MUST READ

Patch now: TP-Link Archer NX routers vulnerable to firmware takeover

 | 

Recent Navia data breach impacts HackerOne employee data

 | 

FCC targets foreign router imports amid rising cybersecurity concerns

 | 

Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca

 | 

Malicious LiteLLM versions linked to TeamPCP supply chain attack

 | 

Data breach at Dutch Ministry of Finance impacts staff following cyberattack

 | 

QualDerm Partners December 2025 data breach impacts over 3 Million people

 | 

Citrix NetScaler critical flaw could leak data, update now

 | 

81-month sentence for Russian hacker behind major ransomware campaigns

 | 

North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware

 | 

QNAP fixed four vulnerabilities demonstrated at Pwn2Own Ireland 2025

 | 

Pro-Iranian Nasir Security is targeting energy companies in the Gulf

 | 

44 Aqua Security repositories defaced after Trivy supply chain breach

 | 

Iran-linked actors use Telegram as C2 in malware attacks on dissidents

 | 

International police Operation Alice take down 373,000 dark web sites exploiting children

 | 

Russia-linked actors target WhatsApp and Signal in phishing campaign

 | 

Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager

 | 

U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 89

 | 

Security Affairs newsletter Round 568 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

LATEST NEWS

VIEW ALL
Artificial Intelligence
Anthropic Claude Opus AI model discovers 22 Firefox bugs
Pierluigi Paganini March 09, 2026

Anthropic used Claude Opus 4.6 to identify 22 Firefox vulnerabilities, most of which were high severity, all of which were fixed in Firefox 148, released in January 2026. Anthropic discovered 22 s ...

Security
Critical Nginx UI flaw CVE-2026-27944 exposes server backups
Pierluigi Paganini March 08, 2026

Nginx UI flaw CVE-2026-27944 lets attackers download and decrypt server backups without authentication, exposing sensitive data on public management interfaces. A critical vulnerability in Nginx U ...

Malware
Massive GitHub malware operation spreads BoryptGrab stealer
Pierluigi Paganini March 08, 2026

Trend Micro found BoryptGrab stealer spreading through 100+ GitHub repositories, stealing browser data, crypto wallets, system information, and user files. Trend Micro uncovered a campaign distrib ...

Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87
Pierluigi Paganini March 08, 2026

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malware Reverse Engineering is no longer ...

top articles

Researchers warn of unpatched, critical Telnetd flaw affecting all versions
March 18, 2026
Tracking the Iran War: A Month of Escalation and Regional Impact
March 18, 2026
French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure
March 20, 2026
Citrix NetScaler critical flaw could leak data, update now
March 24, 2026
Pro-Iranian Nasir Security is targeting energy companies in the Gulf
March 23, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Internet of Things

Patch now: TP-Link Archer NX routers vulnerable to firmware takeover

March 25, 2026

Data Breach
Recent Navia data breach impacts HackerOne employee data

March 25, 2026

Security
FCC targets foreign router imports amid rising cybersecurity concerns

March 25, 2026

Data Breach
Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca

March 25, 2026

Hacking
Malicious LiteLLM versions linked to TeamPCP supply chain attack

March 25, 2026

recent articles

Internet of Things
Patch now: TP-Link Archer NX routers vulnerable to firmware takeover

TP-Link patched a high severity flaw (CVE-2025-15517) in Archer NX routers that could let attackers bypass authentication and install malicious firmware. TP-Link issued security updates for its Ar ...

Pierluigi Paganini March 25, 2026
Data Breach
Recent Navia data breach impacts HackerOne employee data

A Navia breach exposed personal data of nearly 300 HackerOne employees after attackers compromised the benefits provider. HackerOne revealed that a data breach at Navia Benefit Solutions exposed t ...

Pierluigi Paganini March 25, 2026
Security
FCC targets foreign router imports amid rising cybersecurity concerns

The FCC will ban new foreign-made routers in the U.S. over security risks, unless approved by DHS or defense authorities. The U.S. FCC announced a ban on importing new foreign-made consumer router ...

Pierluigi Paganini March 25, 2026
Data Breach
Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca

Cybercrime group Lapsus$ claims it hacked AstraZeneca, stealing 3GB of data including credentials, code, and employee information. The Lapsus$ group claims it breached AstraZeneca, stealing about ...

