MUST READ

Luxury cosmetics giant Rituals discloses data breach impacting member personal details

 | 

iOS Flaw Let Deleted Notifications Linger, Apple Issues Fix

 | 

RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace

 | 

U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Graph API misused by new GoGra Linux malware for hidden communication

 | 

DDoS wave continues as Mastodon hit after Bluesky incident

 | 

Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers

 | 

Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

 | 

Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

 | 

Venezuela energy sector targeted by highly destructive Lotus wiper

 | 

Ransomware negotiator caught secretly assisting BlackCat extortion scheme

 | 

The US NSA is using Anthropic's Claude Mythos despite supply chain risk

 | 

U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog

 | 

Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility

 | 

France’s ANTS ID System website hit by cyberattack, possible data breach

 | 

Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft

 | 

CVE-2023-33538 under attack for a year, but exploitation still unsuccessful

 | 

Third-party AI hack triggers Vercel breach, internal environments accessed

 | 

AI Model Claude Opus turns bugs into exploits for just $2,283

 | 

Cyber attacks fuel surge in cargo theft across logistics industry

 | 

LATEST NEWS

VIEW ALL
Cyber Crime
Russian hacker Pavel Sitnikov arrested for distributing malware via Telegram
Pierluigi Paganini June 01, 2021

The popular Russian hacker Pavel Sitnikov was arrested by Russian authorities on charges of distributing malware via his Telegram channel. Pavel Sitnikov, a prominent figure of the hacking undergr ...

Cyber Crime
Prometheus and Grief - two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.
Pierluigi Paganini June 01, 2021

"Prometheus" and "Grief" - a multi-billion dollar ransomware market obtained two new emerging players. In today's world, information and data means money and the people that are stealing the infor ...

Hacking
Swedish Health Agency discloses hacking attempts
Pierluigi Paganini May 31, 2021

The Swedish Public Health Agency has shut down the country's infectious diseases database, SmiNet, last week after multiple hacking attempts. The Swedish Public Health Agency was forced to shut do ...

Intelligence
Denmark intel helped US NSA to spy on European politicians
Pierluigi Paganini May 31, 2021

Denmark’s foreign secret service allowed the US NSA to spy on European politicians through a Danish telecommunications hub. Journalists from Danish broadcaster DR recently received a document ...

top articles

The alleged breach of China’s National Supercomputing Center can have serious geopolitical consequences
April 09, 2026
Eurail data breach impacted 308,777 people
April 09, 2026
Hackers claim control over Venice San Marco anti-flood pumps
April 12, 2026
Hackers access Booking.com user data, company secures systems
April 13, 2026
Inside ZionSiphon: politically driven malware aims at Israeli water systems
April 17, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Data Breach

Luxury cosmetics giant Rituals discloses data breach impacting member personal details

April 23, 2026

Mobile
iOS Flaw Let Deleted Notifications Linger, Apple Issues Fix

April 23, 2026

Cyber Crime
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace

April 23, 2026

Hacking
U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog

April 23, 2026

Uncategorized
Microsoft Graph API misused by new GoGra Linux malware for hidden communication

April 23, 2026

recent articles

Data Breach
Luxury cosmetics giant Rituals discloses data breach impacting member personal details

Rituals disclosed a breach where hackers accessed and downloaded some My Rituals members’ data, including names and addresses. Luxury cosmetics giant Rituals disclosed a data breach impacting My ...

Pierluigi Paganini April 23, 2026
Mobile
iOS Flaw Let Deleted Notifications Linger, Apple Issues Fix

Apple fixed an iOS flaw that kept deleted notifications on devices, allowing recovery of messages, including from apps like Signal. Apple released updates for iOS and iPadOS to address the vulnera ...

Pierluigi Paganini April 23, 2026
Cyber Crime
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace

Leaked data from RAMP reveals Russia’s ransomware ecosystem, analyzing 1,732 threads, 7,707 users, and 340,000 IP records from the forum. RAMP was not just another dark web forum. It was one of ...

Pierluigi Paganini April 23, 2026
Hacking
U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security ...

