Pierluigi Paganini
September 11, 2017
Media and experts speculate Equifax Hack was the result of the exploitation of the recently discovered critical vulnerability CVE-2017-9805 in Apache Struts. Last week Equifax reported a huge data br ...
Pierluigi Paganini
September 11, 2017
The US-CERT is warning of hackers can remotely access Smiths Medical Syringe Infusion Pumps to control them and kill patients. IoT devices continue to enlarge our surface of attack, and in some case ...
Pierluigi Paganini
September 11, 2017
Google just fixed a high-severity Android vulnerability, tracked as CVE-2017-0752, that ties with the Toast Overlay attacks. Security researchers with Palo Alto Networks Unit 42, warned of a high-sev ...
Pierluigi Paganini
September 10, 2017
Crooks are abusing Facebook CDN servers to deliver malware and evading detection exploiting the trust in the CDN network of the social networking giant. Crooks are abusing Facebook CDN (Content Deliv ...
April 23, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Widget Factory Joomla Content Editor (JCE) flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrast ...
Pierluigi Paganini
June 17, 2026
Rokarolla Android malware targets 217 banking and crypto apps, steals credentials, blocks bank calls, intercepts SMS, and disables Play Protect. Zimperium's zLabs researchers have published a deta ...
Pierluigi Paganini
June 17, 2026
EdTech firms face rising cyberattacks as ShinyHunters and FulcrumSec target schools, exposing sensitive data and disrupting services. Resecurity (USA) warns the education technology (EdTech) secto ...
Pierluigi Paganini
June 17, 2026
FulcrumSec leaked data stolen from Novo Nordisk, claiming to have exfiltrated 1.3TB, including clinical records and AI research assets. On June 15, 2026, a data-theft extortion group calling itsel ...
Pierluigi Paganini
June 17, 2026
China-linked FishMonger used two SprySOCKS Windows variants that leveraged kernel drivers and the Print Spooler to target governments in four countries. ESET researchers have found two previously ...
Pierluigi Paganini
June 17, 2026
iRhythm disclosed a cyberattack via third-party apps where patient and proprietary data was stolen, followed by a ransom demand. iRhythm Technologies is a U.S.-based digital healthcare company spe ...
Pierluigi Paganini
June 16, 2026
Three FortiSandbox flaws, including one patched last week, are being actively exploited, highlighting the shrinking window for defenders. Cybersecurity firm Defused Cyber confirmed it's seen activ ...
Pierluigi Paganini
June 16, 2026
Cisco warned that CVE-2026-20262, a Catalyst SD-WAN Manager vulnerability allowing arbitrary file writes, is being actively exploited. Cisco confirmed active exploitation of CVE-2026-20262, an arb ...
Pierluigi Paganini
June 16, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infras ...
Pierluigi Paganini
June 16, 2026
China's UNC6508 hid in North American medical research networks for 2 years, stealing credentials and forwarding emails to Gmail Google's Threat Intelligence Group published a report this week on ...
Pierluigi Paganini
June 16, 2026
Mackay Sugar, Australia's second-largest sugar producer, disclosed a cyberattack on June 10, potentially affecting key processing operations. Mackay Sugar is one of Australia's largest sugar produ ...
Pierluigi Paganini
June 15, 2026
Novo Nordisk suffered a cyberattack where clinical trial data was copied. The breach is confirmed, but no threat actor has claimed responsibility. The Danish pharmaceutical giant Novo Nordisk disc ...
Pierluigi Paganini
June 15, 2026
Palo Alto Networks warns that attackers are actively exploiting CVE-2026-0257, a PAN-OS flaw that lets unauthorized users bypass authentication and establish VPN connections. Palo Alto Networks ha ...
Pierluigi Paganini
June 15, 2026
Attackers compromised Awesome Motive CDN files, backdooring WordPress sites running OptinMonster, TrustPulse, and PushEngage. Sansec researchers discovered an active supply chain attack hitting Wo ...
Pierluigi Paganini
June 15, 2026
The Gentlemen ransomware used infostealer credentials, AI tools, and affiliates to hit 483 victims across 66 countries in under a year. The Gentlemen surfaced as a ransomware operation in Septembe ...
Pierluigi Paganini
June 15, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter IronWorm: Shai-Hulud's rustier cousin ...
Pierluigi Paganini
June 14, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
June 14, 2026
Ukrainian national Oleksii Lytvynenko pleaded guilty in the U.S. for his role in Conti ransomware attacks targeting victims worldwide. Oleksii Oleksiyovych Lytvynenko (44), a Ukrainian national ex ...
Pierluigi Paganini
June 14, 2026
Anthropic disputes restrictions on Mythos 5 and Fable 5, arguing the decision lacks transparency and isn't based on clear technical evidence. On Friday June 12 at 5:21pm ET, Anthropic received a l ...
Pierluigi Paganini
June 13, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...
Pierluigi Paganini
June 13, 2026
