Security Affairs

LATEST NEWS

VIEW ALL

Unsigned apps can dump the full OS keychain, including your plaintext passwords

Pierluigi Paganini September 26, 2017

Hackers can steal macOS keychain passwords using unsigned applications, it works on the latest version of macOS, High Sierra 10.13, and previous releases. The cyber security expert Patrick Wardle, d ...

APT

Even More Evidence That Russian Was Meddling in the 2016 US Election

Pierluigi Paganini September 26, 2017

Evidence that Russian hackers attempted to interfere with the 2016 US Election continues to pile up, DHS notified states whose systems were hit by APTs. Evidence that Russia attempted to interfere w ...

Security

Oracle releases security patches for Apache Struts CVE-2017-9805 Flaw exploited in the wild

Pierluigi Paganini September 26, 2017

Oracle fixed several issues in the Apache Struts 2 framework including the flaw CVE-2017-9805 that has been exploited in the wild for the past few weeks. Oracle has released patches for vulnerabili ...

Data Breach

Deloitte targeted by a cyber attack that exposed clients’ secret emails

Pierluigi Paganini September 25, 2017

The accountancy firm Deloitte announced it is has been targeted by a sophisticated hack that compromised its global email server. Today the accountancy firm giant Deloitte revealed that is has ...

1
2
3114
3115
3116
3117
3118
4536
4537
4538

recent articles

Security

A security flaw at DavaIndia Pharmacy allowed attackers to access customers' data and more

A security flaw at DavaIndia Pharmacy exposed customer data and gave outsiders full admin control of its systems. DavaIndia is a large Indian pharmacy retail chain focused on selling affordable ge ...

Pierluigi Paganini February 16, 2026

Data Breach

ShinyHunters leaked 600K+ Canada Goose customer records, but the firm denies it was breached

ShinyHunters leaked 600,000+ Canada Goose customer records, though the company insists its systems were not breached. Data extortion group ShinyHunters has published over 600,000 Canada Goose cust ...

Pierluigi Paganini February 16, 2026

Hacking

Microsoft alerts on DNS-based ClickFix variant delivering malware via nslookup

Microsoft warns of a new ClickFix variant that tricks users into running DNS commands to fetch malware via nslookup. Microsoft has revealed a new ClickFix variant that deceives users into running ...

Pierluigi Paganini February 16, 2026

Security

Google fixes first actively exploited Chrome zero-day of 2026

Google patched Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw actively exploited in the wild. Google has released urgent security updates to address a high-severity zero-da ...

Pierluigi Paganini February 16, 2026

APT

Malicious npm and PyPI packages linked to Lazarus APT fake recruiter campaign

Researchers found malicious npm and PyPI packages tied to a fake recruitment campaign linked to North Korea’s Lazarus Group. ReversingLabs researcher uncovered new malicious packages on npm and ...

Pierluigi Paganini February 15, 2026

Malware

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 84

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Stan Ghouls targeting Russia and Uzbekis ...

Pierluigi Paganini February 15, 2026

Security

Security Affairs newsletter Round 563 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini February 15, 2026

Data Breach

Fintech firm Figure disclosed data breach after employee phishing attack

Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an employee and steal a limited number of files. Blockchain-based lending firm Figure confirmed a data br ...

Pierluigi Paganini February 14, 2026

Breaking News

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Sec ...

Pierluigi Paganini February 14, 2026

Hacking

Suspected Russian hackers deploy CANFAIL malware against Ukraine

A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL malware. Google Threat Intelligence Group identified a previously undocumented threat ...

Pierluigi Paganini February 14, 2026

Artificial Intelligence

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial organizations, Cisco Talos reports. Cisco Talos spotted a previously unknown threat actor, trac ...

Pierluigi Paganini February 13, 2026

Uncategorized

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code execution. Threat actors rapidly began exploiting a newly patched BeyondTru ...

Pierluigi Paganini February 13, 2026

Artificial Intelligence

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations. Google DeepMind and GTIG report a rise in model extraction or “distillation” attacks a ...

Pierluigi Paganini February 13, 2026

Security

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities ...

Pierluigi Paganini February 13, 2026

Uncategorized

Odido confirms massive breach; 6.2 Million customers impacted

Hackers accessed data from 6.2 million Odido accounts, exposing names, contacts, bank details, and ID numbers. Subsidiary Ben also warned customers. Hackers broke into Dutch telecom firm Odido and ...

Pierluigi Paganini February 12, 2026

Data Breach

ApolloMD data breach impacts 626,540 people

A May 2025 cyberattack on ApolloMD exposed the personal data of over 626,000 patients linked to affiliated physicians and practices. ApolloMD is a US-based healthcare services company that partner ...

Pierluigi Paganini February 12, 2026

Uncategorized

LummaStealer activity spikes post-law enforcement disruption

Bitdefender reports a surge in LummaStealer activity, showing the MaaS infostealer rebounded after 2025 law enforcement disruption. Bitdefender observed renewed LummaStealer activity, proving the ...

Pierluigi Paganini February 12, 2026

Security

Apple fixed first actively exploited zero-day in 2026

Apple fixed an exploited zero-day in iOS, macOS, and other devices that allowed attackers to run code via a memory flaw. Apple released updates for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS ...

Pierluigi Paganini February 12, 2026

Uncategorized

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely. Ivanti released patches for more than a dozen vulnerabiliti ...

Pierluigi Paganini February 12, 2026

Security

Volvo Group hit in massive Conduent data breach

A Conduent breach exposed data of nearly 17,000 Volvo Group North America employees as the total impact rises to 25 million people. A data breach at business services provider Conduent has impacte ...

Pierluigi Paganini February 11, 2026

LATEST NEWS

top articles

newsletter

Subscribe to my email list and stay up-to-date!

most popular

recent articles

Subscribe to my email list and stay
up-to-date!