Security Affairs - Page 1508 of 1802 - Read, think, share … Security is everyone's responsibility

LATEST NEWS

VIEW ALL

Social Networks

The Socialbot Network

Pierluigi Paganini November 02, 2011

Online Social Networks(OSN) are an integral part of today's Web. Hacktivist,Politicians, celebrities, revolutionists, and others use OSNs as carrier for their message to a wide audience. The downs ...

Duqu Trojan, Stuxnet-derived malware

Pierluigi Paganini November 02, 2011

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...

Welcome on board

Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

1
2
4501
4502
4503

most popular

VIEW ALL

Illinois Department of Human Services (IDHS) suffered a data breach that impacted 700K individuals

January 10, 2026

Trend Micro fixed a remote code execution in Apex Central

January 09, 2026

Iran cuts Internet nationwide amid deadly protest crackdown

January 09, 2026

China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware

January 09, 2026

Chinese-speaking hackers exploited ESXi zero-days long before disclosure

January 09, 2026

recent articles

Data Breach

Illinois Department of Human Services (IDHS) suffered a data breach that impacted 700K individuals

Illinois Department of Human Services (IDHS) exposed personal and health data of nearly 700,000 residents due to incorrect privacy settings. The Illinois Department of Human Services (IDHS ) discl ...

Pierluigi Paganini January 10, 2026

Hacking

Trend Micro fixed a remote code execution in Apex Central

Trend Micro fixed three Apex Central flaws discovered by Tenable that could allow remote code execution or denial-of-service attacks. Trend Micro patched three flaws (CVE-2025-69258, CVE-2025-692 ...

Pierluigi Paganini January 09, 2026

Intelligence

Iran cuts Internet nationwide amid deadly protest crackdown

Iran shut down the internet as protests spread nationwide. Dozens were killed in a violent crackdown amid soaring inflation and a collapsing currency. Iran has shut down the internet nationwide as ...

Pierluigi Paganini January 09, 2026

Security

China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware

China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has c ...

Pierluigi Paganini January 09, 2026

Hacking

Chinese-speaking hackers exploited ESXi zero-days long before disclosure

Chinese-speaking attackers used a hacked SonicWall VPN to deploy ESXi zero-days that were likely exploited over a year before public disclosure. Chinese-speaking attackers were seen abusing a hack ...

Pierluigi Paganini January 09, 2026

Malware

Astaroth banking Trojan spreads in Brazil via WhatsApp worm

A WhatsApp worm spread the Astaroth banking trojan across Brazil by automatically sending malicious messages to victims’ contacts. Astaroth, a long-running Brazilian banking malware, has evolved ...

Pierluigi Paganini January 08, 2026

Security

Public PoC prompts Cisco patch for ISE, ISE-PIC vulnerability

Cisco addressed a medium-severity vulnerability in ISE and ISE-PIC after a public PoC exploit was disclosed. Cisco addressed a medium-severity vulnerability, tracked as CVE-2026-20029 (CVSS score: ...

Pierluigi Paganini January 08, 2026

Security

U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infr ...

Pierluigi Paganini January 08, 2026

Intelligence

China-linked groups intensify attacks on Taiwan’s critical infrastructure, NSB warns

Taiwan says China-linked cyberattacks on its energy sector rose tenfold in 2025, hitting critical infrastructure across nine sectors, with total incidents up 6%. Taiwan reports China-linked cybera ...

Pierluigi Paganini January 08, 2026

Security

Ni8mare flaw gives unauthenticated control of n8n instances

A critical n8n flaw (CVE-2026-21858, CVSS 10.0), dubbed Ni8mare, allows unauthenticated attackers to fully take over vulnerable instances. Researchers uncovered a maximum severity n8n vulnerabilit ...

Pierluigi Paganini January 07, 2026

Hacking

Misconfigured email routing enables internal-spoofed phishing

Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured email routing and spoof protectio ...

Pierluigi Paganini January 07, 2026

Security

Veeam resolves CVSS 9.0 RCE flaw and other security issues

Veeam patched a critical RCE flaw in Backup & Replication, CVE-2025-59470, rated CVSS 9.0, along with other vulnerabilities. Veeam released patches for multiple Backup & Replication flaws, ...

Pierluigi Paganini January 07, 2026

Hacking

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

Attackers are exploiting a critical flaw (CVE-2026-0625) in old D-Link DSL routers that allows remote command execution. Threat actors are actively exploiting a critical RCE flaw, tracked as CVE-2 ...

Pierluigi Paganini January 07, 2026

Cyber Crime

Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector

PHALT#BLYX targets European hotels with fake Booking emails and BSoD lures, tricking staff into installing the DCRat remote access trojan. Researchers uncovered a late-December 2025 campaign, dubb ...

Pierluigi Paganini January 07, 2026

Security

CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200

CERT/CC disclosed an unpatched flaw in the TOTOLINK EX200 that allows a remote authenticated attacker to fully compromise the device. CERT/CC warns of an unpatched vulnerability, tracked as CVE-20 ...

Pierluigi Paganini January 06, 2026

Security

Google fixes critical Dolby Decoder bug in Android January update

Android’s January 2026 update fixes CVE-2025-54957, a critical Dolby audio decoder flaw discovered by Google researchers in October 2025. A critical Dolby audio decoder vulnerability, tracked as ...

Pierluigi Paganini January 06, 2026

Cyber Crime

Resecurity Went on the Cyber Offensive - When 'Shiny Objects' trick 'Shiny Hunters'

Resecurity released 105 pages with 1,000+ messages tied to hacker John Erin Binns, detailing contacts with an unnamed woman in Turkey and an associate called “S.M.” Resecurity released 105 pag ...

Pierluigi Paganini January 06, 2026

APT

Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025

Russia-linked APT UAC-0184 targets Ukrainian military and government bodies via Viber, delivering malicious ZIP files for espionage in 2025. Russia-linked threat actor UAC-0184 (aka Hive0156) is t ...

Pierluigi Paganini January 05, 2026

Malware

Kimwolf botnet leverages residential proxies to hijack 2M+ Android devices

The Kimwolf botnet has infected over 2 million Android devices, spreading mainly through residential proxy networks, researchers say. The Kimwolf botnet has compromised more than 2 million Android ...

Pierluigi Paganini January 05, 2026

Cyber Crime

The cybercriminal behind the 2016 Bitfinex hack has been released from prison early thanks to Trump’s 2018 First Step Act

Ilya Lichtenstein, who was sentenced to prison for his role in the Bitfinex hack that occurred in 2016, has been released from prison early. Ilya Lichtenstein (38), convicted for the hack of the c ...

Pierluigi Paganini January 05, 2026