Security Affairs

LATEST NEWS

VIEW ALL

Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE

Pierluigi Paganini December 11, 2021

Cybereason researchers released a "vaccine" that mitigates the critical 'Log4Shell' Apache Log4j code execution vulnerability. Chinese security researcher p0rz9 publicly disclosed a Proof-of-conc ...

Data Breach

Volvo Cars suffers a data breach. Is it a ransomware attack?

Pierluigi Paganini December 10, 2021

Swedish automotive manufacturer Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data. Swedish automotive manufacturer Volvo Cars revealed that threat acto ...

Cyber Crime

Australian ACSC warns of Conti ransomware attacks against local orgs

Pierluigi Paganini December 10, 2021

The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks again multiple Australian organizations. The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks ...

Hacking

A zero-day exploit for Log4j Java library could have a tsunami impact on IT giants

Pierluigi Paganini December 10, 2021

Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Experts publicly disclose Proof-of-concept exploits for a ...

1
2
1465
1466
1467
1468
1469
4542
4543
4544

recent articles

Security

U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini February 21, 2026

Data Breach

PayPal discloses extended data leak linked to Loan App glitch

PayPal disclosed a six-month data breach that exposed sensitive user data, including Social Security numbers, due to a software error. PayPal has disclosed a data breach caused by a software bug i ...

Pierluigi Paganini February 20, 2026

Cyber Crime

North Korean IT worker scam nets Ukrainian five-year sentence in the U.S.

A Ukrainian man was sentenced to five years in the U.S. for helping North Korean IT workers use stolen identities to get hired by U.S. firms. Oleksandr “Alexander” Didenko, a 29-year-old Ukrai ...

Pierluigi Paganini February 20, 2026

Cyber Crime

FBI warns of surge in ATM Jackpotting, $20 Million lost in 2025

The FBI warns ATM jackpotting is rising nationwide, with over $20 million lost in 2025 and 1,900 incidents reported since 2020. The FBI has warned of a sharp rise in ATM jackpotting attacks across ...

Pierluigi Paganini February 20, 2026

Cyber Crime

Red Card 2.0: INTERPOL busts scam networks across Africa, seizes millions

INTERPOL’s Operation Red Card 2.0 led to 651 arrests across 16 African countries and recovered over $4.3 million from online scams. INTERPOL’s Operation Red Card 2.0, a joint effort involving ...

Pierluigi Paganini February 20, 2026

Artificial Intelligence

PromptSpy abuses Gemini AI to gain persistent access on Android

PromptSpy is the first Android malware to abuse Google’s Gemini AI, enabling persistence and advanced spying features. Security researchers at ESET have uncovered PromptSpy, the first known Andr ...

Pierluigi Paganini February 20, 2026

Breaking News

Germany’s national rail operator Deutsche Bahn hit by a DDoS attack

Germany’s national rail operator, Deutsche Bahn, suffered a major DDoS attack that disrupted booking and information systems for several hours. Germany’s rail operator Deutsche Bahn was hit by ...

Pierluigi Paganini February 19, 2026

Hacking

U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ...

Pierluigi Paganini February 19, 2026

Security

CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs

CISA warns Honeywell CCTVs are affected by a critical auth bypass flaw (CVE-2026-1670) allowing unauthorized access or account hijacking. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini February 19, 2026

Artificial Intelligence

Irish regulator probes X after Grok allegedly generated sexual images of children

Ireland’s Data Protection Commission opened a probe into X over Grok AI tool allegedly generating sexual images, including of children. Ireland’s Data Protection Commission has launched anothe ...

Pierluigi Paganini February 19, 2026

Malware

Intellexa’s Predator spyware infected Angolan journalist’s device, Amnesty reports

Amnesty reports Angolan journalist’s iPhone was infected by Intellexa’s Predator spyware via a WhatsApp link in May 2024. Amnesty International reports that in May 2024, Intellexa’s Predator ...

Pierluigi Paganini February 19, 2026

Hacking

French Ministry confirms data access to 1.2 Million bank accounts

A hacker accessed data from 1.2 million French bank accounts using stolen official credentials, the Economy Ministry said. A hacker gained access to data from 1.2 million French bank accounts usin ...

Pierluigi Paganini February 18, 2026

Hacking

Notepad++ patches flaw used to hijack update system

Notepad++ patched a vulnerability that attackers used to hijack its update system and deliver malware to targeted users. Notepad++ fixed a vulnerability that allowed a China-linked APT group to hi ...

Pierluigi Paganini February 18, 2026

Security

VS Code extensions with 125M+ installs expose users to cyberattacks

Four popular VS Code extensions with 125M+ installs have flaws that could let hackers steal files and run code remotely. OX Security researchers warn that security flaws in four widely used VS Cod ...

Pierluigi Paganini February 18, 2026

APT

China-linked APT weaponized Dell RecoverPoint zero-day since 2024

A suspected Chinese state-linked group exploited a critical Dell RecoverPoint flaw (CVE-2026-22769) in zero-day attacks starting mid-2024. Mandiant and Google’s Threat Intelligence Group (GTIG) ...

Pierluigi Paganini February 18, 2026

Uncategorized

U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities c ...

Pierluigi Paganini February 18, 2026

Malware

Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign

Kaspersky uncovered Keenadu, an Android backdoor used for ad fraud that can even take full control of devices. Kaspersky has identified a new Android malware called Keenadu. It can be preinstalled ...

Pierluigi Paganini February 18, 2026

Artificial Intelligence

SmartLoader hackers clone Oura MCP project to spread StealC malware

Hackers used a fake Oura MCP server to trick users into downloading malware that installs the StealC info-stealer. Straiker's AI Research (STAR) Labs team uncovered a SmartLoader campaign in which ...

Pierluigi Paganini February 17, 2026

Cyber Crime

Polish cybercrime Police arrest man linked to Phobos ransomware operation

Officers from Poland's Central Bureau of Cybercrime Control (CBZC) police arrested a 47-year-old man linked to the Phobos ransomware operation. Polish authorities arrested a 47-year-old man suspec ...

Pierluigi Paganini February 17, 2026

Security

Poorly crafted phishing campaign leverages bogus security incident report

Attackers used a fake PDF incident report hosted on AWS to scare victims into enabling 2FA, though a poorly crafted phishing campaign. Freelance security consultant Xavier Mertens reported a phis ...

Pierluigi Paganini February 17, 2026

LATEST NEWS

top articles

newsletter

Subscribe to my email list and stay up-to-date!

most popular

recent articles

Subscribe to my email list and stay
up-to-date!