Security Affairs

LATEST NEWS

VIEW ALL

Experts warn of ongoing scans for Citrix servers affected by CVE-2019-19781

Pierluigi Paganini January 09, 2020

Threat actors are probing Citrix servers in the attempt to exploit the CVE-2019-19781 remote code execution vulnerability. Security researchers are warning of ongoing scans for Citrix Application ...

Breaking News

TrickBot gangs developed the PowerTrick backdoor for high-value targets

Pierluigi Paganini January 09, 2020

Researchers at SentinelLabs reported that TrickBot operators used a new PowerShell backdoor in recent attacks aimed at high-value targets. SentinelLabs experts discovered a new PowerShell backdoor ...

Breaking News

Interpol: Goldfish Alpha operation reduces cryptojacking by 78%

Pierluigi Paganini January 09, 2020

An operation coordinated by Interpol, dubbed Goldfish Alpha, dismantled an illegal cryptocurrency network operating in Southeast Asia Interpol announced that it has coordinated a successful inte ...

Hacking

Mozilla addresses CVE-2019-17026 Firefox Zero-Day exploited in targeted attacks

Pierluigi Paganini January 09, 2020

Mozilla has released security updates for Firefox browser that address a zero-day flaw (CVE-2019-17026) that has been exploited in targeted attacks. Mozilla has released security updates to addres ...

1
2
2302
2303
2304
2305
2306
4599
4600
4601

recent articles

Security

Security Affairs newsletter Round 572 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini April 12, 2026

ICS-SCADA

Censys finds 5,219 devices exposed to attacks by Iranian APTs, majority in U.S.

Censys researchers found 5,219 exposed Rockwell PLCs online, mostly in the U.S., urging defenders to secure or disconnect them. On April 7, 2026, U.S. agencies, including FBI, CISA, and NSA, warne ...

Pierluigi Paganini April 11, 2026

Malware

GlassWorm evolves with Zig dropper to infect multiple developer tools

The GlassWorm campaign uses a Zig-based dropper hidden in a fake IDE extension to infect developer tools and compromise systems. The GlassWorm campaign, active since 2025, has evolved from malicio ...

Pierluigi Paganini April 11, 2026

Hacking

CVE-2026-39987: Marimo RCE exploited in hours after disclosure

A critical flaw, tracked as CVE-2026-39987, in the open-source Python notebook tool Marimo was exploited within 10 hours of disclosure. A critical flaw in Marimo, tracked as CVE-2026-39987 (CVSS s ...

Pierluigi Paganini April 11, 2026

Security

UAT-10362 linked to LucidRook attacks targeting Taiwan-based institutions

LucidRook is Lua malware used in phishing attacks on NGOs and universities in Taiwan, linked to UAT-10362, spread via password-protected emails. LucidRook is a new Lua-based malware used in target ...

Pierluigi Paganini April 10, 2026

Hacking

EngageLab SDK flaw opens door to private data on 50M Android devices

A flaw in EngageLab SDK exposed up to 50M Android users, including 30M crypto wallets, letting apps bypass security and access private data. Microsoft researchers found a critical flaw in EngageSD ...

Pierluigi Paganini April 10, 2026

Cyber Crime

Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials

Hackers breached Bitcoin Depot, stole credentials, and took about 50 BTC worth $3.6M from its wallets after a March 23 intrusion. Hackers breached the largest US Bitcoin ATM operator, Bitcoin Depo ...

Pierluigi Paganini April 10, 2026

Data Breach

Eurail data breach impacted 308,777 people

Hackers breached Eurail in Dec 2025, stole names and passport data, and exposed over 300,000 travelers’ personal information. Threat actors breached Eurail in December 2025 and stole names and p ...

Pierluigi Paganini April 09, 2026

Hacking

Malicious PDF reveals active Adobe Reader zero-day in the wild

Hackers used an Adobe Reader zero-day for months. Researcher Haifei Li found a malicious PDF and asks the community to help analyze it. Hackers used an Adobe Reader zero-day for months to deliver ...

Pierluigi Paganini April 09, 2026

Malware

Masjesu botnet targets IoT devices while evading high-profile networks

Masjesu is a stealthy DDoS-for-hire botnet targeting IoT devices, active since 2023 and designed to stay hidden by avoiding high-profile networks. Masjesu is a stealthy botnet active since 2023, a ...

Pierluigi Paganini April 09, 2026

Hacking

The alleged breach of China’s National Supercomputing Center can have serious geopolitical consequences

A hacker allegedly stole 10+ PB of sensitive military and aerospace data from China’s National Supercomputing Center, risking national security. A massive alleged breach has hit China’s Nation ...

Pierluigi Paganini April 09, 2026

ICS-SCADA

Internet-Exposed ICS Devices Raise Alarm for Critical Sectors

Exposed ICS devices and insecure protocols like Modbus increase risks to critical infrastructure, enabling disruption, data access, and potential sabotage. Malware targeting industrial control sys ...

Pierluigi Paganini April 09, 2026

Security

U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini April 08, 2026

APT

Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics

APT28 targets Ukraine and allies with PRISMEX malware, using stealthy techniques for espionage and command-and-control. Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Stor ...

Pierluigi Paganini April 08, 2026

Security

Signature Healthcare hit by cyberattack, services and pharmacies impacted

Massachusetts’ Signature Healthcare diverts ambulances and cancels services after a cyberattack disrupts hospital operations and pharmacy access. The hospital Signature Healthcare in Brockton, M ...

Pierluigi Paganini April 08, 2026

Artificial Intelligence

Project Glasswing powered by Claude Mythos: defending software before hackers do

Anthropic unveiled Claude Mythos, a powerful AI for cybersecurity that could also be misused to enhance cyberattacks. Anthropic has unveiled Claude Mythos, a new AI model designed to strengthen cy ...

Pierluigi Paganini April 08, 2026

APT

U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs

U.S. agencies warn Iran-linked threat actors are targeting internet-exposed PLCs used in critical infrastructure networks. U.S. agencies, including the FBI and CISA, warn that Iran-linked hackers ...

Pierluigi Paganini April 08, 2026

Security

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to poor validation of user-supplied JavaScri ...

Pierluigi Paganini April 07, 2026

Security

Major outage cripples Russian banking apps and metro payments nationwide

A major outage hit Russian banking apps and payments, blocking card use, cash withdrawals, and mobile access for hours. A widespread outage disrupted banking apps and payment systems across Russia ...

Pierluigi Paganini April 07, 2026

Cyber Crime

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

China-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially d ...

Pierluigi Paganini April 07, 2026

LATEST NEWS

top articles

newsletter

Subscribe to my email list and stay up-to-date!

most popular

recent articles

Subscribe to my email list and stay
up-to-date!