Security Affairs

LATEST NEWS

VIEW ALL

Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics

Pierluigi Paganini April 08, 2026

APT28 targets Ukraine and allies with PRISMEX malware, using stealthy techniques for espionage and command-and-control. Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Stor ...

Security

Signature Healthcare hit by cyberattack, services and pharmacies impacted

Pierluigi Paganini April 08, 2026

Massachusetts’ Signature Healthcare diverts ambulances and cancels services after a cyberattack disrupts hospital operations and pharmacy access. The hospital Signature Healthcare in Brockton, M ...

Artificial Intelligence

Project Glasswing powered by Claude Mythos: defending software before hackers do

Pierluigi Paganini April 08, 2026

Anthropic unveiled Claude Mythos, a powerful AI for cybersecurity that could also be misused to enhance cyberattacks. Anthropic has unveiled Claude Mythos, a new AI model designed to strengthen cy ...

APT

U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs

Pierluigi Paganini April 08, 2026

U.S. agencies warn Iran-linked threat actors are targeting internet-exposed PLCs used in critical infrastructure networks. U.S. agencies, including the FBI and CISA, warn that Iran-linked hackers ...

1
2
3
4595
4596
4597

recent articles

APT

Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics

APT28 targets Ukraine and allies with PRISMEX malware, using stealthy techniques for espionage and command-and-control. Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Stor ...

Pierluigi Paganini April 08, 2026

Security

Signature Healthcare hit by cyberattack, services and pharmacies impacted

Pierluigi Paganini April 08, 2026

Artificial Intelligence

Project Glasswing powered by Claude Mythos: defending software before hackers do

Pierluigi Paganini April 08, 2026

APT

U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs

U.S. agencies warn Iran-linked threat actors are targeting internet-exposed PLCs used in critical infrastructure networks. U.S. agencies, including the FBI and CISA, warn that Iran-linked hackers ...

Pierluigi Paganini April 08, 2026

Security

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to poor validation of user-supplied JavaScri ...

Pierluigi Paganini April 07, 2026

Security

Major outage cripples Russian banking apps and metro payments nationwide

A major outage hit Russian banking apps and payments, blocking card use, cash withdrawals, and mobile access for hours. A widespread outage disrupted banking apps and payment systems across Russia ...

Pierluigi Paganini April 07, 2026

Cyber Crime

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially d ...

Pierluigi Paganini April 07, 2026

Security

GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover

GPUBreach attack technique uses GPU memory bit-flips to escalate privileges and potentially take full control of a system. New research shows that attacks like GPUBreach exploit RowHammer bit-flip ...

Pierluigi Paganini April 07, 2026

Uncategorized

Phishing LNK files and GitHub C2 power new DPRK cyber attacks

DPRK-linked hackers use GitHub C2s, starting attacks via phishing LNK files that drop a PDF and PowerShell script in South Korea. North Korea-linked threat actors target South Korean organizations ...

Pierluigi Paganini April 06, 2026

Cyber Crime

BKA unmasks two REvil Ransomware operators behind 130+ German attacks

German police BKA identified two key REvil ransomware members, linking them to over 130 attacks in Germany. Germany’s Federal Criminal Police (BKA) has identified two key figures behind the REvi ...

Pierluigi Paganini April 06, 2026

Security

Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed

Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000 F5 BIG-IP APM instances remain exposed on ...

Pierluigi Paganini April 06, 2026

Hacking

CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw

Fortinet issued emergency patches for a critical FortiClient EMS flaw (CVE-2026-35616) actively exploited in the wild. Fortinet released out-of-band patches for a critical FortiClient EMS vulnerab ...

Pierluigi Paganini April 06, 2026

Malware

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer: a new macOS infostealer using ClickFix and P ...

Pierluigi Paganini April 05, 2026

Hacking

Image or Malware? Read until the end and answer in comments :)

A malicious email delivered a .cmd malware that escalates privileges, bypasses antivirus, downloads payloads, sets persistence, and self-deletes. I received this email from a friend to make an ana ...

Pierluigi Paganini April 05, 2026

Breaking News

Security Affairs newsletter Round 571 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini April 05, 2026

Cyber Crime

Qilin ransomware group claims the hack of German political party Die Linke

Qilin ransomware claims it stole data from Germany’s Die Linke and threatens to leak it; the party confirmed the incident, but not a breach. The Qilin ransomware group claims it stole data from ...

Pierluigi Paganini April 04, 2026

Security

U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Ag ...

Pierluigi Paganini April 04, 2026

Security

European Commission breach exposed data of 30 EU entities, CERT-EU says

CERT-EU says a European Commission cloud hack exposed data from 30 EU entities and links the breach to the TeamPCP group. CERT-EU attributed a European Commission cloud breach to the TeamPCP threa ...

Pierluigi Paganini April 04, 2026

Hacking

North Korea–linked hackers drain $285M from Drift in sophisticated attack

Drift lost $285M in a sophisticated attack, likely by North Korea, who used nonce-based tricks to gain control and quickly drain funds Drift suffered a $285 million cryptocurrency heist in a highl ...

Pierluigi Paganini April 03, 2026

Breaking News

CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access

CrystalX RAT, a new sophisticated MaaS malware, combines spyware, data theft, and remote access, allowing attackers to monitor victims. In March 2026, Kaspersky researchers uncovered a Telegram-ba ...

Pierluigi Paganini April 03, 2026

LATEST NEWS

top articles

newsletter

Subscribe to my email list and stay up-to-date!

most popular

recent articles

Subscribe to my email list and stay
up-to-date!