MUST READ

SonicWall blames state-sponsored hackers for September security breach

 | 

U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

 | 

Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

 | 

U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

 | 

Nine arrested in €600M crypto laundering bust across Europe

 | 

Google fixed a critical remote code execution in Android

 | 

SesameOp: New backdoor exploits OpenAI API for covert C2

 | 

Google Big Sleep found five vulnerabilities in Safari

 | 

Jabber Zeus developer ‘MrICQ’ extradited to US from Italy

 | 

Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

 | 

Android Apps misusing NFC and HCE to steal payment data on the rise

 | 

Conduent January 2025 breach impacts 10M+ people

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69

 | 

Security Affairs newsletter Round 548 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ukrainian extradited to US over Conti ransomware involvement

 | 

BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government

 | 

China-linked UNC6384 exploits Windows zero-day to spy on European diplomats

 | 

Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks

 | 

EY Exposes 4TB SQL Server Backup Publicly on Microsoft Azure

 | 

Suspected Chinese actors compromise U.S. Telecom firm Ribbon Communications

 | 

LATEST NEWS

VIEW ALL
Security
Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking
Pierluigi Paganini August 14, 2023

Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. Researchers from Trellix Advanced Research Center discovered mult ...

Security
Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS
Pierluigi Paganini August 13, 2023

16 vulnerabilities in Codesys products could result in remote code execution and DoS attacks exposing OT environments to hacking. Microsoft Threat Intelligence researchers discovered 16 high-sever ...

Breaking News
Security Affairs newsletter Round 432 by Pierluigi Paganini – International edition
Pierluigi Paganini August 13, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Security
The DHS's CSRB to review cloud security practices following the hack of Microsoft Exchange govt email accounts
Pierluigi Paganini August 13, 2023

The DHS's CSRB will review cloud security practices following recent hacks of Microsoft Exchange accounts used by US govt agencies. The US DHS announced that the Cyber Safety Review Board (CSRB) w ...

top articles

Memento Labs, the ghost of Hacking Team, has returned — or maybe it was never gone at all.
October 27, 2025
Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks
October 31, 2025
EY Exposes 4TB SQL Server Backup Publicly on Microsoft Azure
October 31, 2025
Brush exploit can cause any Chromium browser to collapse in 15-60 seconds
October 30, 2025
Nine arrested in €600M crypto laundering bust across Europe
November 05, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

SonicWall blames state-sponsored hackers for September security breach

November 05, 2025

Laws and regulations
U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

November 05, 2025

Cyber Crime
Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

November 05, 2025

Security
U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

November 05, 2025

Cyber Crime
Nine arrested in €600M crypto laundering bust across Europe

November 05, 2025

recent articles

Security
SonicWall blames state-sponsored hackers for September security breach

Cybersecurity firm SonicWall attributed the September security breach exposing firewall configuration files to state-sponsored hackers. In September, SonicWall urged customers to reset credentials ...

Pierluigi Paganini November 05, 2025
Laws and regulations
U.S. sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons program

U.S. sanctions North Korea bankers and firms accused of laundering cybercrime funds used to finance the country’s nuclear weapons program. The U.S. Government has imposed sanctions on several No ...

Pierluigi Paganini November 05, 2025
Cyber Crime
Former cybersecurity employees attempted to extort five U.S. companies in 2023 using BlackCat ransomware attacks

U.S. prosecutors charged three Florida men for using BlackCat ransomware to hack and extort five U.S. companies in 2023. U.S. prosecutors charged Ryan Clifford Goldberg, Kevin Tyler Martin, and an ...

Pierluigi Paganini November 05, 2025
Security
U.S. CISA adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Gladinet CentreStack, and CWP Control Web Panel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and I ...

Pierluigi Paganini November 05, 2025
Cyber Crime
Nine arrested in €600M crypto laundering bust across Europe

A coordinated Eurojust-led operation led to nine arrests in Cyprus, Spain, and Germany for laundering €600M in crypto fraud. Authorities in France, Belgium, and Cyprus arrested nine people in a ...

