Security Affairs

LATEST NEWS

VIEW ALL

LANtenna attack allows exfiltrating data from Air-Gapped systems via Ethernet cables

Pierluigi Paganini October 06, 2021

Boffins devised a new technique, dubbed LANtenna, to exfiltrate data from systems in air-gapped networks using Ethernet cables as a "transmitting antenna." Security researchers from the Cyber Sec ...

Hacking

Apache patch a zero-day flaw exploited in the wild

Pierluigi Paganini October 05, 2021

Apache has addressed two vulnerabilities, one of which is a path traversal and file disclosure flaw in its HTTP server actively exploited in the wild. Apache has rolled out security patches to ad ...

Malware

Unnamed Ransomware gang uses a Python script to encrypt VMware ESXi servers

Pierluigi Paganini October 05, 2021

An unnamed ransomware gang used a custom Python script to target VMware ESXi and encrypt all the virtual machines hosted on the server. Researchers from Sophos were investigating a ransomware atta ...

Data Breach

Telco service provider giant Syniverse had unauthorized access since 2016

Pierluigi Paganini October 05, 2021

Syniverse service provider discloses a security breach, threat actors have had access to its databases since 2016 and gained some customers' credentials. Syniverse is a global company that provid ...

1
2
1514
1515
1516
1517
1518
4514
4515
4516

recent articles

Security

11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)

Critical telnetd flaw CVE-2026-24061 (CVSS 9.8) affects all GNU InetUtils versions 1.9.3–2.7 and went unnoticed for nearly 11 years. A critical vulnerability, tracked as CVE-2026-24061 (CVSS sco ...

Pierluigi Paganini January 24, 2026

Security

Fortinet warns of active FortiCloud SSO bypass affecting updated devices

Fortinet confirmed attacks are bypassing FortiCloud SSO authentication, affecting even fully patched devices, similar to recent SSO flaws. Fortinet confirmed attacks bypass FortiCloud SSO on fully ...

Pierluigi Paganini January 23, 2026

Security

U.S. CISA adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite f ...

Pierluigi Paganini January 23, 2026

Data Breach

Investigation underway after 72M Under Armour records surface online

Under Armour is investigating a data breach after 72M customer records were posted online by a cybercriminal. Under Armour is an American company that designs, manufactures, and sells sportswear, ...

Pierluigi Paganini January 23, 2026

Malware

Machine learning–powered Android Trojans bypass script-based Ad Click detection

A new Android click-fraud trojan family uses TensorFlow ML to visually detect and tap ads, bypassing traditional script-based click techniques. Researchers at cybersecurity firm Dr.Web discovered ...

Pierluigi Paganini January 22, 2026

Hacking

Critical SmarterMail vulnerability under attack, no CVE yet

A SmarterMail flaw (WT-2026-0001) is under active attack just days after its January 15 patch, with no CVE assigned yet. A newly disclosed flaw in SmarterTools SmarterMail is being actively exploi ...

Pierluigi Paganini January 22, 2026

Hacking

Arctic Wolf detects surge in automated Fortinet FortiGate firewall configuration attacks

Arctic Wolf warned of a new wave of automated attacks making unauthorized firewall configuration changes on Fortinet FortiGate devices. Arctic Wolf researchers reported a new automated attack clus ...

Pierluigi Paganini January 22, 2026

Uncategorized

U.S. CISA adds a flaw in Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity ...

Pierluigi Paganini January 22, 2026

Security

Zoom fixed critical Node Multimedia Routers flaw

Zoom addressed a critical security vulnerability, tracked as CVE-2026-22844, that could result in remote code execution. Cloud-based video conferencing and online collaboration platform Zoom relea ...

Pierluigi Paganini January 21, 2026

Security

ACME flaw in Cloudflare allowed attackers to reach origin servers

Cloudflare fixed a flaw in its ACME validation logic that could let attackers bypass security checks and access protected origin servers. Cloudflare fixed a flaw in its ACME HTTP-01 validation log ...

Pierluigi Paganini January 21, 2026

Cyber Crime

Crooks impersonate LastPass in campaign to harvest master passwords

Password manager LastPass warns of an active phishing campaign impersonating the service to steal users’ master passwords. LastPass warned users about an active phishing campaign that began arou ...

Pierluigi Paganini January 21, 2026

Malware

VoidLink shows how one developer used AI to build a powerful Linux malware

VoidLink is a cloud-focused Linux malware, likely built by one person using AI, offering loaders, implants, rootkit evasion, and modular plugins. Check Point researchers uncovered VoidLink, a clou ...

Pierluigi Paganini January 21, 2026

Malware

PDFSIDER Malware - Exploitation of DLL Side-Loading for AV and EDR Evasion

Threat actors use PDFSIDER malware with social engineering and DLL sideloading to bypass AV/EDR, and ransomware gangs already abuse it. Resecurity has learned about PDFSIDER during an investigatio ...

Pierluigi Paganini January 20, 2026

Cyber Crime

Access broker caught: Jordanian pleads guilty to hacking 50 companies

A Jordanian man pleaded guilty in the US to selling illegal access to 50 compromised enterprise networks after an undercover sting. A Jordanian national Feras Khalil Ahmad Albashiti (40), living i ...

Pierluigi Paganini January 20, 2026

Hacking

Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems

TP-Link fixed a critical flaw that exposed over 32 VIGI C and VIGI InSight camera models to remote hacking, with over 2,500 internet-exposed devices identified. TP-Link fixed a high-severity flaw, ...

Pierluigi Paganini January 20, 2026

Cyber Crime

Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions

Major Telegram-based illicit marketplace Tudou Guarantee appears to be shutting down its operations, according to Elliptic. Blockchain cybersecurity firm Elliptic reports that Tudou Guarantee, a m ...

Pierluigi Paganini January 20, 2026

Hacktivism

UK NCSC warns of Russia-linked hacktivists DDoS attacks

The UK government warns Russia-linked hacktivists are still carrying out DDoS attacks on critical infrastructure and local government systems The UK government warns that Russia-linked hacktivists ...

Pierluigi Paganini January 20, 2026

Data Breach

Ransomware attack on Ingram Micro impacts 42,000 individuals

Ingram Micro says a ransomware attack exposed personal data of about 42,000 people, including names, birth dates, SSNs, and job-related details. Ingram Micro is a global technology distributor and ...

Pierluigi Paganini January 19, 2026

Malware

StealC malware control panel flaw leaks details on active attacker

Researchers uncovered an XSS flaw in StealC malware’s control panel, exposing key details about a threat actor using the info stealer. StealC is an infostealer that has been active since at leas ...

Pierluigi Paganini January 19, 2026

Security

Hacker pleads guilty to hacking Supreme Court, AmeriCorps, and VA Systems

An actor who goes online with the alias @ihackthegovernment posted stolen personal data from his victims, including the U.S. Supreme Court. Nicholas Moore, 24, from Tennessee, pleaded guilty to re ...

Pierluigi Paganini January 19, 2026

LATEST NEWS

top articles

newsletter

Subscribe to my email list and stay up-to-date!

most popular

recent articles

Subscribe to my email list and stay
up-to-date!