Security Affairs - Page 1728 of 1831 - Read, think, share … Security is everyone's responsibility

LATEST NEWS

VIEW ALL

VPN leaks users’ IPs via WebRTC. I’ve tested seventy VPN providers and 16 of them leaks users’ IPs via WebRTC (23%)

Pierluigi Paganini March 28, 2018

Cyber security researcher Paolo Stagno (aka VoidSec) has tested seventy VPN providers and found 16 of them leaks users’ IPs via WebRTC (23%) You can check if your VPN leaks visiting: http://i ...

BranchScope is a new side-channel attack method against Intel chip

Pierluigi Paganini March 27, 2018

BranchScope is a new side-channel attack technique that like Meltdown and Spectre attacks can be exploited by an attacker to obtain sensitive information from vulnerable processors. A group ...

Grey Heron, the new Co in the surveillance industry that promises to spy on Signal and Telegram

Pierluigi Paganini March 27, 2018

Who is behind the newborn Grey Heron surveillance company? According to an investigation conducted by Motherboard, the firm is linked to the Italian surveillance firm Hacking Team. The de ...

Experts uncovered a watering hole attack on leading Hong Kong Telecom Site exploiting CVE-2018-4878 flaw

Pierluigi Paganini March 27, 2018

Researchers at Morphisec have uncovered a watering hole attack on leading Hong Kong Telecom website exploiting the CVE-2018-4878 flash vulnerability. Security experts at Morphisec have discovered ...

1
2
2966
2967
2968
2969
2970
4575
4576
4577

most popular

VIEW ALL

7,500+ Magento sites defaced in global hacking campaign

March 20, 2026

Navia data breach impacts nearly 2.7 Million people

March 20, 2026

Apple urges iPhone users to update as Coruna and DarkSword exploit kits emerge

March 20, 2026

Global law enforcement operation targets AISURU, Kimwolf, JackSkid botnet operators

March 20, 2026

French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure

March 20, 2026

recent articles

Hacking

7,500+ Magento sites defaced in global hacking campaign

Hackers defaced 7,500 Magento sites since Feb 27, uploading files across 15,000 hostnames, mostly opportunistic attacks. Since February 27, a large-scale campaign has defaced over 7,500 Magento si ...

Pierluigi Paganini March 20, 2026

Data Breach

Navia data breach impacts nearly 2.7 Million people

Navia Benefit Solutions data breach exposed 2.7M people after attackers accessed systems from December 2025 to January 2026. Navia Benefit Solutions disclosed a data breach affecting 2,697,540 ind ...

Pierluigi Paganini March 20, 2026

Security

Apple urges iPhone users to update as Coruna and DarkSword exploit kits emerge

Apple warns that outdated iPhones are vulnerable to Coruna and DarkSword exploit kits and urges users to update iOS. Apple has warned that iPhones running outdated iOS versions are at risk from ex ...

Pierluigi Paganini March 20, 2026

Cyber Crime

Global law enforcement operation targets AISURU, Kimwolf, JackSkid botnet operators

DoJ disrupted IoT botnets’ C2 infrastructure with global partners, targeting operators behind AISURU, Kimwolf, JackSkid, and others. The U.S. DoJ disrupted command-and-control infrastructure use ...

Pierluigi Paganini March 20, 2026

Intelligence

French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure

A French aircraft carrier was tracked in real time via a sailor’s Strava activity, exposing a persistent operational security flaw. Le Monde revealed that France’s aircraft carrier Charles de ...

Pierluigi Paganini March 20, 2026

Security

Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking

Ubiquiti fixed two UniFi vulnerabilities, including a critical flaw that could let attackers take over user accounts. Ubiquiti patched two vulnerabilities in its UniFi Network app, including a max ...

Pierluigi Paganini March 19, 2026

Security

U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity a ...

Pierluigi Paganini March 19, 2026

Security

Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376

Russian APT exploits a critical XSS flaw in Zimbra, tracked as CVE-2025-66376, running scripts via HTML emails to target users in Ukraine. Russia-linked threat actor exploits a high-severity XSS v ...

Pierluigi Paganini March 19, 2026

Hacking

DarkSword emerges as powerful iOS exploit tool in global attacks

DarkSword, a new iOS exploit kit, is used by multiple actors to steal data in campaigns targeting Saudi Arabia, Turkey, Malaysia, and Ukraine. Lookout Threat Labs discovered a new iOS exploit kit ...

Pierluigi Paganini March 19, 2026

Malware

Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulner ...

Pierluigi Paganini March 19, 2026

Intelligence

Russia establishes Vienna as key western spy hub targeting NATO

Russia uses Vienna as its largest Western spy hub, monitoring NATO and other sensitive communications via diplomatic sites and satellite dishes. Western intelligence reports that Russia has transf ...

Pierluigi Paganini March 19, 2026

Security

U.S. CISA adds Microsoft SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Age ...

Pierluigi Paganini March 18, 2026

Hacking

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company Dream disclosed a critical flaw, tracked as ...

Pierluigi Paganini March 18, 2026

Security

CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit

Ubuntu flaw CVE-2026-3888 lets attackers gain root via a systemd timing exploit, affecting Desktop 24.04+ with high severity. Qualys researchers found a high-severity flaw, tracked as CVE-2026-388 ...

Pierluigi Paganini March 18, 2026

Data Breach

Robotic surgery firm Intuitive reports data breach after targeted phishing attack

Intuitive suffered a phishing attack leading to a data breach exposing customer, employee, and corporate information. Intuitive is an American company that designs, manufactures, and sells robotic ...

Pierluigi Paganini March 18, 2026

Cyber warfare

Tracking the Iran War: A Month of Escalation and Regional Impact

Iran war likely prolonged, increasing cyber threats, energy disruption, and instability, with companies in the Middle East facing higher risk. Resecurity (USA) released a strategic intelligence u ...

Pierluigi Paganini March 18, 2026

Security

EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure

EU sanctions Chinese and Iranian firms and individuals for cyberattacks targeting critical infrastructure and over 65,000 devices across member states. The Council of the European Union has impose ...

Pierluigi Paganini March 17, 2026

Malware

RondoDox botnet expands arsenal targeting 174 flaws, and hits 15,000 daily exploit attempts

RondoDox botnet targets 174 flaws, reaching 15,000 daily exploit attempts in a more focused and strategic campaign. RondoDox botnet is ramping up attacks, targeting 174 vulnerabilities with up to ...

Pierluigi Paganini March 17, 2026

APT

CL-STA-1087 targets military capabilities since 2020

China-linked APT group CL-STA-1087 has targeted Southeast Asian militaries since 2020 using AppleChris and MemFun. A suspected China-linked espionage campaign, tracked as CL-STA-1087, has targeted ...

Pierluigi Paganini March 17, 2026

Cyber Crime

From Windows to macOS: ClickFix attacks shift tactics with ChatGPT-based lures

ClickFix campaigns are evolving, with attackers increasingly targeting macOS users and deploying more advanced infostealers, according to Sophos researchers. ClickFix is a growing social engineeri ...

Pierluigi Paganini March 17, 2026