Pierluigi Paganini
June 02, 2022
A remote code execution vulnerability in the open-source Horde Webmail client can allow to take over servers by sending a specially crafted email. Researchers from SonarSource discovered a remote ...
Pierluigi Paganini
June 01, 2022
A new version of the XLoader botnet is implementing a new technique to obscure the Command and Control infrastructure. Researchers from Check Point have discovered a new version of the XLoader bot ...
Pierluigi Paganini
June 01, 2022
Researchers uncovered 3.6M accessible MySQL servers worldwide that represent a potential attack surface for their owners. Researchers from Shadow Server scanned the internet for publicly accessi ...
Pierluigi Paganini
June 01, 2022
A China-linked APT group is actively exploiting the recently disclosed Follina zero-day flaw in Microsoft Office in attacks in the wild. China-linked APT group TA413 has been observed exploiting ...
December 31, 2025
January 07, 2026
January 08, 2026
January 12, 2026
January 11, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Gogs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ...
Pierluigi Paganini
January 12, 2026
Meta fixed an Instagram password reset flaw that let third parties send reset emails, while denying a data breach despite leak claims. Meta confirmed fixing an Instagram password reset vulnerabili ...
Pierluigi Paganini
January 12, 2026
Europol announced the arrest of 34 suspected Black Axe members in Spain during a joint operation with Spanish and European law enforcement. Europol announced the arrest of 34 suspects in Spain lin ...
Pierluigi Paganini
January 12, 2026
Russia-linked cyberespionage group APT28 targets energy, nuclear, and policy staff in Turkey, Europe, North Macedonia, and Uzbekistan with credential-harvesting attacks. Between February and Septe ...
Pierluigi Paganini
January 12, 2026
Today marks Aaron Swartz ’s death anniversary. His fight for open knowledge and digital rights continues as the forces he opposed grow stronger. Today marks the anniversary of the death of Aaron ...
Pierluigi Paganini
January 11, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter VVS Discord Stealer Using Pyarmor for Ob ...
Pierluigi Paganini
January 11, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
January 11, 2026
A massive breach exposed data of 17.5M Instagram users, triggering mass password reset emails and fears that stolen data is already circulating online. A major data breach has exposed the personal ...
Pierluigi Paganini
January 10, 2026
FBI warns that North Korea–linked APT group Kimsuky is targeting governments, think tanks, and academic institutions with quishing attacks. North Korea–linked APT group Kimsuky is targeting go ...
Pierluigi Paganini
January 10, 2026
Illinois Department of Human Services (IDHS) exposed personal and health data of nearly 700,000 residents due to incorrect privacy settings. The Illinois Department of Human Services (IDHS ) discl ...
Pierluigi Paganini
January 10, 2026
Trend Micro fixed three Apex Central flaws discovered by Tenable that could allow remote code execution or denial-of-service attacks. Trend Micro patched three flaws (CVE-2025-69258, CVE-2025-692 ...
Pierluigi Paganini
January 09, 2026
Iran shut down the internet as protests spread nationwide. Dozens were killed in a violent crackdown amid soaring inflation and a collapsing currency. Iran has shut down the internet nationwide as ...
Pierluigi Paganini
January 09, 2026
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has c ...
Pierluigi Paganini
January 09, 2026
Chinese-speaking attackers used a hacked SonicWall VPN to deploy ESXi zero-days that were likely exploited over a year before public disclosure. Chinese-speaking attackers were seen abusing a hack ...
Pierluigi Paganini
January 09, 2026
A WhatsApp worm spread the Astaroth banking trojan across Brazil by automatically sending malicious messages to victims’ contacts. Astaroth, a long-running Brazilian banking malware, has evolved ...
Pierluigi Paganini
January 08, 2026
Cisco addressed a medium-severity vulnerability in ISE and ISE-PIC after a public PoC exploit was disclosed. Cisco addressed a medium-severity vulnerability, tracked as CVE-2026-20029 (CVSS score: ...
Pierluigi Paganini
January 08, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infr ...
Pierluigi Paganini
January 08, 2026
Taiwan says China-linked cyberattacks on its energy sector rose tenfold in 2025, hitting critical infrastructure across nine sectors, with total incidents up 6%. Taiwan reports China-linked cybera ...
Pierluigi Paganini
January 08, 2026
A critical n8n flaw (CVE-2026-21858, CVSS 10.0), dubbed Ni8mare, allows unauthenticated attackers to fully take over vulnerable instances. Researchers uncovered a maximum severity n8n vulnerabilit ...
Pierluigi Paganini
January 07, 2026
Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured email routing and spoof protectio ...
Pierluigi Paganini
January 07, 2026
