Pierluigi Paganini
August 25, 2021
The South Korean multinational Samsung revealed that it can disable its Samsung TV sets remotely using the TV Block feature. Samsung TV sets can be remotely disabled by the vendor using a built-i ...
Pierluigi Paganini
August 24, 2021
The OpenSSL Project patched a high-severity vulnerability, tracked as CVE-2021-3711, that can allow an attacker to change an application’s behavior or cause the app to crash. The OpenSSL Projec ...
Pierluigi Paganini
August 24, 2021
Citizen Lab uncovered a new zero-click iMessage exploit that was used to deploy the NSO Group's Pegasus spyware on devices belonging to Bahraini activists. Researchers from Citizen Lab spotted a ...
Pierluigi Paganini
August 24, 2021
The FBI shared info about OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020. The Federal Bureau of Investigation (FBI) has pub ...
April 23, 2026
Operation EndGame disrupted SocGholish, taking down 106 servers and cleaning 14,971 WordPress sites used to spread fake-update malware. On June 18, 2026, law enforcement agencies from the Netherla ...
Pierluigi Paganini
June 19, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...
Pierluigi Paganini
June 19, 2026
A simple website flaw exposed members, political profiles, login tokens, and dating data from Peter Thiel 's secretive Dialog network. Dialog, a private invitation-only organization cofounded in 2 ...
Pierluigi Paganini
June 19, 2026
24 Billion Records Left Open Online: Passwords, Emails, and Everything Else Exposed database with 24 Billion records revealed stolen credentials from infostealers, Telegram channels, and breach co ...
Pierluigi Paganini
June 19, 2026
Cisco addressed CVE-2026-20181, a critical ISE vulnerability that lets authenticated admins execute commands and gain root access. Cisco addressed a critical command execution vulnerability, track ...
Pierluigi Paganini
June 18, 2026
F5 released emergency updates for critical NGINX flaws (CVE-2026-42530, CVE-2026-42055) that could enable unauthenticated code execution. F5 has issued out-of-band patches for multiple NGINX vulne ...
Pierluigi Paganini
June 18, 2026
Microsoft confirmed the RoguePlanet Defender zero-day (CVE-2026-50656), a privilege escalation flaw, and is developing a security patch. Microsoft has acknowledged the RoguePlanet zero-day affecti ...
Pierluigi Paganini
June 18, 2026
FortiBleed: Admin Passwords for 75,000 Fortinet Firewalls Are Out in the Wild. Half the Internet-Facing Fortinets on the Planet. Security researcher Bob Diachenko found a server sitting open on th ...
Pierluigi Paganini
June 18, 2026
DragonForce hid for months by routing malware traffic through Microsoft Teams infrastructure, masking C2 activity and evading network detection. DragonForce ransomware operators hit a major U.S. s ...
Pierluigi Paganini
June 17, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Widget Factory Joomla Content Editor (JCE) flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrast ...
Pierluigi Paganini
June 17, 2026
Rokarolla Android malware targets 217 banking and crypto apps, steals credentials, blocks bank calls, intercepts SMS, and disables Play Protect. Zimperium's zLabs researchers have published a deta ...
Pierluigi Paganini
June 17, 2026
EdTech firms face rising cyberattacks as ShinyHunters and FulcrumSec target schools, exposing sensitive data and disrupting services. Resecurity (USA) warns the education technology (EdTech) secto ...
Pierluigi Paganini
June 17, 2026
FulcrumSec leaked data stolen from Novo Nordisk, claiming to have exfiltrated 1.3TB, including clinical records and AI research assets. On June 15, 2026, a data-theft extortion group calling itsel ...
Pierluigi Paganini
June 17, 2026
China-linked FishMonger used two SprySOCKS Windows variants that leveraged kernel drivers and the Print Spooler to target governments in four countries. ESET researchers have found two previously ...
Pierluigi Paganini
June 17, 2026
iRhythm disclosed a cyberattack via third-party apps where patient and proprietary data was stolen, followed by a ransom demand. iRhythm Technologies is a U.S.-based digital healthcare company spe ...
Pierluigi Paganini
June 16, 2026
Three FortiSandbox flaws, including one patched last week, are being actively exploited, highlighting the shrinking window for defenders. Cybersecurity firm Defused Cyber confirmed it's seen activ ...
Pierluigi Paganini
June 16, 2026
Cisco warned that CVE-2026-20262, a Catalyst SD-WAN Manager vulnerability allowing arbitrary file writes, is being actively exploited. Cisco confirmed active exploitation of CVE-2026-20262, an arb ...
Pierluigi Paganini
June 16, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infras ...
Pierluigi Paganini
June 16, 2026
China's UNC6508 hid in North American medical research networks for 2 years, stealing credentials and forwarding emails to Gmail Google's Threat Intelligence Group published a report this week on ...
Pierluigi Paganini
June 16, 2026
Mackay Sugar, Australia's second-largest sugar producer, disclosed a cyberattack on June 10, potentially affecting key processing operations. Mackay Sugar is one of Australia's largest sugar produ ...
Pierluigi Paganini
June 15, 2026