Pierluigi Paganini April 23, 2026
Uncategorized
Microsoft Graph API misused by new GoGra Linux malware for hidden communication

A new GoGra Linux malware uses Microsoft Graph API and an Outlook inbox to deliver payloads, making it stealthy and hard to detect. A new Linux version of the GoGra backdoor uses Microsoft’s Gra ...

Pierluigi Paganini April 23, 2026
Cyber Crime
DDoS wave continues as Mastodon hit after Bluesky incident

Mastodon suffered a major DDoS attack shortly after a similar incident hit Bluesky. The outage was significant but resolved within a few hours. Mastodon was hit by a major DDoS attack just days af ...

Pierluigi Paganini April 22, 2026
Malware
Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers

Mirai botnet is targeting old D-Link routers using CVE-2025-29635, a command injection flaw exploitable via crafted POST requests after public PoC disclosure. A Mirai botnet is actively exploiting ...

Pierluigi Paganini April 22, 2026
Security
Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

Microsoft fixed critical ASP.NET Core vulnerability, tracked as CVE-2026-40372 (CVSS score of 9.1), that lets attackers escalate privileges. Microsoft released out-of-band updates to address a ser ...

Pierluigi Paganini April 22, 2026
Hacking
Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

22 BRIDGE:BREAK flaws hit Lantronix and Silex Technology converters, exposing approximately 20,000 devices to hijacking and data tampering. Researchers at Forescout Research Vedere Labs found 22 B ...

Pierluigi Paganini April 22, 2026
Malware
Venezuela energy sector targeted by highly destructive Lotus wiper

Lotus Wiper hit Venezuelan energy systems, used scripts to disable defenses, then erased all data beyond recovery. Kaspersky researchers found Lotus Wiper targeting Venezuela’s energy and utilit ...

Pierluigi Paganini April 22, 2026
Security
Ransomware negotiator caught secretly assisting BlackCat extortion scheme

Angelo Martino pleaded guilty to helping BlackCat ransomware group while acting as a ransomware negotiator. Another U.S. cybersecurity expert, Angelo Martino, admitted helping the BlackCat ransomw ...

Pierluigi Paganini April 21, 2026
Artificial Intelligence
The US NSA is using Anthropic's Claude Mythos despite supply chain risk

Axios reports the National Security Agency uses Anthropic Mythos model despite Department of Defense concerns, blurring AI risk vs defense lines. The reported use of Anthropic’s Mythos model by ...

Pierluigi Paganini April 21, 2026
Hacking
U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited V ...

Pierluigi Paganini April 21, 2026
Security
Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility

Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its se ...

Pierluigi Paganini April 21, 2026
Data Breach
France’s ANTS ID System website hit by cyberattack, possible data breach

A cyberattack hit France’s ANTS website, possibly exposing personal data from users applying for IDs, passports, and driver’s licenses. A cyberattack targeted France’s ANTS platform, which h ...

Pierluigi Paganini April 20, 2026
Cyber Crime
Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft

Tyler Buchanan, linked to Scattered Spider, pleaded guilty in the US to hacking companies and stealing millions in cryptocurrency. Tyler Buchanan, a 24-year-old from Scotland linked to the Scatter ...

Pierluigi Paganini April 20, 2026
Hacking
CVE-2023-33538 under attack for a year, but exploitation still unsuccessful

Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. Hackers have been trying for over a year to exploit a serious flaw ...

Pierluigi Paganini April 20, 2026
Data Breach
Third-party AI hack triggers Vercel breach, internal environments accessed

Vercel suffered a breach after a hacked Context.ai tool exposed an employee account, letting attackers access limited internal systems and non-sensitive data. Vercel reported a security breach cau ...

Pierluigi Paganini April 20, 2026
Artificial Intelligence
AI Model Claude Opus turns bugs into exploits for just $2,283

Claude Opus created a working Chrome exploit for $2,283, showing that widely available AI models can already find and weaponize vulnerabilities. Claude Opus managed to produce a functional Chrome ...

Pierluigi Paganini April 20, 2026
Security
Cyber attacks fuel surge in cargo theft across logistics industry

Hackers infiltrate logistics firms to steal cargo and divert payments, cyberattacks are linked to organized crime and rising losses. Proofpoint researchers observed crooks targeting trucking and l ...

Pierluigi Paganini April 19, 2026