MUST READ

DDoS wave continues as Mastodon hit after Bluesky incident

 | 

Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers

 | 

Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

 | 

Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

 | 

Venezuela energy sector targeted by highly destructive Lotus wiper

 | 

Ransomware negotiator caught secretly assisting BlackCat extortion scheme

 | 

The US NSA is using Anthropic's Claude Mythos despite supply chain risk

 | 

U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog

 | 

Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility

 | 

France’s ANTS ID System website hit by cyberattack, possible data breach

 | 

Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft

 | 

CVE-2023-33538 under attack for a year, but exploitation still unsuccessful

 | 

Third-party AI hack triggers Vercel breach, internal environments accessed

 | 

AI Model Claude Opus turns bugs into exploits for just $2,283

 | 

Cyber attacks fuel surge in cargo theft across logistics industry

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93

 | 

Security Affairs newsletter Round 573 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware

 | 

Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks

 | 

Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access

 | 

LATEST NEWS

VIEW ALL
Hacking
Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild
Pierluigi Paganini August 28, 2018

According to the threat intelligence firm Volexity, the CVE-2018-11776 vulnerability is already being abused in malicious attacks in the wild. Just yesterday I wrote about the availability online of ...

Breaking News
Expert publicly disclosed exploit code for Windows Task Scheduler Zero-Day
Pierluigi Paganini August 28, 2018

A security researcher has publicly disclosed the details of zero-day privilege escalation vulnerability affecting all Microsoft's Windows operating systems A security researcher who handles the Twit ...

Cyber warfare
Iran-linked COBALT DICKENS group targets universities in new phishing campaign
Pierluigi Paganini August 28, 2018

Experts from SecureWorks discovered a large phishing campaign targeting universities carried out by an Iran-linked threat actor COBALT DICKENS. Security firm SecureWorks has uncovered a new phishing ...

APT
Security firm attributes Cosmos Bank cyberheist to Lazarus APT
Pierluigi Paganini August 28, 2018

Security experts from Securonix have published a report that attributes the attack against on the Cosmos Bank to the Lazarus APT group. Cosmos Bank is one of the largest Indian cooperative banks, it ...

top articles

The alleged breach of China’s National Supercomputing Center can have serious geopolitical consequences
April 09, 2026
Eurail data breach impacted 308,777 people
April 09, 2026
Hackers claim control over Venice San Marco anti-flood pumps
April 12, 2026
Hackers access Booking.com user data, company secures systems
April 13, 2026
Inside ZionSiphon: politically driven malware aims at Israeli water systems
April 17, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Cyber Crime

DDoS wave continues as Mastodon hit after Bluesky incident

April 22, 2026

Malware
Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers

April 22, 2026

Security
Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

April 22, 2026

Hacking
Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

April 22, 2026

Malware
Venezuela energy sector targeted by highly destructive Lotus wiper

April 22, 2026

recent articles

Cyber Crime
DDoS wave continues as Mastodon hit after Bluesky incident

Mastodon suffered a major DDoS attack shortly after a similar incident hit Bluesky. The outage was significant but resolved within a few hours. Mastodon was hit by a major DDoS attack just days af ...

Pierluigi Paganini April 22, 2026
Malware
Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers

Mirai botnet is targeting old D-Link routers using CVE-2025-29635, a command injection flaw exploitable via crafted POST requests after public PoC disclosure. A Mirai botnet is actively exploiting ...

Pierluigi Paganini April 22, 2026
Security
Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw

Microsoft fixed critical ASP.NET Core vulnerability, tracked as CVE-2026-40372 (CVSS score of 9.1), that lets attackers escalate privileges. Microsoft released out-of-band updates to address a ser ...

Pierluigi Paganini April 22, 2026
Hacking
Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

22 BRIDGE:BREAK flaws hit Lantronix and Silex Technology converters, exposing approximately 20,000 devices to hijacking and data tampering. Researchers at Forescout Research Vedere Labs found 22 B ...

Pierluigi Paganini April 22, 2026
Malware
Venezuela energy sector targeted by highly destructive Lotus wiper

Lotus Wiper hit Venezuelan energy systems, used scripts to disable defenses, then erased all data beyond recovery. Kaspersky researchers found Lotus Wiper targeting Venezuela’s energy and utilit ...

Pierluigi Paganini April 22, 2026
Security
Ransomware negotiator caught secretly assisting BlackCat extortion scheme

Angelo Martino pleaded guilty to helping BlackCat ransomware group while acting as a ransomware negotiator. Another U.S. cybersecurity expert, Angelo Martino, admitted helping the BlackCat ransomw ...

Pierluigi Paganini April 21, 2026
Artificial Intelligence
The US NSA is using Anthropic's Claude Mythos despite supply chain risk

Axios reports the National Security Agency uses Anthropic Mythos model despite Department of Defense concerns, blurring AI risk vs defense lines. The reported use of Anthropic’s Mythos model by ...

Pierluigi Paganini April 21, 2026
Hacking
U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited V ...

Pierluigi Paganini April 21, 2026
Security
Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility

Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its se ...

Pierluigi Paganini April 21, 2026
Data Breach
France’s ANTS ID System website hit by cyberattack, possible data breach

A cyberattack hit France’s ANTS website, possibly exposing personal data from users applying for IDs, passports, and driver’s licenses. A cyberattack targeted France’s ANTS platform, which h ...

Pierluigi Paganini April 20, 2026
Cyber Crime
Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft

Tyler Buchanan, linked to Scattered Spider, pleaded guilty in the US to hacking companies and stealing millions in cryptocurrency. Tyler Buchanan, a 24-year-old from Scotland linked to the Scatter ...

Pierluigi Paganini April 20, 2026
Hacking
CVE-2023-33538 under attack for a year, but exploitation still unsuccessful

Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. Hackers have been trying for over a year to exploit a serious flaw ...

Pierluigi Paganini April 20, 2026
Data Breach
Third-party AI hack triggers Vercel breach, internal environments accessed

Vercel suffered a breach after a hacked Context.ai tool exposed an employee account, letting attackers access limited internal systems and non-sensitive data. Vercel reported a security breach cau ...

Pierluigi Paganini April 20, 2026
Artificial Intelligence
AI Model Claude Opus turns bugs into exploits for just $2,283

Claude Opus created a working Chrome exploit for $2,283, showing that widely available AI models can already find and weaponize vulnerabilities. Claude Opus managed to produce a functional Chrome ...

Pierluigi Paganini April 20, 2026
Security
Cyber attacks fuel surge in cargo theft across logistics industry

Hackers infiltrate logistics firms to steal cargo and divert payments, cyberattacks are linked to organized crime and rising losses. Proofpoint researchers observed crooks targeting trucking and l ...

Pierluigi Paganini April 19, 2026
Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CPU-Z / HWMonitor watering hole infection – a copy-pasted at ...

Pierluigi Paganini April 19, 2026
Breaking News
Security Affairs newsletter Round 573 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini April 19, 2026
Security
Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware

Attackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU, ...

Pierluigi Paganini April 18, 2026
Malware
Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks

A Mirai variant called Nexcorium exploits a flaw in TBK DVRs to infect devices and use them in DDoS attacks, along with outdated TP-Link routers. Fortinet researchers found that threat actors are ...

Pierluigi Paganini April 18, 2026
Hacking
Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access

Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Micr ...

Pierluigi Paganini April 18, 2026