MUST READ

LummaStealer activity spikes post-law enforcement disruption

 | 

Apple fixed first actively exploited zero-day in 2026

 | 

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

 | 

Volvo Group hit in massive Conduent data breach

 | 

Reynolds ransomware uses BYOVD to disable security before encryption

 | 

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

 | 

U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

 | 

ZeroDayRAT spyware grants attackers total access to mobile devices

 | 

Senegal shuts National ID office after ransomware attack

 | 

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

 | 

China-linked APT UNC3886 targets Singapore telcos

 | 

Critical Fortinet FortiClientEMS flaw allows remote code execution

 | 

BeyondTrust fixes critical pre-auth bug allowing remote code execution

 | 

European Commission probes cyberattack on mobile device management system

 | 

Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

 | 

Romania’s national oil pipeline firm Conpet reports cyberattack

 | 

Flickr moves to contain data exposure, warns users of phishing

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83

 | 

Security Affairs newsletter Round 562 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

LATEST NEWS

VIEW ALL
Breaking News
Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION
Pierluigi Paganini March 10, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Hacking
Threat actors breached two crucial systems of the US CISA
Pierluigi Paganini March 09, 2024

Threat actors hacked the systems of the Cybersecurity and Infrastructure Security Agency (CISA) by exploiting Ivanti flaws. The US Cybersecurity and Infrastructure Security Agency (CISA) agency wa ...

Security
CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog
Pierluigi Paganini March 09, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a JetBrains TeamCity vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ...

Hacking
Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices
Pierluigi Paganini March 09, 2024

Researchers warn that the critical vulnerability CVE-2024-21762 in Fortinet FortiOS could potentially impact 150,000 exposed devices. In February, Fortinet warned that the critical remot ...

top articles

Nike is investigating a possible data breach, after WorldLeaks claims
January 25, 2026
MoltBot Skills exploited to distribute 400+ malware packages in days
February 02, 2026
Hackers exploit unsecured MongoDB instances to wipe data and demand ransom
February 02, 2026
DOJ releases details alleged talented hacker working for Jeffrey Epstein
January 31, 2026
Flickr moves to contain data exposure, warns users of phishing
February 09, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Uncategorized

LummaStealer activity spikes post-law enforcement disruption

February 12, 2026

Security
Apple fixed first actively exploited zero-day in 2026

February 12, 2026

Uncategorized
Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

February 12, 2026

Security
Volvo Group hit in massive Conduent data breach

February 11, 2026

Security
Reynolds ransomware uses BYOVD to disable security before encryption

February 11, 2026

recent articles

Uncategorized
LummaStealer activity spikes post-law enforcement disruption

Bitdefender reports a surge in LummaStealer activity, showing the MaaS infostealer rebounded after 2025 law enforcement disruption. Bitdefender observed renewed LummaStealer activity, proving the ...

Pierluigi Paganini February 12, 2026
Security
Apple fixed first actively exploited zero-day in 2026

Apple fixed an exploited zero-day in iOS, macOS, and other devices that allowed attackers to run code via a memory flaw. Apple released updates for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS ...

Pierluigi Paganini February 12, 2026
Uncategorized
Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely. Ivanti released patches for more than a dozen vulnerabiliti ...

Pierluigi Paganini February 12, 2026
Security
Volvo Group hit in massive Conduent data breach

A Conduent breach exposed data of nearly 17,000 Volvo Group North America employees as the total impact rises to 25 million people. A data breach at business services provider Conduent has impacte ...

Pierluigi Paganini February 11, 2026
Security
Reynolds ransomware uses BYOVD to disable security before encryption

Researchers discovered Reynolds ransomware, which uses BYOVD technique to disable security tools and evade detection before encryption. Researchers found a new ransomware, named Reynolds, that imp ...

Pierluigi Paganini February 11, 2026
Malware
SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

A new Linux botnet, SSHStalker, has infected about 7,000 systems using old 2009-era exploits, IRC bots, and mass-scanning malware. Flare researchers uncovered a previously undocumented Linux botne ...

Pierluigi Paganini February 11, 2026
Security
U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruc ...

Pierluigi Paganini February 11, 2026
Uncategorized
Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for February 2026 fix 58 new security flaws ...

Pierluigi Paganini February 10, 2026
Malware
ZeroDayRAT spyware grants attackers total access to mobile devices

ZeroDayRAT is a commercial mobile spyware that grants full remote access to Android and iOS devices for spying and data theft. ZeroDayRAT is a newly discovered commercial mobile spyware toolkit th ...

Pierluigi Paganini February 10, 2026
Data Breach
Senegal shuts National ID office after ransomware attack

Senegal closed its national ID card office after a ransomware cyberattack disrupted ID, passport, and biometric services. Senegal confirmed a cyberattack on the Directorate of File Automation, the ...

Pierluigi Paganini February 10, 2026
Security
Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

Dutch agencies confirmed attacks exploiting Ivanti EPMM flaws that exposed employee contact data at the data protection authority and courts. Dutch authorities said cyberattacks hit the Dutch Data ...

Pierluigi Paganini February 10, 2026
APT
China-linked APT UNC3886 targets Singapore telcos

China-linked group UNC3886 targeted Singapore ’s telecom sector in a cyber espionage campaign, Singapore’s Cyber Security Agency revealed. Cyber Security Agency of Singapore (CSA) and the Info ...

Pierluigi Paganini February 10, 2026
Security
Critical Fortinet FortiClientEMS flaw allows remote code execution

Fortinet warns of a critical FortiClientEMS vulnerability that lets remote attackers run malicious code without logging in. Fortinet issued an urgent advisory to address a critical FortiClientEMS ...

Pierluigi Paganini February 09, 2026
Security
BeyondTrust fixes critical pre-auth bug allowing remote code execution

BeyondTrust patched a critical pre-auth flaw in Remote Support and PRA that could let attackers execute code remotely. BeyondTrust released security updates to address a critical flaw, tracked as ...

Pierluigi Paganini February 09, 2026
Data Breach
European Commission probes cyberattack on mobile device management system

The European Commission is investigating a cyberattack after detecting signs that its mobile device management system was compromised. The European Commission is investigating a cyberattack on its ...

Pierluigi Paganini February 09, 2026
Security
Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

Huntress confirmed active SolarWinds Web Help Desk exploits, where attackers installed Zoho tools for persistence, and used Velociraptor for control. On February 7, 2026, Huntress investigated an ...

Pierluigi Paganini February 09, 2026
Cyber Crime
Romania’s national oil pipeline firm Conpet reports cyberattack

Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and ...

Pierluigi Paganini February 09, 2026
Data Breach
Flickr moves to contain data exposure, warns users of phishing

Flickr says a flaw at a third-party email provider may have exposed users’ names, email addresses, IPs, and account activity. Flickr is a photo-sharing platform owned by SmugMug. It has over 100 ...

Pierluigi Paganini February 09, 2026
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills F ...

Pierluigi Paganini February 08, 2026
Security
Security Affairs newsletter Round 562 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini February 08, 2026