Pierluigi Paganini
October 11, 2021
DEV-0343: Iran-linked threat actors are targeting US and Israeli defense technology companies leveraging password spraying attacks. Researchers at Microsoft Threat Intelligence Center (MSTIC) and ...
Pierluigi Paganini
October 11, 2021
LibreOffice and OpenOffice released security updates to address a vulnerability that can be exploited by an attacker to spoof signed documents. LibreOffice and OpenOffice released secu ...
Pierluigi Paganini
October 11, 2021
Donot Team targeted a Togolese human rights advocate with a mobile spyware that has been allegedly developed by an Indian firm. Researchers from Amnesty International have uncovered a cyberespion ...
Pierluigi Paganini
October 11, 2021
The NSA issued a technical advisory to warn organizations against the use of wildcard TLS certificates and the new ALPACA TLS attack. The National Security Agency (NSA) is warning organizations a ...
January 15, 2026
January 14, 2026
January 13, 2026
January 21, 2026
Fortinet confirmed attacks are bypassing FortiCloud SSO authentication, affecting even fully patched devices, similar to recent SSO flaws. Fortinet confirmed attacks bypass FortiCloud SSO on fully ...
Pierluigi Paganini
January 23, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite f ...
Pierluigi Paganini
January 23, 2026
Under Armour is investigating a data breach after 72M customer records were posted online by a cybercriminal. Under Armour is an American company that designs, manufactures, and sells sportswear, ...
Pierluigi Paganini
January 23, 2026
A new Android click-fraud trojan family uses TensorFlow ML to visually detect and tap ads, bypassing traditional script-based click techniques. Researchers at cybersecurity firm Dr.Web discovered ...
Pierluigi Paganini
January 22, 2026
A SmarterMail flaw (WT-2026-0001) is under active attack just days after its January 15 patch, with no CVE assigned yet. A newly disclosed flaw in SmarterTools SmarterMail is being actively exploi ...
Pierluigi Paganini
January 22, 2026
Arctic Wolf warned of a new wave of automated attacks making unauthorized firewall configuration changes on Fortinet FortiGate devices. Arctic Wolf researchers reported a new automated attack clus ...
Pierluigi Paganini
January 22, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity ...
Pierluigi Paganini
January 22, 2026
Zoom addressed a critical security vulnerability, tracked as CVE-2026-22844, that could result in remote code execution. Cloud-based video conferencing and online collaboration platform Zoom relea ...
Pierluigi Paganini
January 21, 2026
Cloudflare fixed a flaw in its ACME validation logic that could let attackers bypass security checks and access protected origin servers. Cloudflare fixed a flaw in its ACME HTTP-01 validation log ...
Pierluigi Paganini
January 21, 2026
Password manager LastPass warns of an active phishing campaign impersonating the service to steal users’ master passwords. LastPass warned users about an active phishing campaign that began arou ...
Pierluigi Paganini
January 21, 2026
VoidLink is a cloud-focused Linux malware, likely built by one person using AI, offering loaders, implants, rootkit evasion, and modular plugins. Check Point researchers uncovered VoidLink, a clou ...
Pierluigi Paganini
January 21, 2026
Threat actors use PDFSIDER malware with social engineering and DLL sideloading to bypass AV/EDR, and ransomware gangs already abuse it. Resecurity has learned about PDFSIDER during an investigatio ...
Pierluigi Paganini
January 20, 2026
A Jordanian man pleaded guilty in the US to selling illegal access to 50 compromised enterprise networks after an undercover sting. A Jordanian national Feras Khalil Ahmad Albashiti (40), living i ...
Pierluigi Paganini
January 20, 2026
TP-Link fixed a critical flaw that exposed over 32 VIGI C and VIGI InSight camera models to remote hacking, with over 2,500 internet-exposed devices identified. TP-Link fixed a high-severity flaw, ...
Pierluigi Paganini
January 20, 2026
Major Telegram-based illicit marketplace Tudou Guarantee appears to be shutting down its operations, according to Elliptic. Blockchain cybersecurity firm Elliptic reports that Tudou Guarantee, a m ...
Pierluigi Paganini
January 20, 2026
The UK government warns Russia-linked hacktivists are still carrying out DDoS attacks on critical infrastructure and local government systems The UK government warns that Russia-linked hacktivists ...
Pierluigi Paganini
January 20, 2026
Ingram Micro says a ransomware attack exposed personal data of about 42,000 people, including names, birth dates, SSNs, and job-related details. Ingram Micro is a global technology distributor and ...
Pierluigi Paganini
January 19, 2026
Researchers uncovered an XSS flaw in StealC malware’s control panel, exposing key details about a threat actor using the info stealer. StealC is an infostealer that has been active since at leas ...
Pierluigi Paganini
January 19, 2026
An actor who goes online with the alias @ihackthegovernment posted stolen personal data from his victims, including the U.S. Supreme Court. Nicholas Moore, 24, from Tennessee, pleaded guilty to re ...
Pierluigi Paganini
January 19, 2026
Activists hacked Iran ’s Badr satellite, briefly broadcasting Reza Pahlavi’s anti-regime protest messages on state TV channels. Anti-regime activists briefly took control of Iran ’s Badr sat ...
Pierluigi Paganini
January 18, 2026
