MUST READ

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

 | 

GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover

 | 

Phishing LNK files and GitHub C2 power new DPRK cyber attacks

 | 

BKA unmasks two REvil Ransomware operators behind 130+ German attacks

 | 

Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed

 | 

CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91

 | 

Image or Malware? Read until the end and answer in comments :)

 | 

Security Affairs newsletter Round 571 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Qilin ransomware group claims the hack of German political party Die Linke

 | 

U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog

 | 

European Commission breach exposed data of 30 EU entities, CERT-EU says

 | 

North Korea–linked hackers drain $285M from Drift in sophisticated attack

 | 

CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access

 | 

Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies

 | 

Cisco fixed critical and high-severity flaws

 | 

Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing

 | 

Italian spyware vendor creates Fake WhatsApp app, targeting 200 users

 | 

Google fixes fourth actively exploited Chrome zero-day of 2026

 | 

Google links Axios npm supply chain attack to North Korea-linked APT UNC1069

 | 

LATEST NEWS

VIEW ALL
Malware
Duqu Trojan, Stuxnet-derived malware
Pierluigi Paganini November 02, 2011

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...

Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

Citrix NetScaler critical flaw could leak data, update now
March 24, 2026
Data breach at Dutch Ministry of Finance impacts staff following cyberattack
March 24, 2026
Coruna exploit reveals evolution of Triangulation iOS exploitation framework
March 26, 2026
ShinyHunters claims the hack of the European Commission
March 28, 2026
Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies
April 03, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Cyber Crime

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

April 07, 2026

Security
GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover

April 07, 2026

Uncategorized
Phishing LNK files and GitHub C2 power new DPRK cyber attacks

April 06, 2026

Cyber Crime
BKA unmasks two REvil Ransomware operators behind 130+ German attacks

April 06, 2026

Security
Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed

April 06, 2026

recent articles

Cyber Crime
Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially d ...

Pierluigi Paganini April 07, 2026
Security
GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover

GPUBreach attack technique uses GPU memory bit-flips to escalate privileges and potentially take full control of a system. New research shows that attacks like GPUBreach exploit RowHammer bit-flip ...

Pierluigi Paganini April 07, 2026
Uncategorized
Phishing LNK files and GitHub C2 power new DPRK cyber attacks

DPRK-linked hackers use GitHub C2s, starting attacks via phishing LNK files that drop a PDF and PowerShell script in South Korea. North Korea-linked threat actors target South Korean organizations ...

Pierluigi Paganini April 06, 2026
Cyber Crime
BKA unmasks two REvil Ransomware operators behind 130+ German attacks

German police BKA identified two key REvil ransomware members, linking them to over 130 attacks in Germany. Germany’s Federal Criminal Police (BKA) has identified two key figures behind the REvi ...

Pierluigi Paganini April 06, 2026
Security
Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed

Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000 F5 BIG-IP APM instances remain exposed on ...

Pierluigi Paganini April 06, 2026
Hacking
CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw

Fortinet issued emergency patches for a critical FortiClient EMS flaw (CVE-2026-35616) actively exploited in the wild. Fortinet released out-of-band patches for a critical FortiClient EMS vulnerab ...

Pierluigi Paganini April 06, 2026
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer: a new macOS infostealer using ClickFix and P ...

Pierluigi Paganini April 05, 2026
Hacking
Image or Malware? Read until the end and answer in comments :)

A malicious email delivered a .cmd malware that escalates privileges, bypasses antivirus, downloads payloads, sets persistence, and self-deletes. I received this email from a friend to make an ana ...

Pierluigi Paganini April 05, 2026
Breaking News
Security Affairs newsletter Round 571 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini April 05, 2026
Cyber Crime
Qilin ransomware group claims the hack of German political party Die Linke

Qilin ransomware claims it stole data from Germany’s Die Linke and threatens to leak it; the party confirmed the incident, but not a breach. The Qilin ransomware group claims it stole data from ...

Pierluigi Paganini April 04, 2026
Security
U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Ag ...

Pierluigi Paganini April 04, 2026
Security
European Commission breach exposed data of 30 EU entities, CERT-EU says

CERT-EU says a European Commission cloud hack exposed data from 30 EU entities and links the breach to the TeamPCP group. CERT-EU attributed a European Commission cloud breach to the TeamPCP threa ...

Pierluigi Paganini April 04, 2026
Hacking
North Korea–linked hackers drain $285M from Drift in sophisticated attack

Drift lost $285M in a sophisticated attack, likely by North Korea, who used nonce-based tricks to gain control and quickly drain funds Drift suffered a $285 million cryptocurrency heist in a highl ...

Pierluigi Paganini April 03, 2026
Breaking News
CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access

CrystalX RAT, a new sophisticated MaaS malware, combines spyware, data theft, and remote access, allowing attackers to monitor victims. In March 2026, Kaspersky researchers uncovered a Telegram-ba ...

Pierluigi Paganini April 03, 2026
Data Breach
Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies

Iran-linked hackers claim to have breached Israeli air defence contractor PSK Wind, which develops command and control systems. Pro-Iran Handala group announced on April 2 that it breached PSK Win ...

Pierluigi Paganini April 03, 2026
Security
Cisco fixed critical and high-severity flaws

Cisco fixed critical flaws that could allow attackers to bypass authentication, run code, and gain access to sensitive data. Cisco released patches for two critical and six high-severity vulnerabi ...

Pierluigi Paganini April 02, 2026
Hacking
Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing

Threat actors impersonated CERT-UA to send phishing emails with AGEWHEEZE malware, tricking victims into installing a fake “security tool.” A threat actor, tracked as UAC-0255, impersonated CE ...

Pierluigi Paganini April 02, 2026
Malware
Italian spyware vendor creates Fake WhatsApp app, targeting 200 users

WhatsApp blocked a fake app by Italian firm SIO/Asigint that targeted 200 users with spyware, urging them to reinstall the official app. WhatsApp has recently uncovered a malicious fake version of ...

Pierluigi Paganini April 02, 2026
Hacking
Google fixes fourth actively exploited Chrome zero-day of 2026

Google fixed a new Chrome zero-day, tracked as CVE-2026-5281, in the WebGPU Dawn component that is already exploited in the wild. Google released Chrome updates fixing 21 vulnerabilities, includin ...

Pierluigi Paganini April 01, 2026
Security
Google links Axios npm supply chain attack to North Korea-linked APT UNC1069

Google links the Axios npm supply chain attack to North Korean threat group UNC1069, targeting financial gain. Google has attributed the recent Axios npm supply chain compromise to a North Korean ...

Pierluigi Paganini April 01, 2026