

 | 

One Railway Radio Outage Stopped Trains Across Germany and Nobody Knew Why

 | 

Samsung KNOX Kernel UAF Exposes Millions of Galaxy Devices

 | 

DifyTap: Four Bugs Put over 1 million AI Apps at Risk

 | 

Xsolis Data Breach Impacts 1.4 Million People

 | 

ShapedPlugin Supply Chain Attack Backdoors Pro Plugin Updates

 | 

Squidbleed: 29-Year-Old Squid Bug Leaks User Credentials

 | 

LATEST NEWS

VIEW ALL
APT
Russia-linked APT29 relies on Google Drive, Dropbox to evade detection
Pierluigi Paganini July 19, 2022

Russia-linked threat actors APT29 are using the Google Drive cloud storage service to evade detection. Palo Alto Networks researchers reported that the Russia-linked APT29 group, tracked by the re ...

Cyber Crime
Crooks create rogue cryptocurrency-themed apps to steal crypto assets from users
Pierluigi Paganini July 19, 2022

The U.S. FBI has warned of crooks developing malicious cryptocurrency-themed apps to steal crypto assets from the users. The U.S. Federal Bureau of Investigation (FBI) has warned of crooks creatin ...

Malware
Several apps on the Play Store used to spread Joker, Facestealer and Coper malware
Pierluigi Paganini July 19, 2022

Google blocked dozens of malicious apps from the official Play Store that were spreading Joker, Facestealer, and Coper malware families. Google has removed dozens of malicious apps from the offici ...

Cyber Crime
MLNK Builder 4.2 released in Dark Web – malicious shortcut-based attacks are on the rise
Pierluigi Paganini July 18, 2022

Cybercriminals released a new MLNK Builder 4.2 tool for malicious shortcuts (LNK) generation with an improved Powershell and VBS Obfuscator Resecurity, Inc. (USA), a Los Angeles-based cybersecurit ...

top articles

Hackers access Booking.com user data, company secures systems
April 13, 2026
Inside ZionSiphon: politically driven malware aims at Israeli water systems
April 17, 2026
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace
April 23, 2026
Checkmarx supply chain attack impacts Bitwarden npm distribution path
April 24, 2026
Critical CrowdStrike LogScale bug could have allowed file access, but no exploitation was observed
April 26, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

Activist Phone Hacked With Cellebrite After Russia Contract Cancellation

June 26, 2026

Security
U.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog

June 26, 2026

Security
Third-Party Breach at Polymarket Leads to $2.94M Crypto Theft

June 26, 2026

Malware
macOS.Gaslight: North Korea-Linked Malware That Tries to Gaslight the Analyst

June 26, 2026

Data Breach
Tata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and Tesla

June 25, 2026

recent articles

Security
Activist Phone Hacked With Cellebrite After Russia Contract Cancellation

Russian authorities used Cellebrite tools to unlock an activist’s iPhone and analyze private data despite canceled support, raising abuse concerns. On May 31, 2021, Russian security services pul ...

Pierluigi Paganini June 26, 2026
Security
U.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructur ...

Pierluigi Paganini June 26, 2026
Security
Third-Party Breach at Polymarket Leads to $2.94M Crypto Theft

Polymarket confirmed hackers stole funds from some users after attackers injected malicious code through a compromised third-party vendor. Polymarket confirmed that a security breach at a third-pa ...

Pierluigi Paganini June 26, 2026
Malware
macOS.Gaslight: North Korea-Linked Malware That Tries to Gaslight the Analyst

macOS.Gaslight: DPRK Rust implant for Mac with a prompt injection payload designed to fool AI-based malware analysts. SentinelLabs researchers spotted a Rust-based macOS implant, dubbed macOS.Gasl ...

Pierluigi Paganini June 26, 2026
Data Breach
Tata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and Tesla

Tata Electronics confirmed a data breach after hackers claimed to steal 630GB of data, including alleged Apple supplier and Tesla documents. Tata Electronics, a major supplier to Apple and Tesla, ...

Pierluigi Paganini June 25, 2026
Security
Curl Fixes a 25-Year-Old Bug in Its Largest CVE Release Yet

Curl fixed 18 vulnerabilities, including a 25-year-old bug, with issues spanning auth bypass, memory safety, and host validation in libcurl. Curl maintainers addressed eighteen vulnerabilities wit ...

