Pierluigi Paganini
December 23, 2021
Researchers disclosed four vulnerabilities in the Teams business communication software, but Microsoft will not address three of them. Researchers from cybersecurity firm Positive Security discov ...
Pierluigi Paganini
December 23, 2021
The DHS has announced that it is expanding the 'Hack DHS' bug bounty program to report for Log4J impacting its systems. The Department of Homeland Security (DHS) announced that white hat hackers ...
Pierluigi Paganini
December 23, 2021
A vulnerability in the Microsoft Azure App Service led to the exposure of customer source code for at least four years. Early this month, Microsoft has notified a small group of Azure customers t ...
Pierluigi Paganini
December 22, 2021
US CISA release of a scanner for identifying web services affected by two Apache Log4j remote code execution vulnerabilities. The Cybersecurity and Infrastructure Security Agency (CISA) has annou ...
January 19, 2026
January 17, 2026
January 15, 2026
January 14, 2026
January 13, 2026
January 20, 2026
January 19, 2026
TP-Link fixed a critical flaw that exposed over 32 VIGI C and VIGI InSight camera models to remote hacking, with over 2,500 internet-exposed devices identified. TP-Link fixed a high-severity flaw, ...
Pierluigi Paganini
January 20, 2026
Major Telegram-based illicit marketplace Tudou Guarantee appears to be shutting down its operations, according to Elliptic. Blockchain cybersecurity firm Elliptic reports that Tudou Guarantee, a m ...
Pierluigi Paganini
January 20, 2026
The UK government warns Russia-linked hacktivists are still carrying out DDoS attacks on critical infrastructure and local government systems The UK government warns that Russia-linked hacktivists ...
Pierluigi Paganini
January 20, 2026
Ingram Micro says a ransomware attack exposed personal data of about 42,000 people, including names, birth dates, SSNs, and job-related details. Ingram Micro is a global technology distributor and ...
Pierluigi Paganini
January 19, 2026
Researchers uncovered an XSS flaw in StealC malware’s control panel, exposing key details about a threat actor using the info stealer. StealC is an infostealer that has been active since at leas ...
Pierluigi Paganini
January 19, 2026
An actor who goes online with the alias @ihackthegovernment posted stolen personal data from his victims, including the U.S. Supreme Court. Nicholas Moore, 24, from Tennessee, pleaded guilty to re ...
Pierluigi Paganini
January 19, 2026
Activists hacked Iran ’s Badr satellite, briefly broadcasting Reza Pahlavi’s anti-regime protest messages on state TV channels. Anti-regime activists briefly took control of Iran ’s Badr sat ...
Pierluigi Paganini
January 18, 2026
GootLoader malware uses malformed ZIP files made of hundreds of concatenated archives to evade detection. GootLoader is used by ransomware actors for initial access, then handed off to others. Bui ...
Pierluigi Paganini
January 18, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Gogs 0-Day Exploited in the Wild SHAD ...
Pierluigi Paganini
January 18, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
January 18, 2026
Police in Ukraine and Germany identified Black Basta suspects and issued an international wanted notice for the group’s alleged Russian leader. Ukrainian and German police raided homes linked to ...
Pierluigi Paganini
January 17, 2026
Cisco Talos says a China-linked group, tracked as UAT-8837, has targeted North American critical infrastructure since last year. Cisco Talos reports that threat group UAT-8837, likely linked to Ch ...
Pierluigi Paganini
January 17, 2026
A data breach at Canada’s investment watchdog, Canadian Investment Regulatory Organization (CIRO), impacted about 750,000 people. The Canadian Investment Regulatory Organization (CIRO) is Canada ...
Pierluigi Paganini
January 16, 2026
Cisco fixed a maximum severity AsyncOS flaw in Secure Email products, previously exploited as a zero-day by China-linked APT group UAT-9686. Cisco fixed a critical AsyncOS flaw, tracked as CVE-202 ...
Pierluigi Paganini
January 16, 2026
A critical Modular DS WordPress flaw (CVE-2026-23550) is actively exploited, enabling unauthenticated privilege escalation. Threat actors are actively exploiting a critical Modular DS WordPress vu ...
Pierluigi Paganini
January 16, 2026
South Korean conglomerate Kyowon confirmed a ransomware attack that disrupted operations and may have exposed customer data. Kyowon Group is a major South Korean conglomerate with diverse business ...
Pierluigi Paganini
January 15, 2026
A cyberattack on Central Maine Healthcare exposed the personal, medical, and insurance data of about 145,000 patients. Central Maine Healthcare notified patients affected by a data security incide ...
Pierluigi Paganini
January 15, 2026
Palo Alto Networks addressed a flaw impacting GlobalProtect Gateway and Portal, for which a proof-of-concept (PoC) exploit exists. Palo Alto Networks addressed a high-severity vulnerability, track ...
Pierluigi Paganini
January 15, 2026
Lumen’s Black Lotus Labs blocked over 550 C2 servers tied to the AISURU/Kimwolf botnet used for DDoS attacks and proxy abuse. Lumen’s Black Lotus Labs disrupted over 550 command-and-control se ...
Pierluigi Paganini
January 15, 2026
China has told domestic firms to stop using U.S. and Israeli cybersecurity software, citing national security concerns amid rising tech tensions. Reuters reported that China has ordered domestic c ...
Pierluigi Paganini
January 15, 2026
