Pierluigi Paganini
January 12, 2023
Security loopholes on social marketplace website trustanduse.com exposed data of around 439,000 users including many businesses for at least six months. Disclosing personal data on platforms provi ...
Pierluigi Paganini
January 11, 2023
Royal Mail, Britain’s postal service, announced it has suffered a “cyber incident” that caused a "severe service disruption.” Royal Mail, the British multinational postal service and c ...
Pierluigi Paganini
January 11, 2023
Threat actors are targeting organizations in the Australian healthcare sector with the Gootkit malware loader. Trend Micro researchers warn that Gootkit Loader is actively targeting the Australian ...
Pierluigi Paganini
January 11, 2023
US CISA added Microsoft Exchange elevation of privileges bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ...
November 26, 2025
November 01, 2019
December 04, 2025
December 06, 2025
A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516 carries a maximum CVSS rating of 10.0 because it ...
Pierluigi Paganini
December 06, 2025
Array Networks AG gateways have been under active exploitation since August 2025 due to a command injection flaw, JPCERT/CC warns. A command injection flaw in Array Networks AG Series gateways, af ...
Pierluigi Paganini
December 05, 2025
CISA details BRICKSTORM, a China-linked backdoor used by China-linked APTs to secure long-term persistence on compromised systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ...
Pierluigi Paganini
December 05, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a new OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agen ...
Pierluigi Paganini
December 04, 2025
Hackers breached fintech firm Marquis, stealing personal and financial data, the security breach impacted over 780,000 people. Hackers breached fintech firm Marquis and stole personal and financia ...
Pierluigi Paganini
December 04, 2025
ASUS confirms a third-party breach after Everest leaks sample data. Hackers also claim ArcSoft and Qualcomm. ASUS says a third-party breach exposed data after Everest ransomware leaked samples, cl ...
Pierluigi Paganini
December 04, 2025
Cloudflare blocked a record 29.7 Tbps DDoS attack from the AISURU botnet. The 69-second attack set a new high, though the target remains undisclosed. Cloudflare stopped a record 29.7 Tbps DDoS att ...
Pierluigi Paganini
December 04, 2025
Hackers are exploiting a King Addons flaw (CVE-2025-8489) that lets anyone register and instantly gain admin privileges on WordPress sites. Hackers are exploiting a critical vulnerability, tracked ...
Pierluigi Paganini
December 03, 2025
The University of Pennsylvania and the University of Phoenix confirm they were hit in the Oracle E-Business Suite hacking campaign. The University of Pennsylvania (Penn) and the University of Phoe ...
Pierluigi Paganini
December 03, 2025
Researchers exposed a Lazarus scheme using remote IT workers tied to North Korea’s Famous Chollima APT group in a joint investigation. Researchers filmed Lazarus APT group’s remote-worker sche ...
Pierluigi Paganini
December 03, 2025
India ordered messaging apps to work only with active SIM cards linked to users’ phone numbers to curb fraud and misuse. India's Department of Telecommunications (DoT) now requires providers of ...
Pierluigi Paganini
December 03, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Framework flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...
Pierluigi Paganini
December 02, 2025
Iran-linked threat actor MuddyWater targeted multiple Israeli sectors with a new MuddyViper backdoor in recent attacks. ESET researchers uncovered a new MuddyWater campaign targeting Israeli orga ...
Pierluigi Paganini
December 02, 2025
Coupang disclosed a five-month data breach that exposed the personal information of nearly 34 million South Korean customers. South Korean e-commerce giant disclosed a data breach affecting nearly ...
Pierluigi Paganini
December 02, 2025
Google’s latest Android security update fixes 107 flaws across multiple components, including two vulnerabilities actively exploited in the wild. Google’s new Android update patches 107 vulner ...
Pierluigi Paganini
December 02, 2025
Authorities seized $29M in Bitcoin after takedown of Cryptomixer, a service used to launder cybercrime proceeds. Europol announced the seizure of $29M in Bitcoin after shutting down Cryptomixer, a ...
Pierluigi Paganini
December 02, 2025
Australian Michael Clapsis got 7 years and 4 months in prison for Wi-Fi attacks at airports and on flights, stealing sensitive data. Australian man Michael Clapsis (44) was sentenced to 7 years an ...
Pierluigi Paganini
December 01, 2025
Albiriox is new Android MaaS malware enabling on-device fraud and real-time control. It targets 400+ banking, fintech, crypto, and payment apps. Albiriox is a new Android malware sold under a malw ...
Pierluigi Paganini
December 01, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...
Pierluigi Paganini
December 01, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Analysis of ShadowPad Attack Exploiting ...
Pierluigi Paganini
November 30, 2025
