Pierluigi Paganini
June 23, 2022
Researchers at ETH Zurich discovered several critical flaws in the MEGA cloud storage service that could have allowed the decryption of user data MEGA has addressed multiple vulnerabilities in its ...
Pierluigi Paganini
June 22, 2022
Cyber Spetsnaz is targeting government resources and critical infrastructure in Lithuania after the ban of Russian railway goods Cyber Spetsnaz is targeting Lithuanian government resources and cr ...
Pierluigi Paganini
June 22, 2022
Researchers from Malwarebytes warns that the Magecart skimming campaign is active, but the attacks are more covert. Magecart threat actors have switched most of their operations server-side to avo ...
Pierluigi Paganini
June 22, 2022
I’m proud to announce that SecurityAffairs was awarded as the Best European Personal Cybersecurity Blog 2022 at European Cybersecurity Blogger Awards 2022. The winners of the annual European C ...
December 31, 2025
January 07, 2026
January 08, 2026
January 11, 2026
January 11, 2026
Europol announced the arrest of 34 suspected Black Axe members in Spain during a joint operation with Spanish and European law enforcement. Europol announced the arrest of 34 suspects in Spain lin ...
Pierluigi Paganini
January 12, 2026
Russia-linked cyberespionage group APT28 targets energy, nuclear, and policy staff in Turkey, Europe, North Macedonia, and Uzbekistan with credential-harvesting attacks. Between February and Septe ...
Pierluigi Paganini
January 12, 2026
Today marks Aaron Swartz ’s death anniversary. His fight for open knowledge and digital rights continues as the forces he opposed grow stronger. Today marks the anniversary of the death of Aaron ...
Pierluigi Paganini
January 11, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter VVS Discord Stealer Using Pyarmor for Ob ...
Pierluigi Paganini
January 11, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
January 11, 2026
A massive breach exposed data of 17.5M Instagram users, triggering mass password reset emails and fears that stolen data is already circulating online. A major data breach has exposed the personal ...
Pierluigi Paganini
January 10, 2026
FBI warns that North Korea–linked APT group Kimsuky is targeting governments, think tanks, and academic institutions with quishing attacks. North Korea–linked APT group Kimsuky is targeting go ...
Pierluigi Paganini
January 10, 2026
Illinois Department of Human Services (IDHS) exposed personal and health data of nearly 700,000 residents due to incorrect privacy settings. The Illinois Department of Human Services (IDHS ) discl ...
Pierluigi Paganini
January 10, 2026
Trend Micro fixed three Apex Central flaws discovered by Tenable that could allow remote code execution or denial-of-service attacks. Trend Micro patched three flaws (CVE-2025-69258, CVE-2025-692 ...
Pierluigi Paganini
January 09, 2026
Iran shut down the internet as protests spread nationwide. Dozens were killed in a violent crackdown amid soaring inflation and a collapsing currency. Iran has shut down the internet nationwide as ...
Pierluigi Paganini
January 09, 2026
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has c ...
Pierluigi Paganini
January 09, 2026
Chinese-speaking attackers used a hacked SonicWall VPN to deploy ESXi zero-days that were likely exploited over a year before public disclosure. Chinese-speaking attackers were seen abusing a hack ...
Pierluigi Paganini
January 09, 2026
A WhatsApp worm spread the Astaroth banking trojan across Brazil by automatically sending malicious messages to victims’ contacts. Astaroth, a long-running Brazilian banking malware, has evolved ...
Pierluigi Paganini
January 08, 2026
Cisco addressed a medium-severity vulnerability in ISE and ISE-PIC after a public PoC exploit was disclosed. Cisco addressed a medium-severity vulnerability, tracked as CVE-2026-20029 (CVSS score: ...
Pierluigi Paganini
January 08, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infr ...
Pierluigi Paganini
January 08, 2026
Taiwan says China-linked cyberattacks on its energy sector rose tenfold in 2025, hitting critical infrastructure across nine sectors, with total incidents up 6%. Taiwan reports China-linked cybera ...
Pierluigi Paganini
January 08, 2026
A critical n8n flaw (CVE-2026-21858, CVSS 10.0), dubbed Ni8mare, allows unauthenticated attackers to fully take over vulnerable instances. Researchers uncovered a maximum severity n8n vulnerabilit ...
Pierluigi Paganini
January 07, 2026
Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured email routing and spoof protectio ...
Pierluigi Paganini
January 07, 2026
Veeam patched a critical RCE flaw in Backup & Replication, CVE-2025-59470, rated CVSS 9.0, along with other vulnerabilities. Veeam released patches for multiple Backup & Replication flaws, ...
Pierluigi Paganini
January 07, 2026
Attackers are exploiting a critical flaw (CVE-2026-0625) in old D-Link DSL routers that allows remote command execution. Threat actors are actively exploiting a critical RCE flaw, tracked as CVE-2 ...
Pierluigi Paganini
January 07, 2026
