Security Affairs

LATEST NEWS

VIEW ALL

Rapid7 says source code, credentials accessed as a result of Codecov supply-chain attack

Pierluigi Paganini May 14, 2021

Rapid7 disclosed that unauthorized third-party had access to source code and customer data as result of Codecov supply chain attack. Cyber security vendor Rapid7 reveals it was impacted by the Cod ...

Security

Security at Bay: Critical Infrastructure Under Attack

Pierluigi Paganini May 13, 2021

The recent Colonial Pipeline attack highlights the dangers that are facing Critical Infrastructure worldwide. The attack perpetrated by hackers on oil company Colonial Pipeline highlights the dang ...

Breaking News

Please vote Security Affairs - 1 day left

Pierluigi Paganini May 13, 2021

Hi GuysI need your support. I became aware only not that we can nominate SecurityAffairs as Best Personal Blog. I need your support. Please vote Security Affairs as Best Personal cybersecurit ...

Cyber Crime

Organizations in aerospace and travel sectors under attack, Microsoft warns

Pierluigi Paganini May 13, 2021

Microsoft warns of a malware-based campaign that targeted organizations in the aerospace and travel sectors in the past months. Microsoft researchers revealed that organizations in the aerospace a ...

1
2
1696
1697
1698
1699
1700
4542
4543
4544

recent articles

Security

U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini February 21, 2026

Data Breach

PayPal discloses extended data leak linked to Loan App glitch

PayPal disclosed a six-month data breach that exposed sensitive user data, including Social Security numbers, due to a software error. PayPal has disclosed a data breach caused by a software bug i ...

Pierluigi Paganini February 20, 2026

Cyber Crime

North Korean IT worker scam nets Ukrainian five-year sentence in the U.S.

A Ukrainian man was sentenced to five years in the U.S. for helping North Korean IT workers use stolen identities to get hired by U.S. firms. Oleksandr “Alexander” Didenko, a 29-year-old Ukrai ...

Pierluigi Paganini February 20, 2026

Cyber Crime

FBI warns of surge in ATM Jackpotting, $20 Million lost in 2025

The FBI warns ATM jackpotting is rising nationwide, with over $20 million lost in 2025 and 1,900 incidents reported since 2020. The FBI has warned of a sharp rise in ATM jackpotting attacks across ...

Pierluigi Paganini February 20, 2026

Cyber Crime

Red Card 2.0: INTERPOL busts scam networks across Africa, seizes millions

INTERPOL’s Operation Red Card 2.0 led to 651 arrests across 16 African countries and recovered over $4.3 million from online scams. INTERPOL’s Operation Red Card 2.0, a joint effort involving ...

Pierluigi Paganini February 20, 2026

Artificial Intelligence

PromptSpy abuses Gemini AI to gain persistent access on Android

PromptSpy is the first Android malware to abuse Google’s Gemini AI, enabling persistence and advanced spying features. Security researchers at ESET have uncovered PromptSpy, the first known Andr ...

Pierluigi Paganini February 20, 2026

Breaking News

Germany’s national rail operator Deutsche Bahn hit by a DDoS attack

Germany’s national rail operator, Deutsche Bahn, suffered a major DDoS attack that disrupted booking and information systems for several hours. Germany’s rail operator Deutsche Bahn was hit by ...

Pierluigi Paganini February 19, 2026

Hacking

U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ...

Pierluigi Paganini February 19, 2026

Security

CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs

CISA warns Honeywell CCTVs are affected by a critical auth bypass flaw (CVE-2026-1670) allowing unauthorized access or account hijacking. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini February 19, 2026

Artificial Intelligence

Irish regulator probes X after Grok allegedly generated sexual images of children

Ireland’s Data Protection Commission opened a probe into X over Grok AI tool allegedly generating sexual images, including of children. Ireland’s Data Protection Commission has launched anothe ...

Pierluigi Paganini February 19, 2026

Malware

Intellexa’s Predator spyware infected Angolan journalist’s device, Amnesty reports

Amnesty reports Angolan journalist’s iPhone was infected by Intellexa’s Predator spyware via a WhatsApp link in May 2024. Amnesty International reports that in May 2024, Intellexa’s Predator ...

Pierluigi Paganini February 19, 2026

Hacking

French Ministry confirms data access to 1.2 Million bank accounts

A hacker accessed data from 1.2 million French bank accounts using stolen official credentials, the Economy Ministry said. A hacker gained access to data from 1.2 million French bank accounts usin ...

Pierluigi Paganini February 18, 2026

Hacking

Notepad++ patches flaw used to hijack update system

Notepad++ patched a vulnerability that attackers used to hijack its update system and deliver malware to targeted users. Notepad++ fixed a vulnerability that allowed a China-linked APT group to hi ...

Pierluigi Paganini February 18, 2026

Security

VS Code extensions with 125M+ installs expose users to cyberattacks

Four popular VS Code extensions with 125M+ installs have flaws that could let hackers steal files and run code remotely. OX Security researchers warn that security flaws in four widely used VS Cod ...

Pierluigi Paganini February 18, 2026

APT

China-linked APT weaponized Dell RecoverPoint zero-day since 2024

A suspected Chinese state-linked group exploited a critical Dell RecoverPoint flaw (CVE-2026-22769) in zero-day attacks starting mid-2024. Mandiant and Google’s Threat Intelligence Group (GTIG) ...

Pierluigi Paganini February 18, 2026

Uncategorized

U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities c ...

Pierluigi Paganini February 18, 2026

Malware

Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign

Kaspersky uncovered Keenadu, an Android backdoor used for ad fraud that can even take full control of devices. Kaspersky has identified a new Android malware called Keenadu. It can be preinstalled ...

Pierluigi Paganini February 18, 2026

Artificial Intelligence

SmartLoader hackers clone Oura MCP project to spread StealC malware

Hackers used a fake Oura MCP server to trick users into downloading malware that installs the StealC info-stealer. Straiker's AI Research (STAR) Labs team uncovered a SmartLoader campaign in which ...

Pierluigi Paganini February 17, 2026

Cyber Crime

Polish cybercrime Police arrest man linked to Phobos ransomware operation

Officers from Poland's Central Bureau of Cybercrime Control (CBZC) police arrested a 47-year-old man linked to the Phobos ransomware operation. Polish authorities arrested a 47-year-old man suspec ...

Pierluigi Paganini February 17, 2026

Security

Poorly crafted phishing campaign leverages bogus security incident report

Attackers used a fake PDF incident report hosted on AWS to scare victims into enabling 2FA, though a poorly crafted phishing campaign. Freelance security consultant Xavier Mertens reported a phis ...

Pierluigi Paganini February 17, 2026

LATEST NEWS

top articles

newsletter

Subscribe to my email list and stay up-to-date!

most popular

recent articles

Subscribe to my email list and stay
up-to-date!