Pierluigi Paganini
August 26, 2020
North Korea-linked Lazarus APT group targets cryptocurrency organizations with fake job offers in an ongoing spear-phishing campaign. North Korea-linked Lazarus APT group (aka HIDDEN COBRA) has b ...
Pierluigi Paganini
August 25, 2020
A researcher disclosed technical details of an unpatched vulnerability in Apple’s Safari web browser that can be exploited to steal files from the targeted system. An expert disclosed the detail ...
Pierluigi Paganini
August 25, 2020
Administrators of servers running Apache have to update their installs immediately to fix multiple vulnerabilities disclosed by a Google researcher. Apache Foundation released the 2.4.46 version t ...
Pierluigi Paganini
August 25, 2020
Experts at security firm Snyk discovered a malicious behavior in an advertising SDK that is used in more than 1,200 iOS apps available in the Apple App Store. Experts at security firm Snyk discove ...
February 27, 2026
March 01, 2026
March 03, 2026
Iran-linked APT MuddyWater targeted U.S. organizations, deploying the new Dindoor backdoor across sectors including banks, airports, and nonprofits. Broadcom’s Symantec Threat Hunter Team uncove ...
Pierluigi Paganini
March 06, 2026
Cisco warns that two recently patched Catalyst SD-WAN flaws, CVE-2026-20128 and CVE-2026-20122, are already being actively exploited in the wild. Cisco warned customers that threat actors are acti ...
Pierluigi Paganini
March 06, 2026
Microsoft warns of ClickFix campaign using Windows Terminal to deliver Lumma Stealer via social engineering attacks. Microsoft revealed a new ClickFix campaign where attackers exploit Windows Term ...
Pierluigi Paganini
March 06, 2026
A campaign by Iran-linked group Dust Specter is targeting Iraqi officials with phishing emails delivering new malware families. Zscaler ThreatLabz researchers linked the Iran-nexus group Dust Spec ...
Pierluigi Paganini
March 06, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ...
Pierluigi Paganini
March 06, 2026
Google’s GTIG reports 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024, with a growing share targeting enterprise systems. Google’s Threat Intelligence Group (GTIG ...
Pierluigi Paganini
March 06, 2026
Russian national Evgenii Ptitsyn (43) pleaded guilty in the U.S. for his role in the Phobos ransomware operation. Russian national Evgenii Ptitsyn pleaded guilty in the US to wire fraud conspiracy ...
Pierluigi Paganini
March 05, 2026
Researchers uncovered a Russian campaign targeting Ukrainian entities with new malware families BadPaw and MeowMeow delivered through phishing emails. Researchers reported a phishing campaign link ...
Pierluigi Paganini
March 05, 2026
The Federal Bureau of Investigation seized the LeakBase cybercrime forum in an international crackdown led by Europol. The Federal Bureau of Investigation seized the LeakBase cybercrime forum (lea ...
Pierluigi Paganini
March 05, 2026
Google warns of the Coruna iOS exploit kit, using 23 exploits across five chains to target iPhones running iOS 13–17.2.1, but not the latest iOS. Google’s Threat Intelligence Group has identif ...
Pierluigi Paganini
March 05, 2026
Cisco patched two critical Secure FMC vulnerabilities that could let attackers gain root access to managed firewalls. Cisco addressed two maximum-severity vulnerabilities in its Secure Firewall Ma ...
Pierluigi Paganini
March 04, 2026
Security teams want lower MTTR, but flaws persist. How to use automation vs. orchestration to reduce risk effectively? Almost all security teams want to reduce their Mean Time to Remediate (MTTR). ...
Pierluigi Paganini
March 04, 2026
LastPass warns of a phishing campaign using fake security alerts about unauthorized access or password changes to steal users’ master passwords. LastPass has warned users about a new phishing ca ...
Pierluigi Paganini
March 04, 2026
APT group Silver Dragon, linked to APT41, targets governments via server exploits and phishing, using Cobalt Strike and Google Drive for C2. Check Point researchers have identified Silver Dragon, ...
Pierluigi Paganini
March 04, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Inf ...
Pierluigi Paganini
March 04, 2026
A ransomware attack on the University of Hawaiʻi Cancer Center exposed personal data of 1.2 million people. A 2025 ransomware attack targeting the University of Hawaiʻi Cancer Center compromised ...
Pierluigi Paganini
March 04, 2026
Facebook is experiencing a global outage since 4:15 PM ET, with users reporting they cannot access their accounts. Facebook users worldwide report problems while attempting to access their acc ...
Pierluigi Paganini
March 03, 2026
Resecurity says Iran’s Ariomex crypto exchange suffered a data leak exposing user and transaction data from 2022 to 2025. Resecurity (USA) reports that Ariomex's database, one of Iran's cryptocu ...
Pierluigi Paganini
March 03, 2026
Madison Square Garden confirmed a data breach tied to the 2025 Oracle E-Business Suite hacking campaign. Madison Square Garden (MSG) has confirmed it was affected by a data breach linked to the 20 ...
Pierluigi Paganini
March 03, 2026
Microsoft researchers warn that threat actors abuse OAuth redirects to target government users and deliver malware. Microsoft has warned of phishing campaigns targeting government and public-secto ...
Pierluigi Paganini
March 03, 2026