Pierluigi Paganini November 05, 2025
Security
Google fixed a critical remote code execution in Android

Google’s November 2025 Android update fixes two flaws in the System component, including a critical remote code execution issue. Google’s November 2025 Android security updates addressed two v ...

Pierluigi Paganini November 04, 2025
Malware
SesameOp: New backdoor exploits OpenAI API for covert C2

Microsoft found a new backdoor, SesameOp, using the OpenAI Assistants API for stealthy command-and-control in hacked systems. Microsoft uncovered a new backdoor, named SesameOp, that abuses the Op ...

Pierluigi Paganini November 04, 2025
Security
Google Big Sleep found five vulnerabilities in Safari

Google’s AI agent, Big Sleep, helped Apple discover five WebKit flaws in Safari that could lead to browser crashes or memory corruption. Google’s AI agent Big Sleep helped Apple discover five ...

Pierluigi Paganini November 04, 2025
Cyber Crime
Crooks exploit RMM software to hijack trucking firms and steal cargo

Hackers target trucking firms with RMM tools to steal freight, teaming with organized crime to loot goods, mainly food and beverages. Cybercriminals are targeting trucking and logistics firms with ...

Pierluigi Paganini November 04, 2025
Cyber Crime
Jabber Zeus developer ‘MrICQ’ extradited to US from Italy

Ukrainian Yuriy Rybtsov, aka MrICQ, a suspected Jabber Zeus developer, was extradited from Italy to the US to face cybercrime charges. Ukrainian national Yuriy Igorevich Rybtsov (41), aka MrICQ, a ...

Pierluigi Paganini November 03, 2025
Security
Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

Google released Chrome 142, fixing 20 flaws, including two high-severity V8 bugs, and awarded $100,000 in bug bounties. Google addressed 20 flaws in Chrome version 142, including high-severity bug ...

Pierluigi Paganini November 03, 2025
Security
Android Apps misusing NFC and HCE to steal payment data on the rise

Zimperium zLabs found 760+ Android apps abusing NFC and HCE to steal payment data, showing a surge in NFC relay fraud since April 2024. Zimperium zLabs researchers spotted over 760 Android apps ab ...

Pierluigi Paganini November 03, 2025
Data Breach
Conduent January 2025 breach impacts 10M+ people

Conduent January 2025 breach exposed personal data of 10M+ people, including names, addresses, DOBs, SSNs, and health and insurance info. Conduent January 2025 breach exposed the personal data of ...

Pierluigi Paganini November 03, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 69

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Agenda Ransomware Deploys Linux Variant ...

Pierluigi Paganini November 02, 2025
Uncategorized
Security Affairs newsletter Round 548 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini November 02, 2025
Security
Ukrainian extradited to US over Conti ransomware involvement

Ukrainian Oleksii Lytvynenko extradited from Ireland to US for alleged role in Conti ransomware after fleeing Ukraine in 2022. Ukrainian national Oleksii Lytvynenko (43) extradited from Ireland to ...

Pierluigi Paganini November 02, 2025
Hacking
BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government

Australia warns of attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell install. The Australian Signals Directorate (ASD) warns of ongoing attacks on un ...

Pierluigi Paganini November 01, 2025
Security
Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks

CISA warns ransomware gangs exploit CVE-2024-1086, a Linux kernel flaw in netfilter: nf_tables, introduced in 2014 and patched in Jan 2024. CISA warned that ransomware gangs are exploiting CVE-20 ...

Pierluigi Paganini October 31, 2025
Data Breach
EY Exposes 4TB SQL Server Backup Publicly on Microsoft Azure

A massive 4TB SQL Server backup file belonging to global accounting giant Ernst & Young (EY) was discovered publicly accessible on Microsoft Azure. Cybersecurity firm Neo Security discove ...

Pierluigi Paganini October 31, 2025
Intelligence
Suspected Chinese actors compromise U.S. Telecom firm Ribbon Communications

A nation-state actor, likely a China-nexus one, hacked the U.S.-based technology company Ribbon Communications. Ribbon Communications is a U.S.-based technology company that provides telecommunica ...

Pierluigi Paganini October 31, 2025