LATEST NEWS

VIEW ALL
Unsigned apps can dump the full OS keychain, including your plaintext passwords
Pierluigi Paganini September 26, 2017

Hackers can steal macOS keychain passwords using unsigned applications, it works on the latest version of macOS, High Sierra 10.13, and previous releases. The cyber security expert Patrick Wardle, d ...

Even More Evidence That Russian Was Meddling in the 2016 US Election
Pierluigi Paganini September 26, 2017

Evidence that Russian hackers attempted to interfere with the 2016 US Election continues to pile up, DHS notified states whose systems were hit by APTs. Evidence that Russia attempted to interfere w ...

Oracle releases security patches for Apache Struts CVE-2017-9805 Flaw exploited in the wild
Pierluigi Paganini September 26, 2017

Oracle fixed several issues in the Apache Struts 2 framework including the flaw CVE-2017-9805 that has been exploited in the wild for the past few weeks. Oracle has released patches for vulnerabili ...

Deloitte targeted by a cyber attack that exposed clients’ secret emails
Pierluigi Paganini September 25, 2017

The accountancy firm Deloitte announced it is has been targeted by a sophisticated hack that compromised its global email server. Today the accountancy firm giant Deloitte revealed that is has ...

recent articles

Security
Patch Tuesday security updates for July 2026, the largest update ever. 621 CVEs in one month

Patch Tuesday: Microsoft fixes a record 621 CVEs, including 2 exploited zero-days and critical flaws affecting SharePoint, RDP, Hyper-V, and AD FS. Microsoft's July 2026 Patch Tuesday is, by a sig ...

Pierluigi Paganini July 14, 2026
Security
U.S. Treasury Sanctions VPN Provider and Cryptor Seller Behind Billions in Ransomware Losses

U.S. sanctions hit VPN provider 1VPNS and a cryptor seller for enabling ransomware gangs behind billions in losses to critical infrastructure. The U.S. Treasury's Office of Foreign Assets Control ...

Pierluigi Paganini July 14, 2026
Hacking
Attacker Used AI to Build Custom PowerShell Recon Malware

Huntress found an AI-generated PowerShell script used for AD reconnaissance, showing attackers are using AI to create custom, evasive tools. During an incident response investigation on June 3, 20 ...

Pierluigi Paganini July 14, 2026
Cyber Crime
Malware Hits Japan's Largest Taxi Company Nihon Kotsu, Services Temporarily Suspended

Japan's largest taxi operator Nihon Kotsu shut down systems after a malware attack, disrupting dispatch and bookings. Nihon Kotsu, Japan's largest taxi company, disclosed on July 13, 2026 that it ...

Pierluigi Paganini July 14, 2026
Malware
CrashStealer: New macOS Infostealer Uses Signed Apps to Evade Gatekeeper

New macOS infostealer CrashStealer uses a signed app to bypass Gatekeeper, steals credentials and wallets, then AES-encrypts stolen data. Jamf Threat Labs first spotted CrashStealer in early May 2 ...

Pierluigi Paganini July 14, 2026
Data Breach
Lidl Notified Online Shop Customers in Germany, Belgium, and the Netherlands of a Data Breach

Lidl disclosed a third-party data breach affecting online shop customers in Germany, Belgium, and the Netherlands. Payment data was not exposed. Lidl contacted customers of its online shop in Germ ...

Pierluigi Paganini July 13, 2026
Security
U.S. CISA adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)� ...

Pierluigi Paganini July 13, 2026
Intelligence
EU Targets FSB-Linked Hackers in New Sanctions Over Cyber Sabotage

EU sanctions target nine people and four entities tied to Russia's FSB over a 15-year cyberespionage and critical infrastructure sabotage campaign. The European Union imposed sanctions on Monday t ...

Pierluigi Paganini July 13, 2026
Cyber Crime
Dutch Nationals Suspected in Odido Hack That Exposed Six Million Customers

Dutch police suspect local hackers behind the Odido breach that exposed 6M customers after a phishing attack and seek public help identifying them. Dutch police have identified strong indications ...

Pierluigi Paganini July 13, 2026
Security
Australia Alerts Organizations to Ongoing CMS Exploitation Attacks

Australia warns of a global campaign exploiting CMS flaws to deploy webshells on WordPress, Joomla, and other websites. Australia's Signals Directorate has issued an alert about a large-scale expl ...

Pierluigi Paganini July 13, 2026
Uncategorized
Ryuk Ransomware Member Pleads Guilty Over Attacks on U.S. Organizations

An alleged Ryuk ransomware member pleaded guilty in the U.S. for helping deploy attacks on American companies and faces up to 15 years in prison. Armenian national Karen Serobovich Vardanyan (34) ...

Pierluigi Paganini July 12, 2026
Hacking
Progress Told ShareFile Customers to Pull the Plug on Their Servers. Here's What We Know.

Progress urged ShareFile Storage Zone customers to shut down internet-facing servers immediately over a credible security threat under investigation. Progress Software sent an urgent email to Shar ...

Pierluigi Paganini July 12, 2026
Breaking News
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 105

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Novel Java-Based QuimaRAT Targets Window ...

Pierluigi Paganini July 12, 2026
Breaking News
Security Affairs newsletter Round 585 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini July 12, 2026
Security
U.S. CISA adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...

Pierluigi Paganini July 11, 2026
Security
Critical U-Boot Bugs Undermine Secure Boot on Millions of Devices

Binarly found six U-Boot flaws, including two that enable code execution during boot image verification, impacting 50+ releases. Binarly's research team has found six vulnerabilities in U-Boot, th ...

Pierluigi Paganini July 11, 2026
Hacking
Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes

Zimbra addressed a critical stored XSS vulnerability in its Classic Web Client that lets malicious emails execute code when opened. Zimbra has released version 10.1.19 to fix a critical stored XSS ...

Pierluigi Paganini July 10, 2026
Cyber Crime
Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018

Ransomware remains above 1,400 attacks yearly since 2023. Qilin leads in 2026, while the U.S. remains the main target. Ransomnews has independently confirmed 9,291 ransomware attacks worldwide bet ...

Pierluigi Paganini July 10, 2026
Security
222 GitHub Repositories Linked to Fake Go Package Malware Operation

Researchers uncovered 222 GitHub repositories spreading malware through fake Go packages, delivering loaders, stealers, RATs, and cryptominers. Socket's security research team started with the inv ...

Pierluigi Paganini July 10, 2026
Cyber Crime
Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang

A former ransomware negotiator was sentenced to nearly six years for secretly helping BlackCat extort victims while betraying his clients. A U.S. court sentenced former ransomware negotiator Angel ...

Pierluigi Paganini July 10, 2026