MUST READ

PHP Composer flaws enable remote command execution via Perforce VCS

 | 

Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day

 | 

Personal data of 1 million gym members compromised in Basic-Fit security incident

 | 

US, UK and Canada disrupt $45M crypto theft in Operation Atlantic

 | 

ShinyHunters claim the hack of Rockstar Games breach and started leaking data

 | 

Attackers target unpatched ShowDoc servers via CVE-2025-0520

 | 

U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

 | 

Fake Claude AI installer abuses DLL sideloading to deploy PlugX

 | 

Hackers access Booking.com user data, company secures systems

 | 

iPhone forensics expose Signal messages after app removal in U.S. case

 | 

Citizen Lab: Webloc tracked 500M devices for global law enforcement

 | 

Iran-linked group Handala claims to have breached three major UAE organizations

 | 

CPUID watering hole attack spreads STX RAT malware

 | 

Adobe fixes actively exploited Acrobat Reader flaw CVE-2026-34621

 | 

Hackers claim control over Venice San Marco anti-flood pumps

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 92

 | 

Security Affairs newsletter Round 572 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Censys finds 5,219 devices exposed to attacks by Iranian APTs, majority in U.S.

 | 

GlassWorm evolves with Zig dropper to infect multiple developer tools

 | 

CVE-2026-39987: Marimo RCE exploited in hours after disclosure

 | 

LATEST NEWS

VIEW ALL
Malware
New LockFile ransomware gang uses ProxyShell and PetitPotam exploits
Pierluigi Paganini August 21, 2021

A new ransomware gang named LockFile targets Microsoft Exchange servers exploiting the recently disclosed ProxyShell vulnerabilities. A new ransomware gang named LockFile targets Microsoft Exchan ...

Security
US CISA releases guidance on how to prevent ransomware data breaches
Pierluigi Paganini August 21, 2021

The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks. Most of the recent ransomware attack resulted in ...

Cyber Crime
Lojas Renner, Brazilian largest clothing store chain, was hit by ransomware
Pierluigi Paganini August 21, 2021

Lojas Renner, the largest Brazilian department stores clothing company, suffered a ransomware attack that impacted its IT infrastructure. Lojas Renner, the largest Brazilian department stores clot ...

Malware
Emsisoft releases free SynAck ransomware decryptor
Pierluigi Paganini August 20, 2021

Emsisoft researchers have released a decryptor for the SynAck Ransomware that could allow victims of the gang to decrypt their files for free Emsisoft has released a free decryptor for SynAck Ran ...

top articles

Major outage cripples Russian banking apps and metro payments nationwide
April 07, 2026
Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials
April 10, 2026
The alleged breach of China’s National Supercomputing Center can have serious geopolitical consequences
April 09, 2026
Eurail data breach impacted 308,777 people
April 09, 2026
Hackers claim control over Venice San Marco anti-flood pumps
April 12, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

PHP Composer flaws enable remote command execution via Perforce VCS

April 15, 2026

Security
Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day

April 15, 2026

Data Breach
Personal data of 1 million gym members compromised in Basic-Fit security incident

April 14, 2026

Cyber Crime
US, UK and Canada disrupt $45M crypto theft in Operation Atlantic

April 14, 2026

Data Breach
ShinyHunters claim the hack of Rockstar Games breach and started leaking data

April 14, 2026

recent articles

Security
PHP Composer flaws enable remote command execution via Perforce VCS

Two high-severity flaws in PHP Composer could let attackers run arbitrary commands via malicious repository configs and crafted inputs affecting Perforce VCS. Two high-severity vulnerabilities in ...

Pierluigi Paganini April 15, 2026
Security
Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day

Microsoft Patch Tuesday security updates for April 2026 fixed 165 vulnerabilities, including an actively exploited SharePoint zero-day. Microsoft Patch Tuesday security updates addressed 165 vulne ...

Pierluigi Paganini April 15, 2026
Data Breach
Personal data of 1 million gym members compromised in Basic-Fit security incident

A breach at Basic-Fit exposed data of 1M members, including names, birth dates and bank details after unauthorized access. Basic-Fit, Europe’s largest gym chain, has disclosed a data breach affe ...

Pierluigi Paganini April 14, 2026
Cyber Crime
US, UK and Canada disrupt $45M crypto theft in Operation Atlantic

US, UK and Canada ran Operation Atlantic, uncovering $45M in crypto theft and freezing $12M to return to victims. An international law enforcement operation from the US, UK and Canada, codenamed O ...

