Pierluigi Paganini
July 03, 2014
While investigating on MiniDuke malware, experts at F-Secure discovered a surprising link to a new malware, dubbed CosmicDuke, belonging to Cosmu family. Early 2013 experts at Kaspersky Lab and Hunga ...
Pierluigi Paganini
July 03, 2014
Security researchers from Seculert firm have discovered a variant of the Cridex banking worm, dubbed Geodo, which spreads itself through email. In the last months a significant number of banking tr ...
Pierluigi Paganini
July 02, 2014
A letter revealed that all the US Intelligence agencies have queried the Section 702 communications content for US persons in 2013. The Snowden case has caused an earthquake in the US intelligence, i ...
Pierluigi Paganini
July 02, 2014
Security experts at Symantec have detected a new series of attacks worldwide conducted by the Dragonfly gang on SCADA/ICS in critical infrastructure. The energy industry is under attack, more than on ...
April 23, 2026
The Miasma worm compromised 73 Microsoft GitHub repos, spreading via AI coding tools and stealing cloud credentials from developers and CI/CD systems. A self-replicating worm called Miasma has com ...
Pierluigi Paganini
June 09, 2026
Google fixed a new Chrome zero-day, tracked as CVE-2026-11645, in the V8 JavaScript engine, which is already being exploited in the wild. Google released emergency updates to address a new Chrome ...
Pierluigi Paganini
June 09, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and ...
Pierluigi Paganini
June 09, 2026
A Linux kernel nf_tables bug lets local users gain root via use-after-free caused by a logic error; patch removes a single “!”. CVE-2026-23111 lives in nf_tables, the Linux kernel's packet fil ...
Pierluigi Paganini
June 09, 2026
Meta says NSO violated a court injunction by targeting WhatsApp users again through phishing campaigns and test accounts. Last year, WhatsApp won a landmark case against NSO Group, the Israeli spy ...
Pierluigi Paganini
June 08, 2026
Hackers exploit CVE-2026-3300 in Everest Forms Pro to inject PHP via form fields, creating rogue admin accounts. 29,300 attempts blocked. Researcher h0xilo submitted a flaw in Everest Forms Pro f ...
Pierluigi Paganini
June 08, 2026
UNC3753 phones staff posing as IT, hijacks screen sessions, steals sensitive legal files, and now sends operatives physically into offices to plug in USB drives. Google Mandiant and the Google Thr ...
Pierluigi Paganini
June 08, 2026
A flaw in Meta's AI-powered Instagram recovery tool exposed over 20,000 accounts, letting attackers reset passwords and take over profiles. Meta's High Touch Support tool, known as HTS, was design ...
Pierluigi Paganini
June 08, 2026
C0XMO is a new Gafgyt botnet variant exploiting old router flaws, spreading across IoT devices, killing rivals, and enabling large-scale DDoS attacks. In March 2026, FortiGuard Labs discovered a n ...
Pierluigi Paganini
June 08, 2026
ShinyHunters leaked 234 GB of data allegedly stolen from DentaQuest after failed negotiations, potentially impacting 2.6 million people. The ShinyHunters extortion group has published a 234 GB arc ...
Pierluigi Paganini
June 07, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malware Targeting WordPress Abuses Steam ...
Pierluigi Paganini
June 07, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
June 07, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ( ...
Pierluigi Paganini
June 06, 2026
Reports claim Anthropic engineers are helping the NSA use its restricted AI model Mythos, known for advanced cybersecurity capabilities. This week, the Financial Times reported that Anthropic has ...
Pierluigi Paganini
June 06, 2026
Claude Opus 4.8 helped uncover a four-year-old critical flaw in Zcash that could have enabled undetectable creation of counterfeit coins. On May 29, the security researcher Taylor Hornby found a c ...
Pierluigi Paganini
June 06, 2026
Researchers exposed the Silent Ransom Group 's Fast Flux infrastructure as the FBI warns of ongoing attacks targeting U.S. law firms and businesses. Resecurity uncovered the Silent Ransom Group (S ...
Pierluigi Paganini
June 05, 2026
Cisco warns of CVE-2026-20245 in SD-WAN Manager, a flaw that can lead to root access via file upload command injection; no patch or workaround yet. Cisco warns of a privilege escalation flaw, trac ...
Pierluigi Paganini
June 05, 2026
Researchers uncovered a 230-node cloud-based email relay network after the actor PCPJack accidentally exposed tools, logs, and C2 files online A threat actor tracked as PCPJack compromised 230 clo ...
Pierluigi Paganini
June 05, 2026
SafeBreach tricked Gemini into obeying attackers via WhatsApp notifications, using hidden foreign-language text to bypass Google's defenses and control smart home devices. SafeBreach Labs research ...
Pierluigi Paganini
June 05, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Sec ...
Pierluigi Paganini
June 04, 2026