Pierluigi Paganini March 25, 2026
Hacking
Malicious LiteLLM versions linked to TeamPCP supply chain attack

TeamPCP backdoored LiteLLM v1.82.7–1.82.8, likely via Trivy CI/CD, adding tools to steal credentials, move in Kubernetes, and keep persistent access. Threat actor TeamPCP compromised LiteLLM ver ...

Pierluigi Paganini March 25, 2026
Data Breach
Data breach at Dutch Ministry of Finance impacts staff following cyberattack

Dutch Ministry of Finance disclosed a data breach affecting some employees following a cyberattack, investigation is ongoing. The Dutch Ministry of Finance disclosed a cyberattack detected on Marc ...

Pierluigi Paganini March 24, 2026
Data Breach
QualDerm Partners December 2025 data breach impacts over 3 Million people

Over 3.1M people affected as QualDerm Partners suffered a December 2025 breach, exposing personal, medical, and health insurance data. Over 3.1 million people are affected by a December 2025 data ...

Pierluigi Paganini March 24, 2026
Security
Citrix NetScaler critical flaw could leak data, update now

Citrix warns of a critical NetScaler flaw (CVE-2026-3055) that could leak sensitive data; users are urged to apply security updates immediately. Citrix issued security updates for two NetScaler vu ...

Pierluigi Paganini March 24, 2026
Cyber Crime
81-month sentence for Russian hacker behind major ransomware campaigns

U.S. sentences Russian hacker Aleksei Volkov to 81 months in prison for aiding ransomware attacks, causing over $9M in damages. A U.S. court sentenced Aleksei Olegovich Volkov to 81 months in pris ...

Pierluigi Paganini March 24, 2026
Security
North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware

North Korea-linked threat actors use VS Code auto-run tasks to spread StoatWaffle malware via malicious projects that execute on folder open. North Korea-linked threat actor Team 8 behind the Cont ...

Pierluigi Paganini March 24, 2026
Security
QNAP fixed four vulnerabilities demonstrated at Pwn2Own Ireland 2025

QNAP fixed four vulnerabilities shown at Pwn2Own 2025 that could enable code execution, data access, or system disruption. Taiwanese vendor QNAP has addressed multiple vulnerabilities, including f ...

Pierluigi Paganini March 23, 2026
Cyber warfare
Pro-Iranian Nasir Security is targeting energy companies in the Gulf

Resecurity tracks Iran-linked Nasir Security targeting Middle East energy firms amid ongoing regional cyber and military threats. Resecurity (USA) is tracking a relatively new cybercriminal group ...

Pierluigi Paganini March 23, 2026
Hacking
44 Aqua Security repositories defaced after Trivy supply chain breach

Malicious Trivy images on Docker Hub spread infostealer malware, exposing developers after a supply chain attack. Researchers found malicious Trivy images on Docker Hub linked to a supply chain at ...

Pierluigi Paganini March 23, 2026
Malware
Iran-linked actors use Telegram as C2 in malware attacks on dissidents

Iran-linked actors use Telegram as C2 to spread malware targeting dissidents and journalists, enabling surveillance and data theft. The FBI warns that Iran’s Ministry of Intelligence and Securit ...

Pierluigi Paganini March 23, 2026
Uncategorized
International police Operation Alice take down 373,000 dark web sites exploiting children

Operation Alice: Police dismantle a massive dark web network with 373,000 fake sites luring users seeking child sexual abuse material. An international law enforcement operation, code named Operat ...

Pierluigi Paganini March 23, 2026
Intelligence
Russia-linked actors target WhatsApp and Signal in phishing campaign

Russia-linked actors target WhatsApp and Signal accounts of officials and journalists via phishing, gaining access to messages and contacts. Threat actors linked to Russian Intelligence Services  ...

Pierluigi Paganini March 22, 2026
Security
Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager

Oracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated remote code execution in Identity Manager. Oracle released security updates to address a critical vulnera ...

Pierluigi Paganini March 22, 2026
Security
U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...

Pierluigi Paganini March 22, 2026
Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 89

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter New Payload ransomware - malware analysi ...

Pierluigi Paganini March 22, 2026
Breaking News
Security Affairs newsletter Round 568 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini March 22, 2026