Pierluigi Paganini
December 29, 2015
Adobe has released security patches for Adobe Flash Player to fix critical vulnerabilities that could be exploited to take control of the affected system. Adobe released an emergency patch for Flash ...
Pierluigi Paganini
December 29, 2015
China passed it first controversial Anti-Terrorism law that requires technology firms to help decrypt information and much more. China Passes its first Anti-Terrorism law that will have a serious imp ...
Pierluigi Paganini
December 28, 2015
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs FBI investigates on Juniper hack, is it a nation-state attack? Phone House � ...
Pierluigi Paganini
December 28, 2015
The security expert Chris Vickery has discovered a misconfigured archive exposes the personal details of 191 million U.S. voters. A misconfigured database is the root cause of the exposure of aro ...
December 18, 2025
December 28, 2025
GreyNoise observed thousands of attacks targeting about a dozen Adobe ColdFusion vulnerabilities during the Christmas 2025 holiday. GreyNoise reports a coordinated campaign exploiting about a doze ...
Pierluigi Paganini
January 03, 2026
Two U.S. cybersecurity professionals pleaded guilty to charges tied to their roles in BlackCat/Alphv ransomware attacks. The U.S. cybersecurity professionals Ryan Goldberg and Kevin Martin pleaded ...
Pierluigi Paganini
January 02, 2026
Covenant Health suffered a ransomware attack by the Qilin group in May 2025, compromising data of over 478,000 individuals. Covenant Health, Inc., based in Andover, Massachusetts, is a healthcare ...
Pierluigi Paganini
January 02, 2026
Researchers uncovered a phishing campaign abusing Google Cloud Application Integration to send emails posing as legitimate Google messages. Check Point researchers have revealed a phishing campaig ...
Pierluigi Paganini
January 02, 2026
IBM disclosed a critical API Connect flaw (CVE-2025-13915, CVSS 9.8) that allows remote access via an authentication bypass. IBM addressed a critical API Connect vulnerability, tracked as CVE-2025 ...
Pierluigi Paganini
January 02, 2026
Trust Wallet says a second Shai-Hulud supply-chain attack likely compromised its Chrome extension, leading to the theft of about $8.5M in crypto. Trust Wallet linked a second Shai-Hulud supply-cha ...
Pierluigi Paganini
January 01, 2026
RondoDox botnet exploits the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. CloudSEK researchers warn that the RondoDox botnet is e ...
Pierluigi Paganini
January 01, 2026
ESA confirmed a data breach after a hacker offered to sell stolen data, confirming that external science servers were compromised. The European Space Agency (ESA) disclosed a data breach after a t ...
Pierluigi Paganini
December 31, 2025
Singapore’s CSA warns of CVE-2025-52691, a critical SmarterMail flaw enabling unauthenticated remote code execution via arbitrary file upload. Singapore’s Cyber Security Agency of Singapore ( ...
Pierluigi Paganini
December 31, 2025
MongoBleed (CVE-2025-14847) lets attackers remotely leak memory from unpatched MongoDB servers using zlib compression, without authentication. A critical vulnerability, CVE-2025-14847 (MongoBleed) ...
Pierluigi Paganini
December 31, 2025
Coupang will spend about $1.17B to compensate 33.7 million users affected by a data breach, providing purchase vouchers to those impacted. Coupang announced it will spend about $1.17 billion to co ...
Pierluigi Paganini
December 30, 2025
China-linked APT Mustang Panda used a signed kernel-mode rootkit driver to load shellcode and deploy its ToneShell backdoor. China-linked APT Mustang Panda (aka Hive0154, HoneyMyte, Camaro Dragon ...
Pierluigi Paganini
December 30, 2025
A Lithuanian national was arrested for allegedly spreading KMSAuto malware that stole clipboard data and infected 2.8 million Windows and Office systems. A Lithuanian man (29) was arrested for all ...
Pierluigi Paganini
December 30, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a MongoDB Server flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (C ...
Pierluigi Paganini
December 30, 2025
A ransomware attack hit Romania’s Oltenia Energy Complex on December 26, knocking out IT systems at the country’s largest coal power producer. A ransomware attack disrupted Oltenia Energy Comp ...
Pierluigi Paganini
December 29, 2025
Korean Air employee discloses a data breach after a hack of its catering and duty-free supplier, KC&D, affecting thousands of staff. Korean Air suffered a data breach after its in-flight cater ...
Pierluigi Paganini
December 29, 2025
A recently disclosed MongoDB flaw (MongoBleed) is under active exploitation, with over 87,000 potentially vulnerable instances exposed worldwide. A newly disclosed MongoDB vulnerability, tracked a ...
Pierluigi Paganini
December 29, 2025
China-linked APT Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted cyber-espionage attacks in Türkiye, China, and India. Kaspersky researchers spotted the China-linked AP ...
Pierluigi Paganini
December 29, 2025
Hacker claims Condé Nast breach, leaking 2.3M WIRED subscriber records and threatening to expose up to 40M more from other brands. A hacker known as “Lovely” claims to have leaked personal da ...
Pierluigi Paganini
December 28, 2025
Stolen vault backups from the 2022 LastPass breach are still being cracked, allowing attackers to steal crypto as late as 2025. The blockchain intelligence firm TRM Labs warns that encrypted vault ...
Pierluigi Paganini
December 28, 2025
