LATEST NEWS

VIEW ALL
Facebook dismantled Lecpetex botnet which infected 250,000 Computers
Pierluigi Paganini July 10, 2014

Facebook in a joint operation with the Greek Cyber Crime Division dismantled the Lecpetex botnet, which infected 250,000 Computers in different countries. Facebook has announced to have successfully ...

Google blocked unauthorized digital certificates issued by NIC India
Pierluigi Paganini July 10, 2014

Google Security experts have detected and blocked unauthorized digital certificates for a number of its domains issued by the NIC of India. Google announced to have blocked unauthorized digital cert ...

Hacking LIFX Smart LED Light bulbs to steal WiFi Passwords
Pierluigi Paganini July 09, 2014

Context Information Security firm has discovered a security vulnerability in LIFX smart LED light bulbs that can be remotely controlled by mobile devices. Researchers at Context Information Security ...

Deep Panda hacking team targeting US experts on Iraq
Pierluigi Paganini July 09, 2014

Researchers at CrowdStrike reveal that hacking team dubbed Deep Panda is targeting US think thank firms with a significant knowledge on the Iraqi situation. CrowdStrike security firm revealed that a ...

recent articles

Hacking
Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets

Attackers are exploiting a critical Gitea flaw (CVE-2026-20896) that bypasses authentication with a single HTTP header, exposing repositories and sensitive data. Sysdig researchers warn that attac ...

Pierluigi Paganini July 07, 2026
Hacktivism
Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)

Spain arrested a suspected CARR and Z-Pentest collaborator in an FBI-led probe for aiding pro-Russian hackers, coordinating attacks, and using crypto. Spanish National Police arrested a man in Pal ...

Pierluigi Paganini July 07, 2026
Security
Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available

CERT/CC warns an unpatched backdoor in several Tenda routers lets attackers bypass login and gain full admin access with a hidden password. CERT/CC published an alert documenting an undocumented a ...

Pierluigi Paganini July 07, 2026
APT
AI-Generated Malware Powers New Armored Likho APT Campaign

Armored Likho APT uses AI-generated malware, phishing, and BusySnake Stealer to target governments and power grids in Russia, Kazakhstan, and Brazil. Kaspersky's threat research team has documente ...

Pierluigi Paganini July 07, 2026
Security
Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks

Januscape: A 16-year-old Linux KVM flaw lets cloud VM tenants crash hosts and potentially escape guests. It affects Intel and AMD systems. Security researcher Hyunwoo Kim has published details of ...

Pierluigi Paganini July 07, 2026
Hacking
Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild

Attackers are exploiting the critical Adobe ColdFusion flaw CVE-2026-48282, which allows remote code execution on unpatched servers. Attackers have started exploiting CVE-2026-48282, a maximum-sev ...

Pierluigi Paganini July 06, 2026
Artificial Intelligence
Hidden Web Prompts Trick AI Agents Into Sending Money

Hidden prompts on malicious websites trick AI agents into making payments or trusting fake sites, exposing new risks for autonomous AI workflows. Zscaler ThreatLabz documented two active campaigns ...

Pierluigi Paganini July 06, 2026
Security
Seven Bugs in FatFs Put IoT and Embedded Devices at Risk

runZero found 7 flaws in FatFs, a filesystem used in IoT and embedded devices. Bugs can cause memory corruption, crashes, or data leaks via crafted storage. Cybersecurity firm runZero has disclose ...

Pierluigi Paganini July 06, 2026
Hacking
Bad Epoll Flaw Gives Attackers Root Access on Linux and Android

Bad Epoll (CVE-2026-46242) lets local attackers gain root on Linux and Android. The flaw was missed by AI but found by a security researcher. A newly disclosed Linux kernel vulnerability, named&nb ...

Pierluigi Paganini July 06, 2026
Cyber Crime
Medtronic Notifies 3.8 Million After ShinyHunters Data Breach

Medtronic says a ShinyHunters attack exposed the personal and medical data of over 3.8 million people. Products and operations were unaffected. Medtronic is notifying 3,834,294 individuals after a ...

Pierluigi Paganini July 05, 2026
Uncategorized
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hijacked npm Packages Use Novel VSCode A ...

Pierluigi Paganini July 05, 2026
Security
Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini July 05, 2026
Security
U.S. Government Agency Paid $1M to Data Extortion Group Kairos

A U.S. government agency paid $1M to Kairos, a group focused on data theft and extortion rather than ransomware, Ransom-ISAC reports. A new case study from Ransom-ISAC reconstructs a complete data ...

Pierluigi Paganini July 04, 2026
Cyber Crime
FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials

FBI says TeamPCP poisoned trusted developer tools to steal cloud credentials, spread malware through software updates, and extort victims. On July 2, 2026, the FBI published a FLASH alert identify ...

Pierluigi Paganini July 04, 2026
Malware
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds

A former EU lawmaker was hacked with Pegasus spyware while investigating its use, according to Citizen Lab. The Citizen Lab published a report documenting one of the more darkly ironic findings in ...

Pierluigi Paganini July 03, 2026
Artificial Intelligence
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation

Sysdig reports an AI agent ran a full ransomware attack end-to-end, exploiting flaws, stealing creds, moving laterally, and encrypting data without humans. Sysdig's Threat Research Team has docume ...

Pierluigi Paganini July 03, 2026
Hacking
The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident

Vercel breach happened after an employee used an unvetted AI tool. Attackers exploited it as a trusted link to access systems, steal data, and extort $2M. The Vercel breach of April 2026 did not b ...

Pierluigi Paganini July 03, 2026
Cyber Crime
Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut

Google disrupted NetNut, a major proxy network that routed internet traffic through compromised home devices used by cybercriminals. Google has disrupted NetNut, one of the world's largest residen ...

Pierluigi Paganini July 03, 2026
Security
Government and Healthcare Are the Weakest Links in Global Email Security

Government and healthcare sectors have weak email security. Many domains lack SPF, DMARC, DKIM, and MTA-STS, leaving them open to phishing attacks. Comparitech analyzed live DNS records for 5,849 ...

Pierluigi Paganini July 03, 2026
Security
Europe Confirms Record €4.1B Penalty Against Google for Android Practices

EU's top court upheld a €4.1B fine against Google, ruling it abused Android's market dominance through restrictive licensing practices. The Court of Justice of the European Union issued its ruli ...

Pierluigi Paganini July 02, 2026