MUST READ

ENISA NIS360 2026: Progress Across the Board, But the Sectors That Matter Most Are Still Falling Short

 | 

GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure

 | 

Ransomware Operators Keep Business Hours. The Data Proves It

 | 

CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password

 | 

CIFSwitch, a Linux Root Bug Hidden in Plain Sight for 19 Years

 | 

U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog

 | 

The Pentagon Finally Admits That Location Data Is a Battlefield Problem

 | 

CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

 | 

Security Affairs newsletter Round 579 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers

 | 

Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys

 | 

Botnet of 17 Million Devices Dismantled in the Netherlands

 | 

Meet GREYVIBE, the Russia-Linked Hacking Group Using AI to Target Ukraine and Still Making Rookie Mistakes

 | 

DIL Observatory: when the World Escalates, the Underground Responds

 | 

Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.

 | 

BTMOB RAT Gives Criminals a Point-and-Click Kit to Take Over Your Android Phone

 | 

Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers

 | 

CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks

 | 

Resecurity Supports Microsoft DCU in Disrupting Fox Tempest ’s Cybercriminal Code-Signing Ecosystem

 | 

LATEST NEWS

VIEW ALL
Breaking News
Cryptowall cost victims $18 Million since 2014 warns FBI
Pierluigi Paganini June 24, 2015

Between April 2014 and June 2015, the IC3 received 992 CryptoWall related complaints, with victims reporting losses totaling over $18 million. Cryptowall is one of the most nefarious ransomware in ...

Breaking News
NIST releases cyber security guidelines for government contractors
Pierluigi Paganini June 24, 2015

The NIST has published a document for protecting Controlled Unclassified Information (CUI) when it resides on contractors IT infrastructures. The National Institute of Standards and Technology (NIST) ...

Breaking News
Adobe fixed the CVE-2015-3113 that is being exploited in the wild
Pierluigi Paganini June 23, 2015

Adobe has released a security update for the critical Adobe Flash Player vulnerability CVE-2015-3113 that is being actively exploited in the wild. Security experts at FireEye discovered a critical he ...

Breaking News
Microsoft will not patch an IE exploit affecting million 32bit systems
Pierluigi Paganini June 23, 2015

Security expert Dustin Childs publicly disclosed a Microsoft IE exploit that affects only 32-bit IE platforms which are currently used by millions of users. The HP security expert Dustin Childs p ...

top articles

Hackers access Booking.com user data, company secures systems
April 13, 2026
Inside ZionSiphon: politically driven malware aims at Israeli water systems
April 17, 2026
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace
April 23, 2026
Checkmarx supply chain attack impacts Bitwarden npm distribution path
April 24, 2026
Critical CrowdStrike LogScale bug could have allowed file access, but no exploitation was observed
April 26, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Reports

ENISA NIS360 2026: Progress Across the Board, But the Sectors That Matter Most Are Still Falling Short

June 02, 2026

Breaking News
GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure

June 02, 2026

Cyber Crime
Ransomware Operators Keep Business Hours. The Data Proves It

June 01, 2026

Hacking
CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password

June 01, 2026

Security
CIFSwitch, a Linux Root Bug Hidden in Plain Sight for 19 Years

June 01, 2026

recent articles

Reports
ENISA NIS360 2026: Progress Across the Board, But the Sectors That Matter Most Are Still Falling Short

ENISA NIS360 2026 shows cybersecurity improving across EU critical sectors, but health, water, rail, and space remain in the risk zone. ENISA has published its third annual NIS360 report, assessin ...

Pierluigi Paganini June 02, 2026
Breaking News
GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure

Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware ...

Pierluigi Paganini June 02, 2026
Cyber Crime
Ransomware Operators Keep Business Hours. The Data Proves It

16,699 ransomware leak posts over 2 years show 84% drop Monday–Friday, peak at European afternoon hours. October spikes yearly. Someone analyzed 16,699 ransomware leak-site posts across 200 gro ...

