Pierluigi Paganini
September 04, 2024
D-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router series. Networking hardware vendor D-Link wars of multiple remote code execution (RCE) vul ...
Pierluigi Paganini
September 04, 2024
A group of hacktivist known as Head Mare took advantage of the recent CVE-2023-38831 WinRAR flaw in attacks against organizations in Russia and Belarus. Kaspersky researchers reported that a h ...
Pierluigi Paganini
September 04, 2024
Taiwanese manufacturer Zyxel addressed a critical OS command injection flaw affecting multiple models of its business routers. Zyxel has released security updates to address a critical vulnerabili ...
Pierluigi Paganini
September 03, 2024
VMware released a patch to address a high-severity code execution flaw in its Fusion hypervisor, users are urged to apply it. VMware addressed a high-severity code execution vulnerability, tracke ...
April 23, 2026
Osservatorio Nessuno uncovered Morpheus spyware spreading via fake Android apps to steal data, highlighting rising covert surveillance tools. The non-partisan, non-religious, nonprofit organizatio ...
Pierluigi Paganini
April 28, 2026
NCSC’s SilentGlass blocks malicious HDMI/DisplayPort links, protecting monitors from hardware attacks. Now commercialized for global use. The UK’s National Cyber Security Centre (NCSC) has lau ...
Pierluigi Paganini
April 28, 2026
Medtronic confirmed a breach of its IT systems after ShinyHunters claimed the theft of over 9 million records. Medtronic confirmed a cyberattack on its corporate IT systems after the hacker group ...
Pierluigi Paganini
April 27, 2026
A Chinese national posed as a U.S. researcher, tricking NASA staff in a phishing campaign to steal sensitive data tied to defense software and exports. A Chinese national ran a spear-phishing camp ...
Pierluigi Paganini
April 27, 2026
BrowserGate claims LinkedIn secretly fingerprints users via extensions and device data, sending encrypted results to third parties for tracking. BrowserGate is an investigation conducted by Fairli ...
Pierluigi Paganini
April 27, 2026
CVE-2026-6770 let attackers fingerprint Firefox and Tor users, even in Private mode. Firefox 150 and Tor Browser 15.0.10 fixed it. A vulnerability, tracked as CVE-2026-6770, allowed attackers to f ...
Pierluigi Paganini
April 27, 2026
Fast16 is a pre-Stuxnet malware that tampered with precision software and spread itself. Evidence suggests links to U.S. operations during early cyber tensions. SentinelOne uncovered Fast16, a sab ...
Pierluigi Paganini
April 27, 2026
Italy plans to extradite Xu Zewei to the U.S. over alleged hacks on COVID-19 research tied to state-backed operations. Italy is moving to extradite Xu Zewei, the Chinese national arrested in 2025 ...
Pierluigi Paganini
April 27, 2026
Itron detected unauthorized access to part of its IT environment on April 13, 2026, and launched incident response and notified authorities. Itron disclosed a cyber incident involving unauthorized ...
Pierluigi Paganini
April 27, 2026
CrowdStrike fixed CVE-2026-40050 in LogScale self-hosted, a critical flaw allowing unauthenticated file access via path traversal. CrowdStrike recently disclosed a critical vulnerability, tracked ...
Pierluigi Paganini
April 26, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Morpheus: A new Spyware linked to IPS Intelligence The iPho ...
Pierluigi Paganini
April 26, 2026
Trigona ransomware now uses a custom command-line tool to steal data faster and evade detection, replacing tools like Rclone and MegaSync. Symantec researchers report that recent Trigona ransomwar ...
Pierluigi Paganini
April 26, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
April 26, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ...
Pierluigi Paganini
April 25, 2026
Attackers exploit a Breeze Cache flaw (CVE-2026-3844) to upload files without login. Wordfence researchers detected over 170 attacks. Threat actors are exploiting a critical flaw, tracked as CVE-2 ...
Pierluigi Paganini
April 25, 2026
CISA said a federal Cisco Firepower ASA device was infected with the FIRESTARTER backdoor in Sept 2025, and it survived security patches. CISA revealed that a U.S. federal civilian agency’s Cisc ...
Pierluigi Paganini
April 25, 2026
'Pack2TheRoot' flaw lets local Linux users gain root via PackageKit. CVE-2026-41651 (8.8) has existed for nearly 12 years. The Pack2TheRoot flaw, tracked as CVE-2026-41651, lets unprivileged users ...
Pierluigi Paganini
April 24, 2026
Germany’s Bundestag President Klöckner was targeted in a Signal phishing attack via a fake CDU group chat. Germany’s Bundestag President Julia Klöckner has reportedly become the latest Euro ...
Pierluigi Paganini
April 24, 2026
Bitwarden CLI was hit by the Checkmarx supply chain attack. Version 2026.4.0 shipped malicious code in bw1.js via a compromised GitHub Action. Bitwarden CLI has been compromised as part of the ong ...
Pierluigi Paganini
April 24, 2026
UK National Cyber Security Centre (NCSC) warns China-linked hackers use hijacked devices as proxy networks to hide activity and evade detection. UK National Cyber Security Centre (NCSC) and global ...
Pierluigi Paganini
April 24, 2026
