Pierluigi Paganini
April 23, 2024
The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the commercial spyware business. The US Department of State is imposing visa restrictions on 13 individ ...
Pierluigi Paganini
April 23, 2024
A cyber attack has been disrupting operations at Synlab Italia, a leading provider of medical diagnosis services, since April 18. Since April 18, Synlab Italia, a major provider of medical diagno ...
Pierluigi Paganini
April 22, 2024
Russia-linked APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit Windows Print Spooler service flaw. Microsoft reported that the Russia-linked APT28 group (aka “Forest Blizz ...
Pierluigi Paganini
April 22, 2024
A financially motivated group named GhostR claims the theft of a sensitive database from World-Check and threatens to publish it. World-Check is a global database utilized by various organizations ...
November 13, 2025
November 12, 2025
November 17, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...
Pierluigi Paganini
November 19, 2025
A remote code execution vulnerability, tracked as CVE-2025-11001, in the 7-Zip software is under active exploitation. A new 7-Zip flaw tracked as CVE-2025-11001 (CVSS score of 7.0) is now being a ...
Pierluigi Paganini
November 19, 2025
Operation WrtHug hijacks tens of thousands of outdated ASUS routers worldwide, mainly in Taiwan, the U.S., and Russia, forming a large botnet. A new campaign called Operation WrtHug has compromise ...
Pierluigi Paganini
November 19, 2025
U.S. CISA has added a second Fortinet FortiWeb vulnerability in just a few days to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)&nbs ...
Pierluigi Paganini
November 19, 2025
Eurofiber says hackers exploited a flaw on November 13, breached its ticket and customer portals, stole data, and attempted extortion. On November 13, threat actors exploited a vulnerability to br ...
Pierluigi Paganini
November 19, 2025
Fortinet patched a new FortiWeb zero-day, tracked as CVE-2025-58034, which attackers are actively exploiting. Fortinet patched a new FortiWeb zero-day, tracked as CVE-2025-58034 (CVSS score 6.7), ...
Pierluigi Paganini
November 19, 2025
The Pennsylvania Office of the Attorney General ("OAG") confirms a data breach following a ransomware attack by Inc Ransom group. The Pennsylvania Office of the Attorney General ("OAG") confirmed ...
Pierluigi Paganini
November 18, 2025
DoorDash says a social engineering attack led to a data breach exposing names, addresses, emails, and phone numbers of users, Dashers, and merchants. U.S.-based food delivery and logistics company ...
Pierluigi Paganini
November 18, 2025
Google patched two Chrome flaws, including a V8 type-confusion bug, tracked as including CVE-2025-13223, which was exploited in the wild. Google released Chrome security updates to address two fla ...
Pierluigi Paganini
November 18, 2025
Dutch police seized 250 servers running a bulletproof hosting service tied to cybercriminals and linked to over 80 investigations since 2022. Dutch police Politie, seized 250 servers running an un ...
Pierluigi Paganini
November 18, 2025
Microsoft says the Aisuru botnet launched a 15.7 Tbps DDoS on Azure from 500k IPs, using massive UDP floods peaking at 3.6 B pps. On October 24, 2025, Azure DDoS Protection detected and mitigated ...
Pierluigi Paganini
November 17, 2025
Jaguar Land Rover says the September 2025 cyberattack halted production, led to data theft, and cost £196M in the quarter. Jaguar Land Rover reported that a September 2025 cyberattack, claimed by ...
Pierluigi Paganini
November 17, 2025
North Korean Contagious Interview actors now host malware on JSON storage sites to deliver trojanized code projects, NVISO reports. North Korea-linked actors behind the Contagious Interview campai ...
Pierluigi Paganini
November 17, 2025
RondoDox botnet exploits unpatched XWiki flaw CVE-2025-24893 to gain RCE and infect more servers, despite fixes released in February 2025. RondoDox is targeting unpatched XWiki servers via critica ...
Pierluigi Paganini
November 17, 2025
Five pleaded guilty to aiding North Korea ’s illicit revenue via IT worker fraud, violating international sanctions. The U.S. Department of Justice announced that five people have pleaded guilty ...
Pierluigi Paganini
November 16, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter 9 Malicious NuGet Packages Deliver Time- ...
Pierluigi Paganini
November 16, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
November 16, 2025
China-linked actors used Anthropic’s AI to automate and run cyberattacks in a sophisticated 2025 espionage campaign using advanced agentic tools. China-linked threat actors used Anthropic’s AI ...
Pierluigi Paganini
November 16, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ( ...
Pierluigi Paganini
November 15, 2025
ASUS fixed a critical auth-bypass flaw (CVE-2025-59367) in DSL routers that let remote, unauthenticated attackers access devices with ease. ASUS patched a critical auth-bypass flaw, tracked as CVE ...
Pierluigi Paganini
November 14, 2025
