MUST READ

Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

 | 

Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

 | 

Venezuela energy sector targeted by highly destructive Lotus wiper

 | 

Ransomware negotiator caught secretly assisting BlackCat extortion scheme

 | 

The US NSA is using Anthropic's Claude Mythos despite supply chain risk

 | 

U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog

 | 

Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility

 | 

France’s ANTS ID System website hit by cyberattack, possible data breach

 | 

Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft

 | 

CVE-2023-33538 under attack for a year, but exploitation still unsuccessful

 | 

Third-party AI hack triggers Vercel breach, internal environments accessed

 | 

AI Model Claude Opus turns bugs into exploits for just $2,283

 | 

Cyber attacks fuel surge in cargo theft across logistics industry

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93

 | 

Security Affairs newsletter Round 573 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware

 | 

Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks

 | 

Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access

 | 

Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western Intelligence

 | 

DraftKings hacker sentenced to prison, ordered to pay $1.4 Million

 | 

LATEST NEWS

VIEW ALL
Hacktivism
OpRussia update: Anonymous breached other organizations
Pierluigi Paganini May 14, 2022

Another week has passed and Anonymous has hacked other Russian companies and leaked their data via DDoSecrets. The #OpRussia launched by Anonymous on Russia after the criminal invasion of Ukraine ...

Hacktivism
Pro-Russian hacktivists target Italy government websites
Pierluigi Paganini May 14, 2022

Pro-Russian hacker group Killnet targeted the websites of several Italian institutions, including the senate and the National Institute of Health. A group of Pro-Russian hackers known as "Killnet" ...

Security
SonicWall urges customers to fix SMA 1000 vulnerabilities
Pierluigi Paganini May 13, 2022

SonicWall warns customers to address several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products. SonicWall urges customers to address several ...

Hacking
Zyxel fixed firewall unauthenticated remote command injection issue
Pierluigi Paganini May 13, 2022

Zyxel addressed a critical flaw affecting Zyxel firewall devices that allows unauthenticated, remote attackers to gain arbitrary code execution. Zyxel has moved to address a critical security vuln ...

top articles

The alleged breach of China’s National Supercomputing Center can have serious geopolitical consequences
April 09, 2026
Eurail data breach impacted 308,777 people
April 09, 2026
Hackers claim control over Venice San Marco anti-flood pumps
April 12, 2026
Hackers access Booking.com user data, company secures systems
April 13, 2026
Inside ZionSiphon: politically driven malware aims at Israeli water systems
April 17, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

April 22, 2026

Hacking
Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

April 22, 2026

Malware
Venezuela energy sector targeted by highly destructive Lotus wiper

April 22, 2026

Security
Ransomware negotiator caught secretly assisting BlackCat extortion scheme

April 21, 2026

Artificial Intelligence
The US NSA is using Anthropic's Claude Mythos despite supply chain risk

April 21, 2026

recent articles

Security
Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

Microsoft fixed critical ASP.NET Core vulnerability, tracked as CVE-2026-40372 (CVSS score of 9.1), that lets attackers escalate privileges. Microsoft released out-of-band updates to address a ser ...

Pierluigi Paganini April 22, 2026
Hacking
Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

22 BRIDGE:BREAK flaws hit Lantronix and Silex Technology converters, exposing approximately 20,000 devices to hijacking and data tampering. Researchers at Forescout Research Vedere Labs found 22 B ...

Pierluigi Paganini April 22, 2026
Malware
Venezuela energy sector targeted by highly destructive Lotus wiper

Lotus Wiper hit Venezuelan energy systems, used scripts to disable defenses, then erased all data beyond recovery. Kaspersky researchers found Lotus Wiper targeting Venezuela’s energy and utilit ...

Pierluigi Paganini April 22, 2026
Security
Ransomware negotiator caught secretly assisting BlackCat extortion scheme

Angelo Martino pleaded guilty to helping BlackCat ransomware group while acting as a ransomware negotiator. Another U.S. cybersecurity expert, Angelo Martino, admitted helping the BlackCat ransomw ...

Pierluigi Paganini April 21, 2026
Artificial Intelligence
The US NSA is using Anthropic's Claude Mythos despite supply chain risk

Axios reports the National Security Agency uses Anthropic Mythos model despite Department of Defense concerns, blurring AI risk vs defense lines. The reported use of Anthropic’s Mythos model by ...

Pierluigi Paganini April 21, 2026
Hacking
U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited V ...

Pierluigi Paganini April 21, 2026
Security
Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility

Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its se ...

Pierluigi Paganini April 21, 2026
Data Breach
France’s ANTS ID System website hit by cyberattack, possible data breach

A cyberattack hit France’s ANTS website, possibly exposing personal data from users applying for IDs, passports, and driver’s licenses. A cyberattack targeted France’s ANTS platform, which h ...

Pierluigi Paganini April 20, 2026
Cyber Crime
Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft

Tyler Buchanan, linked to Scattered Spider, pleaded guilty in the US to hacking companies and stealing millions in cryptocurrency. Tyler Buchanan, a 24-year-old from Scotland linked to the Scatter ...

Pierluigi Paganini April 20, 2026
Hacking
CVE-2023-33538 under attack for a year, but exploitation still unsuccessful

Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. Hackers have been trying for over a year to exploit a serious flaw ...

Pierluigi Paganini April 20, 2026
Data Breach
Third-party AI hack triggers Vercel breach, internal environments accessed

Vercel suffered a breach after a hacked Context.ai tool exposed an employee account, letting attackers access limited internal systems and non-sensitive data. Vercel reported a security breach cau ...

Pierluigi Paganini April 20, 2026
Artificial Intelligence
AI Model Claude Opus turns bugs into exploits for just $2,283

Claude Opus created a working Chrome exploit for $2,283, showing that widely available AI models can already find and weaponize vulnerabilities. Claude Opus managed to produce a functional Chrome ...

Pierluigi Paganini April 20, 2026
Security
Cyber attacks fuel surge in cargo theft across logistics industry

Hackers infiltrate logistics firms to steal cargo and divert payments, cyberattacks are linked to organized crime and rising losses. Proofpoint researchers observed crooks targeting trucking and l ...

Pierluigi Paganini April 19, 2026
Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CPU-Z / HWMonitor watering hole infection – a copy-pasted at ...

Pierluigi Paganini April 19, 2026
Breaking News
Security Affairs newsletter Round 573 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini April 19, 2026
Security
Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware

Attackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU, ...

Pierluigi Paganini April 18, 2026
Malware
Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks

A Mirai variant called Nexcorium exploits a flaw in TBK DVRs to infect devices and use them in DDoS attacks, along with outdated TP-Link routers. Fortinet researchers found that threat actors are ...

Pierluigi Paganini April 18, 2026
Hacking
Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access

Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Micr ...

Pierluigi Paganini April 18, 2026
Security
Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western Intelligence

Grinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz crypto exchange Grinex halted operations after a ...

Pierluigi Paganini April 17, 2026
Cyber Crime
DraftKings hacker sentenced to prison, ordered to pay $1.4 Million

A DraftKings hacker got 30 months in prison for selling stolen credentials and must pay over $1.4 million in fines and restitution. Kamerin Stokes, 23, from Memphis (aka TheMFNPlug), received a 30 ...

Pierluigi Paganini April 17, 2026