Pierluigi Paganini
January 05, 2023
Zoho is warning its customers of a critical vulnerability, tracked as CVE-2022-47523, affecting multiple ManageEngine products. Zoho is urging its customers to address a critical SQL Injection vul ...
Pierluigi Paganini
January 05, 2023
The Irish Data Protection Commission (DPC) fined Meta Platforms €390 million over data processing operations for the delivery of its services The Data Protection Commission (DPC) concluded two ...
Pierluigi Paganini
January 05, 2023
A database containing email addresses of 235,000,000 Twitter users has been offered on a popular hacker forum. A data leak containing email addresses for 235 million Twitter users has been publish ...
Pierluigi Paganini
January 04, 2023
BMW, Mercedes, Toyota, and other popular carmakers use vulnerable APIs that could have allowed attackers to perform malicious activities. Cybersecurity researcher Sam Curry and his colleagues dis ...
November 06, 2025
November 13, 2025
November 12, 2025
November 18, 2025
Google patched two Chrome flaws, including a V8 type-confusion bug, tracked as including CVE-2025-13223, which was exploited in the wild. Google released Chrome security updates to address two fla ...
Pierluigi Paganini
November 18, 2025
Dutch police seized 250 servers running a bulletproof hosting service tied to cybercriminals and linked to over 80 investigations since 2022. Dutch police Politie, seized 250 servers running an un ...
Pierluigi Paganini
November 18, 2025
Microsoft says the Aisuru botnet launched a 15.7 Tbps DDoS on Azure from 500k IPs, using massive UDP floods peaking at 3.6 B pps. On October 24, 2025, Azure DDoS Protection detected and mitigated ...
Pierluigi Paganini
November 17, 2025
Jaguar Land Rover says the September 2025 cyberattack halted production, led to data theft, and cost £196M in the quarter. Jaguar Land Rover reported that a September 2025 cyberattack, claimed by ...
Pierluigi Paganini
November 17, 2025
North Korean Contagious Interview actors now host malware on JSON storage sites to deliver trojanized code projects, NVISO reports. North Korea-linked actors behind the Contagious Interview campai ...
Pierluigi Paganini
November 17, 2025
RondoDox botnet exploits unpatched XWiki flaw CVE-2025-24893 to gain RCE and infect more servers, despite fixes released in February 2025. RondoDox is targeting unpatched XWiki servers via critica ...
Pierluigi Paganini
November 17, 2025
Five pleaded guilty to aiding North Korea ’s illicit revenue via IT worker fraud, violating international sanctions. The U.S. Department of Justice announced that five people have pleaded guilty ...
Pierluigi Paganini
November 16, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter 9 Malicious NuGet Packages Deliver Time- ...
Pierluigi Paganini
November 16, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
November 16, 2025
China-linked actors used Anthropic’s AI to automate and run cyberattacks in a sophisticated 2025 espionage campaign using advanced agentic tools. China-linked threat actors used Anthropic’s AI ...
Pierluigi Paganini
November 16, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ( ...
Pierluigi Paganini
November 15, 2025
ASUS fixed a critical auth-bypass flaw (CVE-2025-59367) in DSL routers that let remote, unauthenticated attackers access devices with ease. ASUS patched a critical auth-bypass flaw, tracked as CVE ...
Pierluigi Paganini
November 14, 2025
A vulnerability affecting Imunify360 lets attackers run code via malicious file uploads, risking millions of websites. A vulnerability in ImunifyAV/Imunify360 allows attackers to upload malicious ...
Pierluigi Paganini
November 14, 2025
A Fortinet FortiWeb auth-bypass flaw is being actively exploited, allowing attackers to hijack admin accounts and fully compromise devices. Researchers warn of an authentication bypass flaw in For ...
Pierluigi Paganini
November 14, 2025
Germany’s BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems. Germany’s BSI warns of rising evasion attacks on LLMs, issuing gui ...
Pierluigi Paganini
November 14, 2025
The Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors ...
Pierluigi Paganini
November 14, 2025
Malicious Chrome extension “Safery: Ethereum Wallet” steals users’ seed phrases while posing as a legit crypto wallet still available online. Socket’s Threat Research Team discovered a mal ...
Pierluigi Paganini
November 13, 2025
Europol’s Operation Endgame dismantles Rhadamanthys, Venom RAT, and Elysium botnet in a global crackdown on cybercriminal infrastructures. Europol and Eurojust have launched a new phase of Opera ...
Pierluigi Paganini
November 13, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cyberse ...
Pierluigi Paganini
November 13, 2025
Amazon warns that an advanced threat actor exploited zero-days in Cisco ISE and Citrix NetScaler to deploy custom malware. Amazon's threat intelligence researchers spotted an advanced threat actor ...
Pierluigi Paganini
November 13, 2025
