Security Affairs - Page 214 of 1831 - Read, think, share … Security is everyone's responsibility

LATEST NEWS

VIEW ALL

Convert Plus WordPress plugin flaw allows hackers to create Admin accounts

Pierluigi Paganini May 30, 2019

The WordPress plugin Convert Plus is affected by a critical flaw that could be exploited by an unauthenticated attacker to create accounts with administrator privileges. The WordPress plugin Conve ...

VPNpro research: this Chinese-linked company secretly owns 10 VPNs with 86 million installs

Pierluigi Paganini May 30, 2019

Innovative Connecting is actually a Chinese company that secretly owns 10 VPN products with a total of 86 million installs under its belt. Recent research by the cybersecurity experts at VPNpro ...

Emissary Panda APT group hit Government Organizations in the Middle East

Pierluigi Paganini May 30, 2019

Chinese Cyber-Spies Target Government Organizations in Middle East Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East. Ex ...

Nansh0u campaign already infected 50,000 MS-SQL and PHPMyAdmin Servers

Pierluigi Paganini May 30, 2019

Guardicore Labs uncovered a widespread cryptojacking campaign tracked as Nansh0u and aimed at Windows MS-SQL and PHPMyAdmin servers. Security experts at Guardicore Labs uncovered a widespread cryp ...

1
2
2526
2527
2528
2529
2530
4575
4576
4577

most popular

VIEW ALL

WorldLeaks ransomware group breached the City of Los Angels

March 21, 2026

PolyShell flaw exposes Magento and Adobe Commerce to file upload attacks

March 21, 2026

7,500+ Magento sites defaced in global hacking campaign

March 20, 2026

Navia data breach impacts nearly 2.7 Million people

March 20, 2026

Apple urges iPhone users to update as Coruna and DarkSword exploit kits emerge

March 20, 2026

recent articles

Data Breach

WorldLeaks ransomware group breached the City of Los Angels

WorldLeaks group hit Los Angeles and its Metro system, forcing a shutdown, while two Bay Area cities declared emergencies after ransomware attacks. WorldLeaks group hit Los Angeles and its Metro, ...

Pierluigi Paganini March 21, 2026

Security

PolyShell flaw exposes Magento and Adobe Commerce to file upload attacks

Sansec found a Magento and Adobe Commerce REST API flaw, named PolyShell, which allows unauthenticated file uploads and possible XSS in older versions. Sansec disclosed a critical flaw in the Mage ...

Pierluigi Paganini March 21, 2026

Hacking

7,500+ Magento sites defaced in global hacking campaign

Hackers defaced 7,500 Magento sites since Feb 27, uploading files across 15,000 hostnames, mostly opportunistic attacks. Since February 27, a large-scale campaign has defaced over 7,500 Magento si ...

Pierluigi Paganini March 20, 2026

Data Breach

Navia data breach impacts nearly 2.7 Million people

Navia Benefit Solutions data breach exposed 2.7M people after attackers accessed systems from December 2025 to January 2026. Navia Benefit Solutions disclosed a data breach affecting 2,697,540 ind ...

Pierluigi Paganini March 20, 2026

Security

Apple urges iPhone users to update as Coruna and DarkSword exploit kits emerge

Apple warns that outdated iPhones are vulnerable to Coruna and DarkSword exploit kits and urges users to update iOS. Apple has warned that iPhones running outdated iOS versions are at risk from ex ...

Pierluigi Paganini March 20, 2026

Cyber Crime

Global law enforcement operation targets AISURU, Kimwolf, JackSkid botnet operators

DoJ disrupted IoT botnets’ C2 infrastructure with global partners, targeting operators behind AISURU, Kimwolf, JackSkid, and others. The U.S. DoJ disrupted command-and-control infrastructure use ...

Pierluigi Paganini March 20, 2026

Intelligence

French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure

A French aircraft carrier was tracked in real time via a sailor’s Strava activity, exposing a persistent operational security flaw. Le Monde revealed that France’s aircraft carrier Charles de ...

Pierluigi Paganini March 20, 2026

Security

Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking

Ubiquiti fixed two UniFi vulnerabilities, including a critical flaw that could let attackers take over user accounts. Ubiquiti patched two vulnerabilities in its UniFi Network app, including a max ...

Pierluigi Paganini March 19, 2026

Security

U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity a ...

Pierluigi Paganini March 19, 2026

Security

Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376

Russian APT exploits a critical XSS flaw in Zimbra, tracked as CVE-2025-66376, running scripts via HTML emails to target users in Ukraine. Russia-linked threat actor exploits a high-severity XSS v ...

Pierluigi Paganini March 19, 2026

Hacking

DarkSword emerges as powerful iOS exploit tool in global attacks

DarkSword, a new iOS exploit kit, is used by multiple actors to steal data in campaigns targeting Saudi Arabia, Turkey, Malaysia, and Ukraine. Lookout Threat Labs discovered a new iOS exploit kit ...

Pierluigi Paganini March 19, 2026

Malware

Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulner ...

Pierluigi Paganini March 19, 2026

Intelligence

Russia establishes Vienna as key western spy hub targeting NATO

Russia uses Vienna as its largest Western spy hub, monitoring NATO and other sensitive communications via diplomatic sites and satellite dishes. Western intelligence reports that Russia has transf ...

Pierluigi Paganini March 19, 2026

Security

U.S. CISA adds Microsoft SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Age ...

Pierluigi Paganini March 18, 2026

Hacking

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company Dream disclosed a critical flaw, tracked as ...

Pierluigi Paganini March 18, 2026

Security

CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit

Ubuntu flaw CVE-2026-3888 lets attackers gain root via a systemd timing exploit, affecting Desktop 24.04+ with high severity. Qualys researchers found a high-severity flaw, tracked as CVE-2026-388 ...

Pierluigi Paganini March 18, 2026

Data Breach

Robotic surgery firm Intuitive reports data breach after targeted phishing attack

Intuitive suffered a phishing attack leading to a data breach exposing customer, employee, and corporate information. Intuitive is an American company that designs, manufactures, and sells robotic ...

Pierluigi Paganini March 18, 2026

Cyber warfare

Tracking the Iran War: A Month of Escalation and Regional Impact

Iran war likely prolonged, increasing cyber threats, energy disruption, and instability, with companies in the Middle East facing higher risk. Resecurity (USA) released a strategic intelligence u ...

Pierluigi Paganini March 18, 2026

Security

EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure

EU sanctions Chinese and Iranian firms and individuals for cyberattacks targeting critical infrastructure and over 65,000 devices across member states. The Council of the European Union has impose ...

Pierluigi Paganini March 17, 2026

Malware

RondoDox botnet expands arsenal targeting 174 flaws, and hits 15,000 daily exploit attempts

RondoDox botnet targets 174 flaws, reaching 15,000 daily exploit attempts in a more focused and strategic campaign. RondoDox botnet is ramping up attacks, targeting 174 vulnerabilities with up to ...

Pierluigi Paganini March 17, 2026