Pierluigi Paganini April 14, 2026
Data Breach
ShinyHunters claim the hack of Rockstar Games breach and started leaking data

Leak of 8.1GB data tied to Rockstar Games includes anti-cheat code, game data, analytics and more, reportedly exposed by ShinyHunters. An 8.1GB data leak reportedly linked to Rockstar Games has su ...

Pierluigi Paganini April 14, 2026
Hacking
Attackers target unpatched ShowDoc servers via CVE-2025-0520

A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (C ...

Pierluigi Paganini April 14, 2026
Security
U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. C ...

Pierluigi Paganini April 14, 2026
Malware
Fake Claude AI installer abuses DLL sideloading to deploy PlugX

Fake Claude website impersonates Anthropic and delivers PlugX RAT via ZIP download using DLL sideloading. A fake website impersonating Anthropic’s Claude service was found distributing the PlugX ...

Pierluigi Paganini April 14, 2026
Data Breach
Hackers access Booking.com user data, company secures systems

Hackers accessed some Booking.com user data, including names, emails, phone numbers, and booking details. The issue is now contained. Booking.com warned that hackers may have accessed customer dat ...

Pierluigi Paganini April 13, 2026
Security
iPhone forensics expose Signal messages after app removal in U.S. case

An FBI case in Texas shows Signal messages can still be recovered from iPhones even after app uninstall, via system artifacts, challenging privacy assumptions. The recent revelations about FBI for ...

Pierluigi Paganini April 13, 2026
Intelligence
Citizen Lab: Webloc tracked 500M devices for global law enforcement

Citizen Lab reported that law enforcement used the surveillance tool Webloc to track up to 500M devices via ad data globally. A report by Citizen Lab revealed that law enforcement agencies in the ...

Pierluigi Paganini April 13, 2026
Hacking
Iran-linked group Handala claims to have breached three major UAE organizations

Iran-linked group Handala claims to have breached three major UAE organizations, Dubai Courts, Dubai Land Department, and Dubai Roads & Transport Authority The group Handala claimed a major c ...

Pierluigi Paganini April 13, 2026
Malware
CPUID watering hole attack spreads STX RAT malware

Threat actors compromised the CPUID website and spread STX RAT through fake CPU-Z and HWMonitor downloads. Attackers breached the website CPUID and replaced download links for CPU-Z and HWMonitor ...

Pierluigi Paganini April 13, 2026
Security
Adobe fixes actively exploited Acrobat Reader flaw CVE-2026-34621

Adobe addressed a critical Acrobat Reader vulnerability, tracked as CVE-2026-34621, which is actively exploited to run malicious code. Adobe released emergency updates to address a critical vulner ...

Pierluigi Paganini April 12, 2026
Hacktivism
Hackers claim control over Venice San Marco anti-flood pumps

Hackers breached Venice ’s San Marco flood system, claiming control of pumps and the ability to disable defenses and flood coastal areas. The technologies that govern the physical world are the ...

Pierluigi Paganini April 12, 2026
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 92

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Thirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Dat ...

Pierluigi Paganini April 12, 2026
Security
Security Affairs newsletter Round 572 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini April 12, 2026
ICS-SCADA
Censys finds 5,219 devices exposed to attacks by Iranian APTs, majority in U.S.

Censys researchers found 5,219 exposed Rockwell PLCs online, mostly in the U.S., urging defenders to secure or disconnect them. On April 7, 2026, U.S. agencies, including FBI, CISA, and NSA, warne ...

Pierluigi Paganini April 11, 2026
Malware
GlassWorm evolves with Zig dropper to infect multiple developer tools

The GlassWorm campaign uses a Zig-based dropper hidden in a fake IDE extension to infect developer tools and compromise systems. The GlassWorm campaign, active since 2025, has evolved from malicio ...

Pierluigi Paganini April 11, 2026
Hacking
CVE-2026-39987: Marimo RCE exploited in hours after disclosure

A critical flaw, tracked as CVE-2026-39987, in the open-source Python notebook tool Marimo was exploited within 10 hours of disclosure. A critical flaw in Marimo, tracked as CVE-2026-39987 (CVSS s ...

Pierluigi Paganini April 11, 2026