Pierluigi Paganini
March 16, 2021
Microsoft released an Exchange On-premises Mitigation Tool (EOMT) tool to small businesses for the fix of ProxyLogon vulnerabilities. On March 2nd, Microsoft released emergency out-of-band secur ...
Pierluigi Paganini
March 16, 2021
Microsoft is reportedly investigating whether the recent attacks against Microsoft Exchange servers could be linked to information leaked by a partner security firm. According to a report publishe ...
Pierluigi Paganini
March 15, 2021
The CEO of the encrypted communications firm Sky Global has been indicted in the US on charges of facilitating international drug trafficking The head of the Canada-based company Sky Global that p ...
Pierluigi Paganini
March 15, 2021
A security researcher released a new PoC exploit for ProxyLogon issues that could be adapted to install web shells on vulnerable Microsoft Exchange servers. A security researcher has released a ne ...
February 20, 2026
February 20, 2026
February 27, 2026
March 02, 2026
March 01, 2026
Europol’s Project Compass led to 30 arrests targeting 'The Com' network, identifying 62 victims and protecting four children from harm. A yearlong operation, code-named Project Compass, led by E ...
Pierluigi Paganini
March 02, 2026
“ClawJacked” flaw let malicious sites hijack OpenClaw AI agents to steal data; patch released in version 2026.2.26. A high-severity vulnerability called ClawJacked in OpenClaw allowed maliciou ...
Pierluigi Paganini
March 02, 2026
Ukrainian citizen Yurii Nazarenko admitted running OnlyFake, an AI-driven site that sold over 10,000 fake IDs worldwide. Ukrainian man Yurii Nazarenko pleaded guilty to operating OnlyFake, an AI-p ...
Pierluigi Paganini
March 02, 2026
Cybercrime group ShinyHunters leaked the full Odido dataset, the Netherlands is facing the biggest data leak in its history. Odido is a Dutch telecommunications company and one of the largest mobi ...
Pierluigi Paganini
March 01, 2026
Hackers abused Claude Code to build exploits and steal 150GB of data in a cyberattack targeting Mexican government systems. Hackers abused Anthropic’s Claude Code AI assistant to develop exploit ...
Pierluigi Paganini
March 01, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Technical Deep Dive: The Monero Mining C ...
Pierluigi Paganini
March 01, 2026
About 900 Sangoma FreePBX systems were infected with web shells after attackers exploited a command injection flaw. Hundreds of Sangoma FreePBX instances are still infected with web shells followi ...
Pierluigi Paganini
March 01, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
March 01, 2026
A data breach at Canadian Tire exposed personal data from over 38 million accounts, including contact details and encrypted passwords. More than 38 million accounts were affected by an October 202 ...
Pierluigi Paganini
February 28, 2026
Attackers spread trojanized gaming tools to deliver a stealthy RAT using PowerShell, LOLBins, and Defender evasion tactics. Threat actors are tricking users into running trojanized gaming utilitie ...
Pierluigi Paganini
February 28, 2026
Aeternum botnet uses Polygon blockchain smart contracts for C&C, making its infrastructure harder to detect and disrupt. Qrator Labs researchers uncovered Aeternum, a botnet that runs its comm ...
Pierluigi Paganini
February 27, 2026
Apple’s iPhone and iPad are now NATO-approved for classified use, listed in the alliance’s Information Assurance Product Catalogue. Apple announced that its iPhone and iPad have received NATO ...
Pierluigi Paganini
February 27, 2026
Juniper released an emergency patch for Junos OS Evolved to fix CVE-2026-21902, a critical RCE flaw affecting PTX routers. Juniper Networks issued an out-of-band security update for Junos OS Evolv ...
Pierluigi Paganini
February 27, 2026
AI accelerates incident response by correlating alerts and generating reports in minutes, helping teams scale beyond manual limits. Incident response has always been a race against the clock. It s ...
Pierluigi Paganini
February 27, 2026
Mysterium VPN found 12M IPs exposing .env files, leaking credentials and revealing widespread security misconfigurations worldwide. Configuration mistakes rarely trigger alarms. A forgotten deny r ...
Pierluigi Paganini
February 27, 2026
European DIY platform ManoMano suffered a data breach via a third-party provider, exposing personal data of 38 million customers. European DIY e-commerce platform ManoMano disclosed a major data b ...
Pierluigi Paganini
February 27, 2026
Trend Micro fixed two critical Apex One flaws enabling remote code execution on vulnerable Windows systems and urged immediate updates. Trend Micro has addressed two critical vulnerabilities in Ap ...
Pierluigi Paganini
February 26, 2026
UAT-10027 campaign is targeting U.S. education and healthcare sectors to deploy a new Dohdoor backdoor. Cisco Talos has identified a new threat cluster, tracked as UAT-10027, targeting U.S. educat ...
Pierluigi Paganini
February 26, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA ...
Pierluigi Paganini
February 26, 2026
Cisco SD-WAN vulnerability CVE-2026-20127 has been exploited since 2023 to gain unauthenticated admin access. A critical Cisco SD-WAN vulnerability, tracked as CVE-2026-20127 (CVSS score of 10.0), ...
Pierluigi Paganini
February 26, 2026