Pierluigi Paganini June 01, 2026
Hacking
CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password

CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create WordPress admin accounts. 2,858 attacks blocked in 24 hours. WP Maps Pro plugin allows WordPress site owners to embed Google Maps ...

Pierluigi Paganini June 01, 2026
Security
CIFSwitch, a Linux Root Bug Hidden in Plain Sight for 19 Years

CIFSwitch is a 19-year-old Linux logic bug turning forged CIFS auth keys into root. Affects Mint, CentOS, Rocky, Kali, SLES. CIFSwitch stands apart from typical privilege escalation vulnerabilitie ...

Pierluigi Paganini June 01, 2026
Security
U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...

Pierluigi Paganini June 01, 2026
Cyber warfare
The Pentagon Finally Admits That Location Data Is a Battlefield Problem

The Pentagon confirmed adversaries are using commercial location data to track U.S. troops, exposing risks tied to smartphones and ad-tech networks. For years, security researchers, privacy advoca ...

Pierluigi Paganini June 01, 2026
Security
CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

CVE-2026-0257 lets attackers forge Palo Alto GlobalProtect auth cookies and bypass VPN login. Exploitation confirmed since May 17. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on M ...

Pierluigi Paganini May 31, 2026
Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026- ...

Pierluigi Paganini May 31, 2026
Security
Security Affairs newsletter Round 579 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini May 31, 2026
Uncategorized
ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers

Cybercrime group ShinyHunters leaked data allegedly stolen from Charter Communications, exposing millions of customer records after a failed extortion attempt. The ShinyHunters extortion group has ...

Pierluigi Paganini May 30, 2026
Security
Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys

Attackers are texting Signal users posing as Support, asking for backup recovery keys. Once obtained, they can decrypt the entire message history, not just future chats. A phishing campaign is cur ...

Pierluigi Paganini May 30, 2026
Malware
Botnet of 17 Million Devices Dismantled in the Netherlands

Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet of at least 17 million devices and sei ...

Pierluigi Paganini May 30, 2026
APT
Meet GREYVIBE, the Russia-Linked Hacking Group Using AI to Target Ukraine and Still Making Rookie Mistakes

GREYVIBE, a Russia-linked group active since 2025, targets Ukraine with AI-assisted malware and five attack chains. Researchers say it's part spy op, part crime gang. Security firm WithSecure has ...

Pierluigi Paganini May 29, 2026
Security
DIL Observatory: when the World Escalates, the Underground Responds

Digital Intelligence Lab (DIL) launches an observatory for reading cyber events as what they actually are: signals of a broader social and geopolitical reality. The timing rarely lies, and the con ...

Pierluigi Paganini May 29, 2026
Security
Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.

A researcher dropped 6 Windows zero-days with no warning. Three are now exploited in the wild. Microsoft is angry. The researcher says Microsoft ignored them first. Over the past month, a research ...

Pierluigi Paganini May 29, 2026
Malware
BTMOB RAT Gives Criminals a Point-and-Click Kit to Take Over Your Android Phone

BTMOB sells Android full-device takeover as a kit, no coding needed. It steals data, records screens, and hands attackers remote control for $5,000 lifetime. Most Android malware requires at least ...

Pierluigi Paganini May 29, 2026
Uncategorized
Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers

Carnival disclosed a data breach affecting nearly 6 million people after hackers used social engineering to access employee accounts. Carnival Corporation is notifying nearly 6 million people afte ...

Pierluigi Paganini May 28, 2026
Malware
CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks

Threat actors are exploiting a critical FortiClient EMS flaw, tracked as CVE-2026-35616, to deploy malware on unpatched systems. Threat actors are exploiting a critical FortiClient EMS vulnerabili ...

Pierluigi Paganini May 28, 2026
Security
Resecurity Supports Microsoft DCU in Disrupting Fox Tempest ’s Cybercriminal Code-Signing Ecosystem

Microsoft and Resecurity disrupted Fox Tempest, a malware-signing service that used fake Microsoft certificates to make malware look legitimate. Resecurity supported Microsoft’s Digital Crimes U ...

Pierluigi Paganini May 28, 2026