Pierluigi Paganini
September 15, 2017
Google removed 50 malicious apps from the official Play Store after experts discovered a new malware, dubbed ExpensiveWall, eluded Google Bouncer checks. Google has removed 50 malicious apps from th ...
Pierluigi Paganini
September 15, 2017
Around 200,000 WordPress websites using the Display Widgets Plugin were impacted after it was updated to include malicious code. According to security firm Wordfence, roughly 200,000 WordPress w ...
Pierluigi Paganini
September 14, 2017
Experts discovered 4,000 compromised installations on Amazon AWS of open source analytics and search tool Elasticsearch that were running PoS malware. Security researchers from the firm Kromtech h ...
Pierluigi Paganini
September 14, 2017
The company ZERODIUM announced it will pay up to $1 million for fully working zero day exploits for Tor Browser on Tails Linux and Windows OSs. The zero-day broker Zerodium offers $1 million for Tor ...
April 23, 2026
Police arrested the alleged admin of XSS.is, a major cybercrime forum whose trusted escrow service helped power the underground economy. On 22 July 2025, French and Ukrainian police arrested a 38- ...
Pierluigi Paganini
June 30, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a SimpleHelp flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ( ...
Pierluigi Paganini
June 30, 2026
Hackers stole data from 4.38 million Aflac Japan customers after accessing its systems for 10 days before the breach was detected. Aflac Japan disclosed that hackers stole the personal information ...
Pierluigi Paganini
June 30, 2026
Apple released updates for iOS, iPadOS, macOS, and Safari, fixing WebKit flaws, four of which were found using AI tools like Claude and Codex Apple pushed out security updates for iOS, iPadOS, mac ...
Pierluigi Paganini
June 30, 2026
Attackers are exploiting a critical flaw in Oracle E-Business Suite, CVE-2026-46817, that allows remote, unauthenticated attackers to take over Oracle Payments. A critical vulnerability in Oracle ...
Pierluigi Paganini
June 30, 2026
WhatsApp will introduce usernames later this year, letting its 3 billion users connect without sharing phone numbers. WhatsApp has over three billion users, and it's finally letting them talk to e ...
Pierluigi Paganini
June 29, 2026
The U.S. offers up to $10M for information on Russian hackers targeting Signal and WhatsApp accounts of officials and journalists. The U.S. government is offering rewards of up to $10 million for ...
Pierluigi Paganini
June 29, 2026
Microsoft shut down the StegoAd campaign, which used 119 malicious Edge extensions, hit 2.6M installs, and ran undetected for two years. Microsoft just shut down one of the more technically clever ...
Pierluigi Paganini
June 29, 2026
Ukraine's SSU and the FBI Just Confirmed Russian Intelligence Has Been Systematically Hacking Messenger Accounts for Years. The Security Service of Ukraine (SSU), working jointly with the FBI, has ...
Pierluigi Paganini
June 29, 2026
KDDI Corporation disclosed a breach affecting up to 14.2 million email accounts after attackers exploited a vulnerability in third-party software. KDDI Corporation disclosed a data breach that exp ...
Pierluigi Paganini
June 28, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter More Than 4,000 Legacy Routers Compromis ...
Pierluigi Paganini
June 28, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
June 28, 2026
FBI warns Russian spies now target Signal Backup Recovery Keys, enabling access to message history and long-term account takeover. The FBI and CISA updated their March 2026 warning about Russian i ...
Pierluigi Paganini
June 27, 2026
Microsoft warns of a phishing campaign targeting the hospitality sector with fake guest emails that install TonRAT using resilient persistence. Microsoft Threat Intelligence published a detailed a ...
Pierluigi Paganini
June 27, 2026
DirtyClone: a Linux kernel privilege escalation that silently rewrites executables in memory, leaving no disk trace. Patch now. JFrog Security Research published a working exploit walkthrough on J ...
Pierluigi Paganini
June 27, 2026
Chinese-speaking APT CL-STA-1062 targeted Southeast Asian government and energy networks open-source tools, and a new TinyRCT backdoor. Palo Alto Networks Unit 42 researchers published a detailed ...
Pierluigi Paganini
June 26, 2026
Russian authorities used Cellebrite tools to unlock an activist’s iPhone and analyze private data despite canceled support, raising abuse concerns. On May 31, 2021, Russian security services pul ...
Pierluigi Paganini
June 26, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructur ...
Pierluigi Paganini
June 26, 2026
Polymarket confirmed hackers stole funds from some users after attackers injected malicious code through a compromised third-party vendor. Polymarket confirmed that a security breach at a third-pa ...
Pierluigi Paganini
June 26, 2026
macOS.Gaslight: DPRK Rust implant for Mac with a prompt injection payload designed to fool AI-based malware analysts. SentinelLabs researchers spotted a Rust-based macOS implant, dubbed macOS.Gasl ...
Pierluigi Paganini
June 26, 2026
