Pierluigi Paganini
September 19, 2015
The Security researcher David Sopas at WebSegura discovered a Reflected Filename Download vulnerability in the popular professional social network LinkedIn. He was analyzing another website when he ...
Pierluigi Paganini
September 19, 2015
The Taiwanese networking equipment manufacturer D-Link has accidentally published its private code signing keys in the source of one of its firmware update. According to the Dutch news site Tweakers ...
Pierluigi Paganini
September 19, 2015
The popular group of hackers dubbed w0rm breached the hacking forum "Monopoly" offering for sale all data present in its database. This is the classic example of the lack of rules within underground ...
Pierluigi Paganini
September 18, 2015
A Critical vulnerability affects Mozilla Bugzilla bug-tracking software could be exploited to access details of non-public vulnerabilities stored in its database. The open source Bugzilla bug- ...
October 20, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Motex LANSCOPE flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CIS ...
Pierluigi Paganini
October 23, 2025
Hackers exploit CVE-2025-54236 in Adobe Commerce and Magento to hijack accounts via REST API. Over 250 attacks in 24 hours. E-commerce security company Sansec researchers warn that threat actors a ...
Pierluigi Paganini
October 23, 2025
The attack on Jaguar Land Rover costs the UK economy $2.5B, marking its most damaging cyber incident, says CMC. In early September, Jaguar Land Rover shut down systems to mitigate a cyberattack ...
Pierluigi Paganini
October 23, 2025
PhantomCaptcha phishing campaign hit Ukraine relief groups with a WebSocket RAT on Oct 8, 2025, targeting Red Cross, UNICEF, and others. SentinelOne researchers uncovered PhantomCaptcha, a coordin ...
Pierluigi Paganini
October 22, 2025
TP-Link warns of critical flaws in Omada gateways across ER, G, and FR models. Users should update firmware immediately to stay secure. TP-Link is warning users of critical flaws impacting its Oma ...
Pierluigi Paganini
October 22, 2025
CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera. Edera team disclosed a vulnerability tracked as CVE-2025-62518 (CVSS score: ...
Pierluigi Paganini
October 22, 2025
Russia-linked COLDRIVER rapidly evolved its malware since May 2025, refining tools just days after releasing its LOSTKEYS variant, says Google. The Russia-linked hacking group COLDRIVER has been q ...
Pierluigi Paganini
October 22, 2025
Muji halted online sales after a ransomware attack on its logistics partner Askul, disrupting orders, app services, and website access. Japanese retailer giant Muji suspended online sales after a ...
Pierluigi Paganini
October 21, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructu ...
Pierluigi Paganini
October 21, 2025
China-linked Salt Typhoon hacked a European telecom in July 2025 via a Citrix NetScaler Gateway exploit for initial access. A European telecom firm was targeted in July 2025 by China-linked APT gr ...
Pierluigi Paganini
October 21, 2025
Russian hackers stole and leaked MoD files on eight RAF and Navy bases, exposing staff data in a “catastrophic” cyberattack via Dodd Group breach. Russian cybercrime group Lynx breached Dodd G ...
Pierluigi Paganini
October 20, 2025
A new campaign targets Russia’s auto and e-commerce sectors using a previously unknown .NET malware called CAPI Backdoor. Cybersecurity researchers at Seqrite Labs uncovered a new campaign, trac ...
Pierluigi Paganini
October 20, 2025
Over 262K F5 BIG-IP devices exposed after threat actors stole source code and data on undisclosed flaws in a recent F5 breach. Over 262,000 F5 BIG-IP devices are exposed online after F5 confirmed ...
Pierluigi Paganini
October 20, 2025
China claims the US NSA hacked its National Time Service Center by exploiting staff phone flaws since March 2022, stealing sensitive data. China’s Ministry of State Security announced it has fou ...
Pierluigi Paganini
October 20, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Astaroth: Banking Trojan Abusing GitHub ...
Pierluigi Paganini
October 19, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
October 19, 2025
Winos 4.0 hackers expand from China, Taiwan to Japan, Malaysia using fake Finance Ministry PDFs to spread HoldingHands RAT malware. Threat actors behind Winos 4.0 (ValleyRAT) have expanded their a ...
Pierluigi Paganini
October 18, 2025
Everest claims Collins Aerospace hack hitting EU airports, but its leak site vanishes soon after, sparking takedown speculation. Do you remember the Collins Aerospace supply chain attack that disr ...
Pierluigi Paganini
October 18, 2025
Europol’s SIMCARTEL operation shut down a SIM-box network behind 3,200 frauds and €4.5M losses, using 40,000 SIMs for scams and extortion. Europol’s “SIMCARTEL” operation dismantled an i ...
Pierluigi Paganini
October 18, 2025
A critical WatchGuard Fireware vulnerability, tracked as CVE-2025-9242, could allow unauthenticated code execution. Researchers revealed details of a critical vulnerability, tracked as CVE-2025-92 ...
Pierluigi Paganini
October 17, 2025
