Pierluigi Paganini
July 19, 2021
Security researchers demonstrated how to bypass the Windows Hello facial recognition that is used in Windows 10 as a login mechanism. Security researchers at CyberArk Labs discovered a security by ...
Pierluigi Paganini
July 18, 2021
Cyberspace Administration of China (CAC) issued new vulnerability disclosure regulations that oblige experts to report zero-days to the government. The Cyberspace Administration of China (CAC) has ...
Pierluigi Paganini
July 18, 2021
Instagram introduced a new security feature dubbed "Security Checkup" to help users to recover their accounts that have been compromised. Good news for the owners of Instagram accounts that may ha ...
Pierluigi Paganini
July 18, 2021
BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators. SonicWall this week has issued an urgent se ...
March 22, 2026
Russia-linked actors target WhatsApp and Signal accounts of officials and journalists via phishing, gaining access to messages and contacts. Threat actors linked to Russian Intelligence Services ...
Pierluigi Paganini
March 22, 2026
Oracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated remote code execution in Identity Manager. Oracle released security updates to address a critical vulnera ...
Pierluigi Paganini
March 22, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...
Pierluigi Paganini
March 22, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter New Payload ransomware - malware analysi ...
Pierluigi Paganini
March 22, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
March 22, 2026
WorldLeaks group hit Los Angeles and its Metro system, forcing a shutdown, while two Bay Area cities declared emergencies after ransomware attacks. WorldLeaks group hit Los Angeles and its Metro, ...
Pierluigi Paganini
March 21, 2026
Sansec found a Magento and Adobe Commerce REST API flaw, named PolyShell, which allows unauthenticated file uploads and possible XSS in older versions. Sansec disclosed a critical flaw in the Mage ...
Pierluigi Paganini
March 21, 2026
Hackers defaced 7,500 Magento sites since Feb 27, uploading files across 15,000 hostnames, mostly opportunistic attacks. Since February 27, a large-scale campaign has defaced over 7,500 Magento si ...
Pierluigi Paganini
March 20, 2026
Navia Benefit Solutions data breach exposed 2.7M people after attackers accessed systems from December 2025 to January 2026. Navia Benefit Solutions disclosed a data breach affecting 2,697,540 ind ...
Pierluigi Paganini
March 20, 2026
Apple warns that outdated iPhones are vulnerable to Coruna and DarkSword exploit kits and urges users to update iOS. Apple has warned that iPhones running outdated iOS versions are at risk from ex ...
Pierluigi Paganini
March 20, 2026
DoJ disrupted IoT botnets’ C2 infrastructure with global partners, targeting operators behind AISURU, Kimwolf, JackSkid, and others. The U.S. DoJ disrupted command-and-control infrastructure use ...
Pierluigi Paganini
March 20, 2026
A French aircraft carrier was tracked in real time via a sailor’s Strava activity, exposing a persistent operational security flaw. Le Monde revealed that France’s aircraft carrier Charles de ...
Pierluigi Paganini
March 20, 2026
Ubiquiti fixed two UniFi vulnerabilities, including a critical flaw that could let attackers take over user accounts. Ubiquiti patched two vulnerabilities in its UniFi Network app, including a max ...
Pierluigi Paganini
March 19, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity a ...
Pierluigi Paganini
March 19, 2026
Russian APT exploits a critical XSS flaw in Zimbra, tracked as CVE-2025-66376, running scripts via HTML emails to target users in Ukraine. Russia-linked threat actor exploits a high-severity XSS v ...
Pierluigi Paganini
March 19, 2026
DarkSword, a new iOS exploit kit, is used by multiple actors to steal data in campaigns targeting Saudi Arabia, Turkey, Malaysia, and Ukraine. Lookout Threat Labs discovered a new iOS exploit kit ...
Pierluigi Paganini
March 19, 2026
The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulner ...
Pierluigi Paganini
March 19, 2026
Russia uses Vienna as its largest Western spy hub, monitoring NATO and other sensitive communications via diplomatic sites and satellite dishes. Western intelligence reports that Russia has transf ...
Pierluigi Paganini
March 19, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Age ...
Pierluigi Paganini
March 18, 2026
CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company Dream disclosed a critical flaw, tracked as ...
Pierluigi Paganini
March 18, 2026
