Pierluigi Paganini
April 22, 2024
Russia-linked APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit Windows Print Spooler service flaw. Microsoft reported that the Russia-linked APT28 group (aka “Forest Blizz ...
Pierluigi Paganini
April 22, 2024
A financially motivated group named GhostR claims the theft of a sensitive database from World-Check and threatens to publish it. World-Check is a global database utilized by various organizations ...
Pierluigi Paganini
April 22, 2024
Researcher demonstrated how to exploit vulnerabilities in the Windows DOS-to-NT path conversion process to achieve rootkit-like capabilities. SafeBreach researcher Or Yair devised a technique, exp ...
Pierluigi Paganini
April 22, 2024
Japan's CERT warns of a vulnerability in the Forminator WordPress plugin that allows unrestricted file uploads to the server. Japan's CERT warned that the WordPress plugin Forminator, developed b ...
September 11, 2025
September 13, 2025
September 14, 2025
September 17, 2025
September 18, 2025
September 19, 2025
September 18, 2025
A cyberattack on Collins Aerospace disrupted operations at major European airports, with Heathrow, Brussels, and Berlin most affected. A cyber attack on Collins Aerospace disrupted check-in and b ...
Pierluigi Paganini
September 20, 2025
Fortra addressed a critical flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands. Fortra addressed a critical vulnerability, tracked as ...
Pierluigi Paganini
September 19, 2025
U.K. police arrested two teens from the Scattered Spider group for their role in the August 2024 cyberattack on Transport for London. U.K. law enforcement authorities arrested two teenagers who ar ...
Pierluigi Paganini
September 19, 2025
Radware discovered a server-side data theft attack, dubbed ShadowLeak, targeting ChatGPT. OpenAI patched the zero-click vulnerability. Researchers at Radware uncovered a server-side data theft att ...
Pierluigi Paganini
September 18, 2025
SonicWall urges users to reset credentials after MySonicWall backups were exposed; the company locked out the threat actors and notified authorities. SonicWall urged customers to reset credentials ...
Pierluigi Paganini
September 18, 2025
Google addressed four vulnerabilities affecting its Chrome web browser, including one that has been exploited in the wild. Google released security updates to address four vulnerabilities in the C ...
Pierluigi Paganini
September 18, 2025
Jaguar Land Rover will keep vehicle production halted until at least September 24 following a cyberattack that hit the company earlier this month. Jaguar Land Rover will extend its production halt ...
Pierluigi Paganini
September 18, 2025
China-linked group APT41 impersonated a U.S. lawmaker in phishing attacks on government, think tanks, and academics tied to US-China trade and policy. Proofpoint observed China-linked cyber espion ...
Pierluigi Paganini
September 17, 2025
Microsoft and Cloudflare disrupted the RaccoonO365 phishing service, used to steal thousands of user credentials. A joint operation conducted by Microsoft and Cloudflare has taken down the infrast ...
Pierluigi Paganini
September 17, 2025
The U.S. Department of Justice (DoJ) resentenced the former administrator of the popular BreachForums hacking forum BreachForums to three years in prison. The U.S. DoJ resentenced the former Breac ...
Pierluigi Paganini
September 17, 2025
Apple announced it has backported patches for a recently addressed actively exploited vulnerability tracked as CVE-2025-43300. Apple has backported security patches released to address an actively ...
Pierluigi Paganini
September 17, 2025
Researchers uncovered a new supply chain attack targeting the npm registry that impacted over 40 packages belonging to multiple maintainers. Security researchers at Socket uncovered a malicious u ...
Pierluigi Paganini
September 16, 2025
Google found threat actors created a fake account in its Law Enforcement Request System (LERS) and shut it down. Google confirmed that threat actors gained access to its Law Enforcement Request Sy ...
Pierluigi Paganini
September 16, 2025
China-linked APT group Mustang Panda has been spotted using a new USB worm called SnakeDisk along with a new version of known malware China-linked APT group Mustang Panda (aka Hive0154, Camaro D ...
Pierluigi Paganini
September 16, 2025
An ex-employee caused an insider breach at FinWise Bank, exposing data of 689,000 American First Finance customers. FinWise Bank is a Utah-based community bank, FDIC-insured, that partners with fi ...
Pierluigi Paganini
September 16, 2025
Crooks stole personal data of millions of Gucci, Balenciaga, and Alexander McQueen customers: parent firm Kering confirmed the breach. Hackers stole private data of millions of Gucci, Balenciaga, ...
Pierluigi Paganini
September 15, 2025
Fairmont Federal Credit Union alerts 187K people that a 2023 breach exposed personal, financial, and medical data. Fairmont Federal Credit Union (FFCU) is a not-for-profit financial cooperative in ...
Pierluigi Paganini
September 15, 2025
UK ICO reports students caused over half of school data breaches, showing kids are shaping cybersecurity in unexpected ways. The UK Information Commissioner’s Office (ICO), students were respons ...
Pierluigi Paganini
September 15, 2025
Panama’s Ministry of Economy and Finance disclosed a security breach impacting a computer in its infrastructure. Panama’s Ministry of Economy and Finance (MEF) announced that threat actors lik ...
Pierluigi Paganini
September 15, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter npm debug and chalk packages compromised ...
Pierluigi Paganini
September 14, 2025
