MUST READ

Pro-Palestinian hacktivist group Handala targets Stryker in global disruption

 | 

BeatBanker malware targets Android users with banking Trojan and crypto miner

 | 

Hewlett Packard Enterprise fixes critical authentication bypass in Aruba AOS-CX

 | 

KadNap bot compromises 14,000+ devices to route malicious traffic

 | 

Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs

 | 

Attackers exploit FortiGate devices to access sensitive network information

 | 

APT28 conducts long-term espionage on Ukrainian forces using custom malware

 | 

Threat actors use custom AuraInspector to harvest data from Salesforce systems

 | 

U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog

 | 

Ericsson US confirms breach after third-party provider attack

 | 

Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform

 | 

FBI alert: scammers target zoning permit applicants

 | 

Russia-linked hackers target Signal, WhatsApp of officials globally

 | 

Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients

 | 

Anthropic Claude Opus AI model discovers 22 Firefox bugs

 | 

Critical Nginx UI flaw CVE-2026-27944 exposes server backups

 | 

Massive GitHub malware operation spreads BoryptGrab stealer

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87

 | 

Security Affairs newsletter Round 566 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

FBI probing intrusion into a system managing sensitive surveillance information

 | 

LATEST NEWS

VIEW ALL
Malware
Duqu Trojan, Stuxnet-derived malware
Pierluigi Paganini November 02, 2011

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...

Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

Middle east crisis prompts UK NCSC warning on potential Iranian cyber activity
March 02, 2026
Ariomex, Iran-based crypto exchange, suffers data leak
March 03, 2026
Iran-nexus APT Dust Specter targets Iraq officials with new malware
March 06, 2026
Reading White House President Trump’s Cyber Strategy for America (March 2026)
March 07, 2026
Massive GitHub malware operation spreads BoryptGrab stealer
March 08, 2026
Critical Nginx UI flaw CVE-2026-27944 exposes server backups
March 08, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Hacktivism

Pro-Palestinian hacktivist group Handala targets Stryker in global disruption

March 11, 2026

Malware
BeatBanker malware targets Android users with banking Trojan and crypto miner

March 11, 2026

Security
Hewlett Packard Enterprise fixes critical authentication bypass in Aruba AOS-CX

March 11, 2026

Malware
KadNap bot compromises 14,000+ devices to route malicious traffic

March 11, 2026

Security
Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs

March 10, 2026

recent articles

Hacktivism
Pro-Palestinian hacktivist group Handala targets Stryker in global disruption

Pro-Palestinian hacktivist group Handala claims a cyberattack on Stryker, alleging it wiped 200,000 systems and disrupted global operations. Pro-Palestinian hacktivist group Handala claims respons ...

Pierluigi Paganini March 11, 2026
Malware
BeatBanker malware targets Android users with banking Trojan and crypto miner

BeatBanker Android malware spreads through fake Starlink apps on websites imitating Google Play Store, hijacking devices, stealing credentials, and mining crypto. A new Android malware called Beat ...

Pierluigi Paganini March 11, 2026
Security
Hewlett Packard Enterprise fixes critical authentication bypass in Aruba AOS-CX

Hewlett Packard Enterprise (HPE) fixed several flaws in Aruba AOS-CX, including a critical bug that lets attackers reset admin passwords. Hewlett Packard Enterprise (HPE) patched multiple vulnerab ...

Pierluigi Paganini March 11, 2026
Malware
KadNap bot compromises 14,000+ devices to route malicious traffic

KadNap malware infects 14,000+ edge devices, mainly Asus routers, turning them into a stealth proxy botnet used to route malicious internet traffic. KadNap malware infects more than 14,000 edge de ...

Pierluigi Paganini March 11, 2026
Security
Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs

Microsoft Patch Tuesday security updates for March 2026 addressed 84 vulnerabilities in its products. None of the flaws are known to be exploited so far. Microsoft Patch Tuesday security updates f ...

Pierluigi Paganini March 10, 2026
Security
Attackers exploit FortiGate devices to access sensitive network information

Attackers are exploiting FortiGate devices to breach networks and steal configuration data containing service account credentials and network details. SentinelOne researchers warn that attackers a ...

Pierluigi Paganini March 10, 2026
APT
APT28 conducts long-term espionage on Ukrainian forces using custom malware

APT28 used BEARDSHELL and COVENANT malware to spy on Ukrainian military personnel, enabling long-term surveillance since April 2024. The Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear,  ...

Pierluigi Paganini March 10, 2026
Security
Threat actors use custom AuraInspector to harvest data from Salesforce systems

Attackers are mass-scanning Salesforce Experience Cloud sites using a modified AuraInspector tool to exploit misconfigurations and access sensitive data. Salesforce CSOC warns that threat actors a ...

Pierluigi Paganini March 10, 2026
Security
U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infras ...

Pierluigi Paganini March 10, 2026
Data Breach
Ericsson US confirms breach after third-party provider attack

Ericsson US reports a data breach after attackers hacked a service provider, exposing employee and customer information. Ericsson Inc., the U.S. branch of the Swedish telecom giant, disclosed a da ...

Pierluigi Paganini March 10, 2026
Cyber Crime
Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform

Authorities disrupted the Tycoon 2FA phishing-as-a-service platform used to send millions of phishing emails to over 500,000 orgs worldwide. The joint effort, led by Microsoft, Europol, and indust ...

Pierluigi Paganini March 10, 2026
Cyber Crime
FBI alert: scammers target zoning permit applicants

The FBI warns of phishing attacks where crooks impersonate U.S. city and county officials to target people requesting planning and zoning permits. The FBI warns that scammers are impersonating U.S ...

Pierluigi Paganini March 09, 2026
Intelligence
Russia-linked hackers target Signal, WhatsApp of officials globally

Russia-linked hackers are targeting Signal and WhatsApp accounts of government and military officials worldwide, warns Dutch intelligence. Dutch intelligence agencies (MIVD and AIVD) warn of a glo ...

Pierluigi Paganini March 09, 2026
Data Breach
Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients

A breach at Cognizant’s TriZetto Provider Solutions exposed sensitive health data belonging to more than 3.4 million patients. A data breach at Cognizant’s TriZetto Provider Solutions exposed ...

Pierluigi Paganini March 09, 2026
Artificial Intelligence
Anthropic Claude Opus AI model discovers 22 Firefox bugs

Anthropic used Claude Opus 4.6 to identify 22 Firefox vulnerabilities, most of which were high severity, all of which were fixed in Firefox 148, released in January 2026. Anthropic discovered 22 s ...

Pierluigi Paganini March 09, 2026
Security
Critical Nginx UI flaw CVE-2026-27944 exposes server backups

Nginx UI flaw CVE-2026-27944 lets attackers download and decrypt server backups without authentication, exposing sensitive data on public management interfaces. A critical vulnerability in Nginx U ...

Pierluigi Paganini March 08, 2026
Malware
Massive GitHub malware operation spreads BoryptGrab stealer

Trend Micro found BoryptGrab stealer spreading through 100+ GitHub repositories, stealing browser data, crypto wallets, system information, and user files. Trend Micro uncovered a campaign distrib ...

Pierluigi Paganini March 08, 2026
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malware Reverse Engineering is no longer ...

Pierluigi Paganini March 08, 2026
Breaking News
Security Affairs newsletter Round 566 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini March 08, 2026
Hacking
FBI probing intrusion into a system managing sensitive surveillance information

The Federal Bureau of Investigation (FBI) is probing suspicious activity on an internal system containing sensitive surveillance and investigation data. The FBI is investigating suspicious cyber a ...

Pierluigi Paganini March 07, 2026