Pierluigi Paganini
September 05, 2025
Experts warn of an actively exploited vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), in SAP S/4HANA software. A critical command injection vulnerability, tracked as CVE-2025-42957 ...
Pierluigi Paganini
September 05, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ...
Pierluigi Paganini
September 05, 2025
VirusTotal uncovered an undetected malware campaign using SVG files that impersonated the Colombian justice system. VirusTotal researchers uncovered a phishing campaign using SVG files with hidden ...
Pierluigi Paganini
September 05, 2025
France’s data watchdog fined Google $379M (€325 million) and Shein $175M (€150 million) for breaching cookie rules. The French data watchdog, the National Commission on Informatics and Liber ...
August 29, 2025
September 01, 2025
September 02, 2025
September 04, 2025
September 07, 2025
September 06, 2025
September 05, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Operation HanKook Phantom: North Korean ...
Pierluigi Paganini
September 07, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
September 07, 2025
Qantas cuts executive bonuses by 15% after a July cyberattack exposed data of 5.7M people, despite reporting $1.5B profit last fiscal year. Qantas cuts executive bonuses by 15% after a July cybera ...
Pierluigi Paganini
September 06, 2025
MeetC2 is a PoC C2 tool using Google Calendar to mimic cloud abuse, helping teams test detection, logging, and response. Background: Modern adversaries increasingly hide command-and-control ( ...
Pierluigi Paganini
September 06, 2025
Experts warn of an actively exploited vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), in SAP S/4HANA software. A critical command injection vulnerability, tracked as CVE-2025-42957 ...
Pierluigi Paganini
September 05, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ...
Pierluigi Paganini
September 05, 2025
VirusTotal uncovered an undetected malware campaign using SVG files that impersonated the Colombian justice system. VirusTotal researchers uncovered a phishing campaign using SVG files with hidden ...
Pierluigi Paganini
September 05, 2025
France’s data watchdog fined Google $379M (€325 million) and Shein $175M (€150 million) for breaching cookie rules. The French data watchdog, the National Commission on Informatics and Liber ...
Pierluigi Paganini
September 05, 2025
US offers $10M for Russian FSB officers Tyukov, Gavrilov & Akulov, accused of attacking US critical infrastructure and over 500 energy firms worldwide. The US Department of State is offering u ...
Pierluigi Paganini
September 04, 2025
Hikvision HikCentral flaw allows unauthenticated users to gain admin rights, risking full control over configs, logs, and critical monitoring. Security researchers warn of three vulnerabilities im ...
Pierluigi Paganini
September 04, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructu ...
Pierluigi Paganini
September 04, 2025
Threat actors abuse HexStrike AI, a new offensive security tool meant for red teaming and bug bounties, to exploit fresh vulnerabilities. Check Point researchers warn that threat actors are abusin ...
Pierluigi Paganini
September 03, 2025
Google addressed 120 Android vulnerabilities in September 2025, including two flaws actively exploited in targeted attacks. Google has released security updates to address 120 Android vulnerabili ...
Pierluigi Paganini
September 03, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Age ...
Pierluigi Paganini
September 03, 2025
Android droppers now spread banking trojans, SMS stealers, and spyware, disguised as government or banking apps in India and Asia. ThreatFabric researchers warn of a shift in Android malware: drop ...
Pierluigi Paganini
September 03, 2025
Jaguar Land Rover shut down systems after a cyberattack, disrupting production and retail, but says customer data likely remains safe. Jaguar Land Rover shut down systems to mitigate a cyberattack ...
Pierluigi Paganini
September 03, 2025
Cloudflare blocked a record 11.5 Tbps DDoS attack, a UDP flood from Google Cloud, part of weeks-long assault waves. Cloudflare announced on X that it had blocked the largest ever DDoS attack, peak ...
Pierluigi Paganini
September 02, 2025
Palo Alto Networks hit by Drift-linked supply-chain attack, exposing Salesforce customer data and support cases via stolen OAuth tokens. Palo Alto Networks is another victim of the Salesloft Drift ...
Pierluigi Paganini
September 02, 2025
Von der Leyen’s plane faced suspected Russian GPS jamming in Bulgaria, but the EU chief landed safely, says European Commission. The EU confirmed that Ursula von der Leyen’s plane experienced ...
Pierluigi Paganini
September 02, 2025
Zscaler breach tied to Salesloft Drift attack exposed Salesforce data, leaking customer info and support case details in a supply-chain compromise. Zscaler discloses a data breach that is linked t ...
Pierluigi Paganini
September 01, 2025
