Pierluigi Paganini
August 24, 2023
Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti ...
Pierluigi Paganini
August 24, 2023
The North Korea-linked Lazarus group exploits a critical flaw in Zoho ManageEngine ServiceDesk Plus to deliver the QuiteRAT malware. The North Korea-linked APT group Lazarus has been exploiting a ...
Pierluigi Paganini
August 24, 2023
An 18-year-old member of the Lapsus$ gang has been convicted of having helped hack multiple high-profile companies. A teenage member of the Lapsus$ data extortion group, Arion Kurtaj (18), was co ...
Pierluigi Paganini
August 24, 2023
Researchers warn that more than 3,000 unpatched Openfire servers are exposed to attacks using an exploit for a recent flaw. Vulncheck researchers discovered more than 3,000 Openfire servers vulner ...
October 31, 2025
November 05, 2025
November 06, 2025
November 07, 2025
November 06, 2025
An Italian political adviser was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity. Italian political adviser Francesco Nicodem ...
Pierluigi Paganini
November 08, 2025
A now-patched Samsung Galaxy flaw, tracked as CVE-2025-21042, was exploited as a zero-day to deploy LANDFALL spyware in targeted attacks in Middle East. Samsung patched a flaw exploited as a zero- ...
Pierluigi Paganini
November 07, 2025
Cisco patched a critical flaw in its Unified Contact Center Express (UCCX) software that allowed attackers to execute commands with root privileges. Cisco released security updates to address a cr ...
Pierluigi Paganini
November 07, 2025
Cisco warns of a new attack variant exploiting CVE-2025-20333 and CVE-2025-20362 in Secure Firewall ASA and FTD devices. Cisco warned of a new attack variant targeting vulnerable Secure Firewall A ...
Pierluigi Paganini
November 06, 2025
Google warns malware now uses AI to mutate, adapt, and collect data during execution, boosting evasion and persistence. Google’s Threat Intelligence Group (GTIG) warn of a new generation of malw ...
Pierluigi Paganini
November 06, 2025
Curly COMrades threat actors exploit Windows Hyper-V to hide Linux VMs, evade EDR tools, and deploy custom malware undetected. Bitdefender researchers, aided by Georgia’s CERT, uncovered that Cu ...
Pierluigi Paganini
November 06, 2025
Cybersecurity firm SonicWall attributed the September security breach exposing firewall configuration files to state-sponsored hackers. In September, SonicWall urged customers to reset credentials ...
Pierluigi Paganini
November 05, 2025
U.S. sanctions North Korea bankers and firms accused of laundering cybercrime funds used to finance the country’s nuclear weapons program. The U.S. Government has imposed sanctions on several No ...
Pierluigi Paganini
November 05, 2025
U.S. prosecutors charged three Florida men for using BlackCat ransomware to hack and extort five U.S. companies in 2023. U.S. prosecutors charged Ryan Clifford Goldberg, Kevin Tyler Martin, and an ...
Pierluigi Paganini
November 05, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and I ...
Pierluigi Paganini
November 05, 2025
A coordinated Eurojust-led operation led to nine arrests in Cyprus, Spain, and Germany for laundering €600M in crypto fraud. Authorities in France, Belgium, and Cyprus arrested nine people in a ...
Pierluigi Paganini
November 05, 2025
Google’s November 2025 Android update fixes two flaws in the System component, including a critical remote code execution issue. Google’s November 2025 Android security updates addressed two v ...
Pierluigi Paganini
November 04, 2025
Microsoft found a new backdoor, SesameOp, using the OpenAI Assistants API for stealthy command-and-control in hacked systems. Microsoft uncovered a new backdoor, named SesameOp, that abuses the Op ...
Pierluigi Paganini
November 04, 2025
Google’s AI agent, Big Sleep, helped Apple discover five WebKit flaws in Safari that could lead to browser crashes or memory corruption. Google’s AI agent Big Sleep helped Apple discover five ...
Pierluigi Paganini
November 04, 2025
Hackers target trucking firms with RMM tools to steal freight, teaming with organized crime to loot goods, mainly food and beverages. Cybercriminals are targeting trucking and logistics firms with ...
Pierluigi Paganini
November 04, 2025
Ukrainian Yuriy Rybtsov, aka MrICQ, a suspected Jabber Zeus developer, was extradited from Italy to the US to face cybercrime charges. Ukrainian national Yuriy Igorevich Rybtsov (41), aka MrICQ, a ...
Pierluigi Paganini
November 03, 2025
Google released Chrome 142, fixing 20 flaws, including two high-severity V8 bugs, and awarded $100,000 in bug bounties. Google addressed 20 flaws in Chrome version 142, including high-severity bug ...
Pierluigi Paganini
November 03, 2025
Zimperium zLabs found 760+ Android apps abusing NFC and HCE to steal payment data, showing a surge in NFC relay fraud since April 2024. Zimperium zLabs researchers spotted over 760 Android apps ab ...
Pierluigi Paganini
November 03, 2025
Conduent January 2025 breach exposed personal data of 10M+ people, including names, addresses, DOBs, SSNs, and health and insurance info. Conduent January 2025 breach exposed the personal data of ...
Pierluigi Paganini
November 03, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Agenda Ransomware Deploys Linux Variant ...
Pierluigi Paganini
November 02, 2025
