MUST READ

Eurail data breach impacted 308,777 people

 | 

Malicious PDF reveals active Adobe Reader zero-day in the wild

 | 

Masjesu botnet targets IoT devices while evading high-profile networks

 | 

The alleged breach of China’s National Supercomputing Center can have serious geopolitical consequences

 | 

Internet-Exposed ICS Devices Raise Alarm for Critical Sectors

 | 

U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog

 | 

Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics

 | 

Signature Healthcare hit by cyberattack, services and pharmacies impacted

 | 

Project Glasswing powered by Claude Mythos: defending software before hackers do

 | 

U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs

 | 

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

 | 

Major outage cripples Russian banking apps and metro payments nationwide

 | 

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

 | 

GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover

 | 

Phishing LNK files and GitHub C2 power new DPRK cyber attacks

 | 

BKA unmasks two REvil Ransomware operators behind 130+ German attacks

 | 

Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed

 | 

CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91

 | 

Image or Malware? Read until the end and answer in comments :)

 | 

LATEST NEWS

VIEW ALL
Malware
Duqu Trojan, Stuxnet-derived malware
Pierluigi Paganini November 02, 2011

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...

Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

Data breach at Dutch Ministry of Finance impacts staff following cyberattack
March 24, 2026
ShinyHunters claims the hack of the European Commission
March 28, 2026
GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover
April 07, 2026
BKA unmasks two REvil Ransomware operators behind 130+ German attacks
April 06, 2026
Major outage cripples Russian banking apps and metro payments nationwide
April 07, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Data Breach

Eurail data breach impacted 308,777 people

April 09, 2026

Hacking
Malicious PDF reveals active Adobe Reader zero-day in the wild

April 09, 2026

Malware
Masjesu botnet targets IoT devices while evading high-profile networks

April 09, 2026

Hacking
The alleged breach of China’s National Supercomputing Center can have serious geopolitical consequences

April 09, 2026

ICS-SCADA
Internet-Exposed ICS Devices Raise Alarm for Critical Sectors

April 09, 2026

recent articles

Data Breach
Eurail data breach impacted 308,777 people

Hackers breached Eurail in Dec 2025, stole names and passport data, and exposed over 300,000 travelers’ personal information. Threat actors breached Eurail in December 2025 and stole names and p ...

Pierluigi Paganini April 09, 2026
Hacking
Malicious PDF reveals active Adobe Reader zero-day in the wild

Hackers used an Adobe Reader zero-day for months. Researcher Haifei Li found a malicious PDF and asks the community to help analyze it. Hackers used an Adobe Reader zero-day for months to deliver ...

Pierluigi Paganini April 09, 2026
Malware
Masjesu botnet targets IoT devices while evading high-profile networks

Masjesu is a stealthy DDoS-for-hire botnet targeting IoT devices, active since 2023 and designed to stay hidden by avoiding high-profile networks. Masjesu is a stealthy botnet active since 2023, a ...

Pierluigi Paganini April 09, 2026
Hacking
The alleged breach of China’s National Supercomputing Center can have serious geopolitical consequences

A hacker allegedly stole 10+ PB of sensitive military and aerospace data from China’s National Supercomputing Center, risking national security. A massive alleged breach has hit China’s Nation ...

Pierluigi Paganini April 09, 2026
ICS-SCADA
Internet-Exposed ICS Devices Raise Alarm for Critical Sectors

Exposed ICS devices and insecure protocols like Modbus increase risks to critical infrastructure, enabling disruption, data access, and potential sabotage. Malware targeting industrial control sys ...

Pierluigi Paganini April 09, 2026
Security
U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini April 08, 2026
APT
Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics

APT28 targets Ukraine and allies with PRISMEX malware, using stealthy techniques for espionage and command-and-control. Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Stor ...

Pierluigi Paganini April 08, 2026
Security
Signature Healthcare hit by cyberattack, services and pharmacies impacted

Massachusetts’ Signature Healthcare diverts ambulances and cancels services after a cyberattack disrupts hospital operations and pharmacy access. The hospital Signature Healthcare in Brockton, M ...

Pierluigi Paganini April 08, 2026
Artificial Intelligence
Project Glasswing powered by Claude Mythos: defending software before hackers do

Anthropic unveiled Claude Mythos, a powerful AI for cybersecurity that could also be misused to enhance cyberattacks. Anthropic has unveiled Claude Mythos, a new AI model designed to strengthen cy ...

Pierluigi Paganini April 08, 2026
APT
U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs

U.S. agencies warn Iran-linked threat actors are targeting internet-exposed PLCs used in critical infrastructure networks. U.S. agencies, including the FBI and CISA, warn that Iran-linked hackers ...

Pierluigi Paganini April 08, 2026
Security
Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to poor validation of user-supplied JavaScri ...

Pierluigi Paganini April 07, 2026
Security
Major outage cripples Russian banking apps and metro payments nationwide

A major outage hit Russian banking apps and payments, blocking card use, cash withdrawals, and mobile access for hours. A widespread outage disrupted banking apps and payment systems across Russia ...

Pierluigi Paganini April 07, 2026
Cyber Crime
Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially d ...

Pierluigi Paganini April 07, 2026
Security
GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover

GPUBreach attack technique uses GPU memory bit-flips to escalate privileges and potentially take full control of a system. New research shows that attacks like GPUBreach exploit RowHammer bit-flip ...

Pierluigi Paganini April 07, 2026
Uncategorized
Phishing LNK files and GitHub C2 power new DPRK cyber attacks

DPRK-linked hackers use GitHub C2s, starting attacks via phishing LNK files that drop a PDF and PowerShell script in South Korea. North Korea-linked threat actors target South Korean organizations ...

Pierluigi Paganini April 06, 2026
Cyber Crime
BKA unmasks two REvil Ransomware operators behind 130+ German attacks

German police BKA identified two key REvil ransomware members, linking them to over 130 attacks in Germany. Germany’s Federal Criminal Police (BKA) has identified two key figures behind the REvi ...

Pierluigi Paganini April 06, 2026
Security
Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed

Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000 F5 BIG-IP APM instances remain exposed on ...

Pierluigi Paganini April 06, 2026
Hacking
CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw

Fortinet issued emergency patches for a critical FortiClient EMS flaw (CVE-2026-35616) actively exploited in the wild. Fortinet released out-of-band patches for a critical FortiClient EMS vulnerab ...

Pierluigi Paganini April 06, 2026
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer: a new macOS infostealer using ClickFix and P ...

Pierluigi Paganini April 05, 2026
Hacking
Image or Malware? Read until the end and answer in comments :)

A malicious email delivered a .cmd malware that escalates privileges, bypasses antivirus, downloads payloads, sets persistence, and self-deletes. I received this email from a friend to make an ana ...

Pierluigi Paganini April 05, 2026