Pierluigi Paganini
July 17, 2018
Researchers have developed a tool that poses as GPS satellites to deceive nearby GPS receivers and manipulate road navigation systems. Researchers have developed a tool that poses as GPS satellites t ...
Pierluigi Paganini
July 17, 2018
Hackers compromised the npm account of an ESLint maintainer and published malicious versions of eslint packages to the npm registry. Crooks compromised an ESLint maintainer’s account last week and ...
Pierluigi Paganini
July 17, 2018
Russian President Vladimir Putin 'just said it's not Russia,' and President Trump believes him. Today the controversial meeting between Russian President Vladimir Putin and US President Donald T ...
Pierluigi Paganini
July 17, 2018
Cyber Defense Magazine July 2018 Edition has arrived. We hope you enjoy this month's edition...packed with over 140 pages of excellent content. InfoSec Knowledge is Power. We have 6 years of eM ...
The Astaroth banking Trojan uses GitHub to host malware configs, evade C2 takedowns and stay active by pulling new settings from the platform. McAfee discovered a new Astaroth campaign using GitHu ...
Pierluigi Paganini
October 13, 2025
Google and Mandiant link Oracle EBS extortion emails to known July-patched flaws and a likely zero-day, CVE-2025-61882. Google Threat Intelligence and Mandiant analyzed the Oracle E-Business Suite ...
Pierluigi Paganini
October 13, 2025
Stealit malware abuses Node.js SEA and Electron to spread via fake game and VPN installers shared on Mediafire and Discord. Fortinet FortiGuard Labs researchers spotted Stealit malware campaign ab ...
Pierluigi Paganini
October 13, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
October 12, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 202 ...
Pierluigi Paganini
October 12, 2025
Threat actors are exploiting a zero-day, tracked as CVE-2025-11371 in Gladinet CentreStack and Triofox products. Threat actors are exploiting the local File Inclusion (LFI) flaw CVE-2025-11371, a ...
Pierluigi Paganini
October 11, 2025
Spain’s Guardia Civil dismantled the cybercrime group “GXC Team” and arrested its 25-year-old Brazilian leader. Spanish Guardia Civil dismantled the “GXC Team” cybercrime group, arrestin ...
Pierluigi Paganini
October 11, 2025
Huntress warns of widespread SonicWall SSL VPN breaches, with attackers using valid credentials to access multiple accounts rapidly. Cybersecurity firm Huntress warned of a widespread compromise o ...
Pierluigi Paganini
October 11, 2025
Apple raised bug bounties to $2M for zero-click RCEs, doubling payouts. Since 2020, it’s paid $35M to 800 researchers. Apple doubled its bug bounty rewards, now offering up to $2 million for zer ...
Pierluigi Paganini
October 10, 2025
Juniper fixed nearly 220 flaws in Junos OS, Junos Space, and Security Director, including nine critical bugs in Junos Space. Juniper Networks released patches to address nearly 220 vulnerabilities ...
Pierluigi Paganini
October 10, 2025
Russia-linked actors use AI to craft phishing and malware attacks against entities in Ukraine, says SSSCIP. Russian hackers increasingly use AI in cyberattacks against Ukraine, the country's State ...
Pierluigi Paganini
October 10, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Grafana flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ad ...
Pierluigi Paganini
October 10, 2025
RondoDox botnet exploits 56 known flaws in over 30 device types, including DVRs, CCTV systems, and servers, active globally since June. Trend Micro researchers reported that the RondoDox botnet ex ...
Pierluigi Paganini
October 10, 2025
ClayRat Android spyware targets Russian users via fake Telegram channels and phishing sites posing as popular apps like WhatsApp and YouTube. The ClayRat Android spyware campaign targets Russian u ...
Pierluigi Paganini
October 09, 2025
Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as ...
Pierluigi Paganini
October 09, 2025
All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups ...
Pierluigi Paganini
October 09, 2025
Discord won’t pay threat actors claiming 5.5M user breach, saying only about 70K ID photos were actually exposed. Discord announced it won’t pay the threat actors claiming to have stolen data ...
Pierluigi Paganini
October 09, 2025
Qilin ransomware claimed responsibility for the recent attack on the beer giant Asahi that disrupted operations in Japan. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest br ...
Pierluigi Paganini
October 08, 2025
DragonForce, LockBit, and Qilin formed a ransomware alliance to boost attack effectiveness, marking a major shift in the cyber threat landscape. Ransomware groups DragonForce, LockBit, and Qilin f ...
Pierluigi Paganini
October 08, 2025
DraftKings warns of credential stuffing using stolen logins; No evidence of data loss, but users must reset passwords and enable MFA. A credential stuffing campaign is targeting the American spor ...
Pierluigi Paganini
October 08, 2025
