Pierluigi Paganini
May 15, 2021
QNAP warns of an actively exploited Roon Server zero-day flaw and eCh0raix ransomware attacks on its NAS devices. QNAP warns customers of threat actors that are targeting its Network Attached Stor ...
Pierluigi Paganini
May 14, 2021
FingerprintJS experts devised a fingerprinting technique, named scheme flooding, that could allow identifying users across different desktop browsers, including the Tor Browser. FingerprintJS expe ...
Pierluigi Paganini
May 14, 2021
The operators of the Darkside ransomware announced that they have lost control of their infrastructure and part of the funds the gang obtained from the victims. Darkside ransomware operators say t ...
Pierluigi Paganini
May 14, 2021
Magecart cybercrime gang is using favicon to hide malicious PHP web shells used to maintain remote access to inject JavaScript skimmers into online stores. Magecart hackers are distributing malici ...
April 23, 2026
April 27, 2026
April 26, 2026
Fast16 is a pre-Stuxnet malware that tampered with precision software and spread itself. Evidence suggests links to U.S. operations during early cyber tensions. SentinelOne uncovered Fast16, a sab ...
Pierluigi Paganini
April 27, 2026
Italy plans to extradite Xu Zewei to the U.S. over alleged hacks on COVID-19 research tied to state-backed operations. Italy is moving to extradite Xu Zewei, the Chinese national arrested in 2025 ...
Pierluigi Paganini
April 27, 2026
Itron detected unauthorized access to part of its IT environment on April 13, 2026, and launched incident response and notified authorities. Itron disclosed a cyber incident involving unauthorized ...
Pierluigi Paganini
April 27, 2026
CrowdStrike fixed CVE-2026-40050 in LogScale self-hosted, a critical flaw allowing unauthenticated file access via path traversal. CrowdStrike recently disclosed a critical vulnerability, tracked ...
Pierluigi Paganini
April 26, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Morpheus: A new Spyware linked to IPS Intelligence The iPho ...
Pierluigi Paganini
April 26, 2026
Trigona ransomware now uses a custom command-line tool to steal data faster and evade detection, replacing tools like Rclone and MegaSync. Symantec researchers report that recent Trigona ransomwar ...
Pierluigi Paganini
April 26, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
April 26, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ...
Pierluigi Paganini
April 25, 2026
Attackers exploit a Breeze Cache flaw (CVE-2026-3844) to upload files without login. Wordfence researchers detected over 170 attacks. Threat actors are exploiting a critical flaw, tracked as CVE-2 ...
Pierluigi Paganini
April 25, 2026
CISA said a federal Cisco Firepower ASA device was infected with the FIRESTARTER backdoor in Sept 2025, and it survived security patches. CISA revealed that a U.S. federal civilian agency’s Cisc ...
Pierluigi Paganini
April 25, 2026
'Pack2TheRoot' flaw lets local Linux users gain root via PackageKit. CVE-2026-41651 (8.8) has existed for nearly 12 years. The Pack2TheRoot flaw, tracked as CVE-2026-41651, lets unprivileged users ...
Pierluigi Paganini
April 24, 2026
Germany’s Bundestag President Klöckner was targeted in a Signal phishing attack via a fake CDU group chat. Germany’s Bundestag President Julia Klöckner has reportedly become the latest Euro ...
Pierluigi Paganini
April 24, 2026
Bitwarden CLI was hit by the Checkmarx supply chain attack. Version 2026.4.0 shipped malicious code in bw1.js via a compromised GitHub Action. Bitwarden CLI has been compromised as part of the ong ...
Pierluigi Paganini
April 24, 2026
UK National Cyber Security Centre (NCSC) warns China-linked hackers use hijacked devices as proxy networks to hide activity and evade detection. UK National Cyber Security Centre (NCSC) and global ...
Pierluigi Paganini
April 24, 2026
Rituals disclosed a breach where hackers accessed and downloaded some My Rituals members’ data, including names and addresses. Luxury cosmetics giant Rituals disclosed a data breach impacting My ...
Pierluigi Paganini
April 23, 2026
Apple fixed an iOS flaw that kept deleted notifications on devices, allowing recovery of messages, including from apps like Signal. Apple released updates for iOS and iPadOS to address the vulnera ...
Pierluigi Paganini
April 23, 2026
Leaked data from RAMP reveals Russia’s ransomware ecosystem, analyzing 1,732 threads, 7,707 users, and 340,000 IP records from the forum. RAMP was not just another dark web forum. It was one of ...
Pierluigi Paganini
April 23, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security ...
Pierluigi Paganini
April 23, 2026
A new GoGra Linux malware uses Microsoft Graph API and an Outlook inbox to deliver payloads, making it stealthy and hard to detect. A new Linux version of the GoGra backdoor uses Microsoft’s Gra ...
Pierluigi Paganini
April 23, 2026
Mastodon suffered a major DDoS attack shortly after a similar incident hit Bluesky. The outage was significant but resolved within a few hours. Mastodon was hit by a major DDoS attack just days af ...
Pierluigi Paganini
April 22, 2026
