Pierluigi Paganini
September 11, 2025
Researchers warn that Akira ransomware group is exploiting a year-old SonicWall firewall flaw, likely using three attack vectors for initial access. The Akira ransomware group is exploiting a year ...
Pierluigi Paganini
September 11, 2025
Google addressed a critical use-after-free vulnerability in its Chrome browser that could potentially lead to code execution. A researcher earned $43000 from Google for reporting a critical Chrome ...
Pierluigi Paganini
September 11, 2025
Kosovo man Liridon Masurica pleaded guilty to running the cybercrime marketplace BlackDB. He was arrested in 2024. Kosovo citizen Liridon Masurica (33) of Gjilan, aka @blackdb, pleaded guilty to r ...
Pierluigi Paganini
September 11, 2025
Hackers exploit ConnectWise ScreenConnect to drop AsyncRAT via scripted loaders, stealing data and persisting with a fake Skype updater. LevelBlue researchers warn of a campaign abusing ConnectWi ...
April 23, 2026
Police arrested the alleged admin of XSS.is, a major cybercrime forum whose trusted escrow service helped power the underground economy. On 22 July 2025, French and Ukrainian police arrested a 38- ...
Pierluigi Paganini
June 30, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a SimpleHelp flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ( ...
Pierluigi Paganini
June 30, 2026
Hackers stole data from 4.38 million Aflac Japan customers after accessing its systems for 10 days before the breach was detected. Aflac Japan disclosed that hackers stole the personal information ...
Pierluigi Paganini
June 30, 2026
Apple released updates for iOS, iPadOS, macOS, and Safari, fixing WebKit flaws, four of which were found using AI tools like Claude and Codex Apple pushed out security updates for iOS, iPadOS, mac ...
Pierluigi Paganini
June 30, 2026
Attackers are exploiting a critical flaw in Oracle E-Business Suite, CVE-2026-46817, that allows remote, unauthenticated attackers to take over Oracle Payments. A critical vulnerability in Oracle ...
Pierluigi Paganini
June 30, 2026
WhatsApp will introduce usernames later this year, letting its 3 billion users connect without sharing phone numbers. WhatsApp has over three billion users, and it's finally letting them talk to e ...
Pierluigi Paganini
June 29, 2026
The U.S. offers up to $10M for information on Russian hackers targeting Signal and WhatsApp accounts of officials and journalists. The U.S. government is offering rewards of up to $10 million for ...
Pierluigi Paganini
June 29, 2026
Microsoft shut down the StegoAd campaign, which used 119 malicious Edge extensions, hit 2.6M installs, and ran undetected for two years. Microsoft just shut down one of the more technically clever ...
Pierluigi Paganini
June 29, 2026
Ukraine's SSU and the FBI Just Confirmed Russian Intelligence Has Been Systematically Hacking Messenger Accounts for Years. The Security Service of Ukraine (SSU), working jointly with the FBI, has ...
Pierluigi Paganini
June 29, 2026
KDDI Corporation disclosed a breach affecting up to 14.2 million email accounts after attackers exploited a vulnerability in third-party software. KDDI Corporation disclosed a data breach that exp ...
Pierluigi Paganini
June 28, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter More Than 4,000 Legacy Routers Compromis ...
Pierluigi Paganini
June 28, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
June 28, 2026
FBI warns Russian spies now target Signal Backup Recovery Keys, enabling access to message history and long-term account takeover. The FBI and CISA updated their March 2026 warning about Russian i ...
Pierluigi Paganini
June 27, 2026
Microsoft warns of a phishing campaign targeting the hospitality sector with fake guest emails that install TonRAT using resilient persistence. Microsoft Threat Intelligence published a detailed a ...
Pierluigi Paganini
June 27, 2026
DirtyClone: a Linux kernel privilege escalation that silently rewrites executables in memory, leaving no disk trace. Patch now. JFrog Security Research published a working exploit walkthrough on J ...
Pierluigi Paganini
June 27, 2026
Chinese-speaking APT CL-STA-1062 targeted Southeast Asian government and energy networks open-source tools, and a new TinyRCT backdoor. Palo Alto Networks Unit 42 researchers published a detailed ...
Pierluigi Paganini
June 26, 2026
Russian authorities used Cellebrite tools to unlock an activist’s iPhone and analyze private data despite canceled support, raising abuse concerns. On May 31, 2021, Russian security services pul ...
Pierluigi Paganini
June 26, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructur ...
Pierluigi Paganini
June 26, 2026
Polymarket confirmed hackers stole funds from some users after attackers injected malicious code through a compromised third-party vendor. Polymarket confirmed that a security breach at a third-pa ...
Pierluigi Paganini
June 26, 2026
macOS.Gaslight: DPRK Rust implant for Mac with a prompt injection payload designed to fool AI-based malware analysts. SentinelLabs researchers spotted a Rust-based macOS implant, dubbed macOS.Gasl ...
Pierluigi Paganini
June 26, 2026