Pierluigi Paganini June 25, 2026
Cyber Crime
Inside Mistic, the New Stealth Backdoor in Ransomware Intrusions

Mistic is a stealthy backdoor used by KongTuke-linked actors to keep long-term access in ransomware-targeted networks. Mistic is the kind of backdoor that tells you the operator wants time, not no ...

Pierluigi Paganini June 25, 2026
Hacking
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure

Hackers exploited Cisco Catalyst SD-WAN flaw CVE-2026-20245 as a zero-day months before disclosure, enabling privileged command execution. Google-owned Mandiant reported that an unknown threat act ...

Pierluigi Paganini June 25, 2026
Cyber Crime
Nathan Austad Pleads Guilty in DraftKings Hacking Scheme, Gets 18 Months

Third DraftKings hacker gets 18 months in prison for a 2022 credential-stuffing attack that compromised 1,600 accounts and stole $600,000. Nathan Austad, the third person sentenced over the 2022 D ...

Pierluigi Paganini June 25, 2026
Cyber Crime
Europol Disrupts StealC and Amadey Malware Infrastructure in Operation Endgame

Operation Endgame disrupted malware services like StealC and Amadey that enable ransomware, fraud, and attacks on critical infrastructure. Between June 15 and 19, 2026, Europol coordinated a two-w ...

Pierluigi Paganini June 24, 2026
Artificial Intelligence
Why Frontier AI makes prioritization the most important part of your CTEM program

Frontier AI could drive a 10x surge in vulnerabilities. CTEM helps organizations continuously identify, prioritize, and reduce real cyber risk. Your vulnerability management program was not design ...

Pierluigi Paganini June 24, 2026
Uncategorized
Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild

Attackers exploit Cisco Unified CM flaw (CVE-2026-20230) allowing unauth HTTP requests to trigger SSRF, write files, and gain root access Cisco Unified Communications Manager has a serious vulnera ...

Pierluigi Paganini June 24, 2026
Security
U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ubiquiti UniFi OS and Lantronix EDS5000 flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...

Pierluigi Paganini June 24, 2026
Cyber Crime
FortiBleed: The Broker Who Turned 73,000 Firewalls Into a Product Catalog

FortiBleed exposed valid credentials for 73,000+ Fortinet firewalls, revealing a large-scale access-brokering operation targeting organizations worldwide. In mid-June 2026, researcher Volodymyr "B ...

Pierluigi Paganini June 24, 2026
Security
One Railway Radio Outage Stopped Trains Across Germany and Nobody Knew Why

A nationwide GSM-R outage stopped trains across Germany, exposing how one aging communications system can still bring an entire rail network to a halt At 10:30 PM on Tuesday June 23, Deutsche Bahn ...

Pierluigi Paganini June 24, 2026
Security
Samsung KNOX Kernel UAF Exposes Millions of Galaxy Devices

Samsung’s KNOX flaw (CVE-2026-20971) is a kernel UAF in PROCA/FIVE that can enable corruption via a race; Samsung patched it in Jan 2026. Experts found a nasty kernel flaw in Samsung’s KNOX st ...

Pierluigi Paganini June 23, 2026
Hacking
DifyTap: Four Bugs Put over 1 million AI Apps at Risk

Four flaws in Dify exposed cross-tenant data, documents and AI conversations. Two critical bugs enabled unauthenticated access and data theft. Zafran Labs researchers disclosed four vulnerabilitie ...

Pierluigi Paganini June 23, 2026
Cyber Crime
Xsolis Data Breach Impacts 1.4 Million People

Xsolis disclosed a breach affecting 1.4M people after a phishing attack exposed personal and health data from its hospital clients’ systems. Healthcare tech company Xsolis, Inc. has disclosed a ...

Pierluigi Paganini June 23, 2026
Hacking
ShapedPlugin Supply Chain Attack Backdoors Pro Plugin Updates

Attackers backdoored ShapedPlugin Pro updates, deploying malware that steals credentials, 2FA secrets, and grants full site access. If you installed a ShapedPlugin Pro plugin between April and Jun ...

Pierluigi Paganini June 23, 2026
Hacking
Squidbleed: 29-Year-Old Squid Bug Leaks User Credentials

Squidbleed is a 29-year-old Squid Proxy flaw that can leak credentials, tokens, and other users' HTTP data through a memory overread. Researchers at Calif.io have disclosed CVE-2026-47729, a memor ...

Pierluigi Paganini June 23, 2026