MUST READ

Flickr moves to contain data exposure, warns users of phishing

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83

 | 

Security Affairs newsletter Round 562 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

DKnife toolkit abuses routers to spy and deliver malware since 2019

 | 

Italian university La Sapienza still offline to mitigate recent cyber attack

 | 

CISA pushes Federal agencies to retire end-of-support edge devices

 | 

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

LATEST NEWS

VIEW ALL
Security
A new PyPI Package was found delivering fileless Linux Malware
Pierluigi Paganini August 15, 2022

Security Researchers discovered a new PyPI Package designed to drop fileless cryptominer to Linux systems. Sonatype researchers have discovered a new PyPI package named 'secretslib' that drops fil ...

APT
Iron Tiger APT is behind a supply chain attack that employed messaging app MiMi
Pierluigi Paganini August 15, 2022

China-linked threat actors Iron Tiger backdoored a version of the cross-platform messaging app MiMi to infect systems. Trend Micro researchers uncovered a new campaign conducted by a China-l ...

Hacking
A flaw in Xiaomi phones using MediaTek Chips could allow to forge transactions
Pierluigi Paganini August 14, 2022

Flaws in Xiaomi Redmi Note 9T and Redmi Note 11 models could be exploited to disable the mobile payment mechanism and even forge transactions. Check Point researchers discovered the flaws while ...

Cyber Crime
CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks
Pierluigi Paganini August 14, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are warning of Zeppelin ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federa ...

top articles

Nike is investigating a possible data breach, after WorldLeaks claims
January 25, 2026
Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom
February 03, 2026
MoltBot Skills exploited to distribute 400+ malware packages in days
February 02, 2026
Hackers exploit unsecured MongoDB instances to wipe data and demand ransom
February 02, 2026
DOJ releases details alleged talented hacker working for Jeffrey Epstein
January 31, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Data Breach

Flickr moves to contain data exposure, warns users of phishing

February 09, 2026

Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83

February 08, 2026

Security
Security Affairs newsletter Round 562 by Pierluigi Paganini – INTERNATIONAL EDITION

February 08, 2026

Malware
DKnife toolkit abuses routers to spy and deliver malware since 2019

February 08, 2026

Cyber Crime
Italian university La Sapienza still offline to mitigate recent cyber attack

February 07, 2026

recent articles

Data Breach
Flickr moves to contain data exposure, warns users of phishing

Flickr says a flaw at a third-party email provider may have exposed users’ names, email addresses, IPs, and account activity. Flickr is a photo-sharing platform owned by SmugMug. It has over 100 ...

Pierluigi Paganini February 09, 2026
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 83

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter ClawHavoc: 341 Malicious Clawed Skills F ...

Pierluigi Paganini February 08, 2026
Security
Security Affairs newsletter Round 562 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini February 08, 2026
Malware
DKnife toolkit abuses routers to spy and deliver malware since 2019

DKnife is a Linux toolkit used since 2019 to hijack router traffic and deliver malware in cyber-espionage attacks. Cisco Talos found DKnife, a powerful Linux toolkit that threat actors use to spy ...

Pierluigi Paganini February 08, 2026
Cyber Crime
Italian university La Sapienza still offline to mitigate recent cyber attack

Rome’s La Sapienza University was hit by a cyberattack that disrupted IT systems and caused widespread operational issues. Since February 2, Rome’s La Sapienza University, one of the most impo ...

Pierluigi Paganini February 07, 2026
Security
CISA pushes Federal agencies to retire end-of-support edge devices

CISA ordered U.S. federal agencies to improve management of edge network devices and replace unsupported ones within 12–18 months. The U.S. Cybersecurity and Infrastructure Security Agency (CISA ...

Pierluigi Paganini February 07, 2026
Security
Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

A study found nearly 5 million servers exposing Git metadata, with 250,000 leaking deployment credentials via .git/config files. A new 2026 study by the Mysterium VPN research team reveals that ne ...

Pierluigi Paganini February 06, 2026
Security
U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecuri ...

Pierluigi Paganini February 06, 2026
Uncategorized
Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Substack confirmed a data breach after a hacker leaked data from nearly 700,000 users, including email addresses and phone numbers. Substack is an online platform for publishing email‑based news ...

Pierluigi Paganini February 05, 2026
Hacktivism
Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Italy stopped Russian-linked cyberattacks targeting Foreign Ministry offices and Winter Olympics websites and hotels, Foreign Minister Tajani said. Italy has thwarted a series of Russian-linked cy ...

Pierluigi Paganini February 05, 2026
APT
China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

China-linked hackers tracked as Amaranth-Dragon targeted government and law enforcement agencies across Southeast Asia in 2025. CheckPoint says China-linked threat actors, tracked as Amaranth-Drag ...

Pierluigi Paganini February 05, 2026
Security
CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

Ransomware groups now exploit VMware ESXi vulnerability CVE-2025-22225, patched by Broadcom in March 2025. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirms that ransomware ...

Pierluigi Paganini February 04, 2026
Deep Web
Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

A Taiwanese man was sentenced to 30 years for running Incognito Market, a major darknet drug site that sold over $105 million in illegal drugs. Rui-Siang Lin (24) was sentenced to 30 years in pris ...

Pierluigi Paganini February 04, 2026
Cyber Crime
Paris raid on X focuses on child abuse material allegations

French prosecutors raided X offices in Paris over illegal content; Elon Musk and CEO summoned for voluntary interviews in April. French prosecutors, with France’s National Gendarmerie and Europo ...

Pierluigi Paganini February 04, 2026
Hacking
GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

GreyNoise spotted a dual-mode Citrix Gateway recon campaign using 63K+ residential proxies and AWS to find login panels and enumerate versions. Between Jan 28 and Feb 2, 2026, GreyNoise tracked a ...

Pierluigi Paganini February 04, 2026
Security
Microsoft: Info-Stealing malware expands from Windows to macOS

Microsoft warns info-stealing attacks are expanding from Windows to macOS, using cross-platform languages like Python and abusing trusted platforms. Microsoft warns info-stealing attacks are rapid ...

Pierluigi Paganini February 04, 2026
Security
U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurit ...

Pierluigi Paganini February 03, 2026
Hacking
Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

Hackers exploit a critical React Native CLI flaw (CVE-2025-11953) to run remote commands and drop stealthy Rust malware, weeks before public disclosure. Attackers are actively exploiting a critica ...

Pierluigi Paganini February 03, 2026
APT
APT28 exploits Microsoft Office flaw in Operation Neusploit

Russia-linked APT28 is behind Operation Neusploit, exploiting a newly disclosed Microsoft Office vulnerability in targeted attacks. Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn ...

Pierluigi Paganini February 03, 2026
APT
Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

Rapid7 researchers say the Notepad++ hosting breach is likely linked to the China-nexus Lotus Blossom APT group. Recently, the Notepad++ maintainer revealed that nation-state hackers compromised t ...

Pierluigi Paganini February 03, 2026