LATEST NEWS

VIEW ALL
Chinese state-sponsored hackers targets Russia and Belarus with ZeroT and PlugX
Pierluigi Paganini February 03, 2017

According to the firm ProofPoint, Chinese state-sponsored actors continues to spy on military and aerospace organizations in Russia and Belarus. Chinese state-sponsored actors are spying on military ...

Authentication Bypass Vulnerability found in Cisco Prime Home product
Pierluigi Paganini February 03, 2017

The experts at Cisco have discovered a critical authentication bypass vulnerability in the Cisco Prime Home during an internal security testing. Cisco has released a security update for CISCO Prime H ...

Popular hacking toolkit Metasploit adds hardware testing capabilities
Pierluigi Paganini February 03, 2017

The Metasploit hacking toolkit now includes a new hardware bridge that makes it easier for users to analyze hardware devices. The popular offensive hacking toolkit Metasploit now is powerful, it incl ...

How much trust do you put into your Gmail inbox messages?
Pierluigi Paganini February 03, 2017

Given the high trust we have on Gmail we tend to believe that all messages that fall into our inbox are legit and safe, but there is something to know ... 1.    Introduction Taking good care o ...

recent articles

Hacking
Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes

Zimbra addressed a critical stored XSS vulnerability in its Classic Web Client that lets malicious emails execute code when opened. Zimbra has released version 10.1.19 to fix a critical stored XSS ...

Pierluigi Paganini July 10, 2026
Cyber Crime
Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018

Ransomware remains above 1,400 attacks yearly since 2023. Qilin leads in 2026, while the U.S. remains the main target. Ransomnews has independently confirmed 9,291 ransomware attacks worldwide bet ...

Pierluigi Paganini July 10, 2026
Security
222 GitHub Repositories Linked to Fake Go Package Malware Operation

Researchers uncovered 222 GitHub repositories spreading malware through fake Go packages, delivering loaders, stealers, RATs, and cryptominers. Socket's security research team started with the inv ...

Pierluigi Paganini July 10, 2026
Cyber Crime
Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang

A former ransomware negotiator was sentenced to nearly six years for secretly helping BlackCat extort victims while betraying his clients. A U.S. court sentenced former ransomware negotiator Angel ...

Pierluigi Paganini July 10, 2026
Malware
GigaWiper Merges Three Malware Families Into One Destructive Backdoor

Microsoft uncovered GigaWiper, a modular Go backdoor combining three malware families with espionage, remote control, and destructive wiping features. In October 2025, Microsoft's threat intellige ...

Pierluigi Paganini July 10, 2026
Security
INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million

INTERPOL's Operation First Light 2026 led to 5,811 arrests, blocked $293M in criminal assets, and disrupted global fraud and money laundering networks. INTERPOL coordinated a four-month operation ...

Pierluigi Paganini July 09, 2026
Malware
GodDamn Ransomware Uses PoisonX to Blind Security Software

GodDamn ransomware uses the signed PoisonX driver to disable security tools, marking a more advanced version of the Beast ransomware family. Symantec's Threat Hunter Team found a new ransomware fa ...

Pierluigi Paganini July 09, 2026
Data Breach
AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack

AssuranceAmerica confirmed a breach exposing nearly 7 million driver's licenses after hackers compromised an employee account and stole customer data. U.S. auto insurer AssuranceAmerica has confir ...

Pierluigi Paganini July 09, 2026
Security
Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)

Microsoft fixed RoguePlanet (CVE-2026-50656), a Defender flaw allowing local attackers to gain higher privileges through the Malware Protection Engine. Microsoft released security updates for Rogu ...

Pierluigi Paganini July 09, 2026
Malware
Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes

Fake apps like WireVPN and a trojanized 7-Zip turn victims' devices into residential proxies, letting criminals route traffic through their IPs. Infoblox's threat research team started pulling on ...

Pierluigi Paganini July 09, 2026
Security
Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation

Ubiquiti patched seven UniFi OS flaws, including critical CVE-2026-50746, which allows command injection in UniFi Connect Application. Ubiquiti released security updates for seven critical UniFi O ...

Pierluigi Paganini July 08, 2026
Data Breach
A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach

Accenture confirmed a breach after a hacker claimed to steal 35 GB of source code, keys, and Azure credentials now offered for sale. A threat actor using the handle "888" claimed on the cybercrime ...

Pierluigi Paganini July 08, 2026
Malware
Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools

RedWing: The Android Banking Trojan You Can Rent on Telegram for Less Than a Coffee Subscription Zimperium's zLabs team has uncovered RedWing, an Android spyware operation sold as a subscription s ...

Pierluigi Paganini July 08, 2026
Hacking
U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalo ...

Pierluigi Paganini July 08, 2026
Artificial Intelligence
CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code

CISA is using Anthropic's Mythos AI to scan federal code for vulnerabilities, aiming to find flaws before hackers and foreign intelligence services. Three sources familiar with the matter told Reu ...

Pierluigi Paganini July 08, 2026
Hacking
Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets

Attackers are exploiting a critical Gitea flaw (CVE-2026-20896) that bypasses authentication with a single HTTP header, exposing repositories and sensitive data. Sysdig researchers warn that attac ...

Pierluigi Paganini July 07, 2026
Hacktivism
Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)

Spain arrested a suspected CARR and Z-Pentest collaborator in an FBI-led probe for aiding pro-Russian hackers, coordinating attacks, and using crypto. Spanish National Police arrested a man in Pal ...

Pierluigi Paganini July 07, 2026
Security
Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available

CERT/CC warns an unpatched backdoor in several Tenda routers lets attackers bypass login and gain full admin access with a hidden password. CERT/CC published an alert documenting an undocumented a ...

Pierluigi Paganini July 07, 2026
APT
AI-Generated Malware Powers New Armored Likho APT Campaign

Armored Likho APT uses AI-generated malware, phishing, and BusySnake Stealer to target governments and power grids in Russia, Kazakhstan, and Brazil. Kaspersky's threat research team has documente ...

Pierluigi Paganini July 07, 2026
Security
Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks

Januscape: A 16-year-old Linux KVM flaw lets cloud VM tenants crash hosts and potentially escape guests. It affects Intel and AMD systems. Security researcher Hyunwoo Kim has published details of ...

Pierluigi Paganini July 07, 2026