Pierluigi Paganini
August 25, 2022
Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered a post-compromise malware, trac ...
Pierluigi Paganini
August 25, 2022
GAIROSCOPE: An Israeli researcher demonstrated how to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes. The popular researcher Mordechai Guri from the Ben-G ...
Pierluigi Paganini
August 25, 2022
Threat actors are using the Tox peer-to-peer instant messaging service as a command-and-control server, Uptycs researchers reported. Tox is a peer-to-peer serverless instant messaging services th ...
Pierluigi Paganini
August 24, 2022
The streaming media platform Plex is urging its users to reset passwords after threat actors gained access to its database. Plex is an American streaming media service and a client–server m ...
December 17, 2025
December 17, 2025
December 18, 2025
December 21, 2025
December 21, 2025
December 20, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter CyberVolk | A Deep Dive into the Hacktiv ...
Pierluigi Paganini
December 21, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
December 21, 2025
The Kimwolf Android botnet has infected 1.8M+ devices, launching massive DDoS attacks and boosting its C&C domain, says XLab. Kimwolf is a newly discovered Android botnet linked to the Aisuru ...
Pierluigi Paganini
December 21, 2025
The U.S. Department of Justice has indicted 54 individuals over a multi-million-dollar ATM jackpotting fraud scheme. U.S. DoJ indicted 54 people for a nationwide ATM jackpotting scheme that stole ...
Pierluigi Paganini
December 20, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a WatchGuard Fireware OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security A ...
Pierluigi Paganini
December 20, 2025
Denmark has blamed Russia for a destructive cyberattack on a water utility, calling it part of Moscow’s hybrid campaign against Western critical infrastructure. Denmark has accused Russia of orc ...
Pierluigi Paganini
December 20, 2025
The Clop ransomware group is targeting Gladinet CentreStack file servers in a new large-scale extortion campaign. The Clop ransomware group is targeting Gladinet CentreStack file servers in a new ...
Pierluigi Paganini
December 19, 2025
A new UEFI flaw exposes some ASRock, ASUS, GIGABYTE, and MSI motherboards to early-boot DMA attacks, bypassing IOMMU protections. Researchers warn of a new UEFI vulnerability that affects select A ...
Pierluigi Paganini
December 19, 2025
Cisco disclosed a critical zero-day (CVE-2025-20393) in Secure Email Gateway and Secure Email and Web Manager, actively exploited by a China-linked group. Cisco disclosed a critical zero-day, trac ...
Pierluigi Paganini
December 19, 2025
Hewlett Packard Enterprise (HPE) fixed a critical OneView flaw that could allow attackers to achieve remote code execution. Hewlett Packard Enterprise (HPE) addressed a maximum-severity security v ...
Pierluigi Paganini
December 18, 2025
Resecurity reports a Q4 2025 surge in criminal use of DIG AI on Tor, enabling scalable illicit activity and posing new risks ahead of major 2026 events. During Q4 2025, Resecurity observed a notab ...
Pierluigi Paganini
December 18, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...
Pierluigi Paganini
December 18, 2025
Attackers abuse WhatsApp’s device-linking feature to hijack accounts via pairing codes in the GhostPairing campaign. Attackers are exploiting WhatsApp’s device-linking feature to hijack accoun ...
Pierluigi Paganini
December 18, 2025
SonicWall warned users to patch a SMA1000 AMC flaw that was exploited as a zero-day privilege escalation vulnerability in attacks. SonicWall urged customers to address a vulnerability, tracked as ...
Pierluigi Paganini
December 17, 2025
French prosecutors probe a suspected cyberattack on GNV ferry Fantastic, raising concerns of a possible remote hijack. French prosecutors are investigating a suspected cyberattack on the GNV ferry ...
Pierluigi Paganini
December 17, 2025
Askul disclosed that an October RansomHouse ransomware attack compromised over 700,000 records at the Japanese e-commerce and logistics firm. Askul is a Japanese e-commerce and logistics company b ...
Pierluigi Paganini
December 17, 2025
Amazon disclosed a years-long Russian state-backed cyber campaign targeting Western critical infrastructure from 2021 to 2025. Amazon Threat Intelligence reports a long-running Russian state-backe ...
Pierluigi Paganini
December 17, 2025
U.S. CISA adds a vulnerability impacting multiple products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet Multipl ...
Pierluigi Paganini
December 17, 2025
A cyber attack hit Petróleos de Venezuela (PDVSA), Venezuela's state-owned oil company, over the weekend, disrupting its export operations. Venezuela’s state oil company PDVSA was hit by a cybe ...
Pierluigi Paganini
December 16, 2025
Threat actors are exploiting two critical Fortinet flaws, tracked as CVE-2025-59718 and CVE-2025-59719, days after patch release, impacting multiple Fortinet products. Threat actors started exploi ...
Pierluigi Paganini
December 16, 2025
