Pierluigi Paganini
October 02, 2025
CERT-UA warns UAC-0245 targets Ukraine with CABINETRAT backdoor via malicious Excel XLL add-ins spotted in Sept 2025. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyberattac ...
Pierluigi Paganini
October 02, 2025
Allianz Life breach exposed data of 1.5M people, including names, addresses, birth dates, and Social Security numbers stolen from a cloud CRM. In July, Allianz Life disclosed a breach where hack ...
Pierluigi Paganini
October 02, 2025
The cybercrime group calling itself the Crimson Collective claimed to have compromised Red Hat 's private GitHub repositories. The Crimson Collective claimed it had stolen 570GB from Red Hat ’s ...
Pierluigi Paganini
October 02, 2025
China-linked APT Phantom Taurus targets government and telecom orgs with Net-Star malware for espionage, using unique tactics over two years. China-nexus APT Phantom Taurus has targeted government ...
April 23, 2026
May 24, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Popular node-ipc npm Package Infected wi ...
Pierluigi Paganini
May 24, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
May 24, 2026
Anthropic said its AI Project Glasswing found over 10,000 serious vulnerabilities in one month, exposing a growing patching gap. Anthropic announced on Friday that Project Glasswing, its defensive ...
Pierluigi Paganini
May 24, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ...
Pierluigi Paganini
May 24, 2026
Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20 for CVE-2026-9082, a SQL injection vul ...
Pierluigi Paganini
May 23, 2026
Ransomware gangs are shifting from encryption to pure extortion, focusing on stolen data, reputational pressure, and stealthier attacks. Ransomware groups are quietly changing strategy in 2026. In ...
Pierluigi Paganini
May 23, 2026
Ghostwriter targeted Ukrainian government agencies with phishing emails delivering malware and Cobalt Strike payloads. The Belarus-nexus APT group Ghostwriter (also tracked as UAC-0057 and UNC1151 ...
Pierluigi Paganini
May 23, 2026
Canadian authorities arrested a 23-year-old Ottawa man accused of running the Kimwolf DDoS botnet. The US is now seeking extradition. US authorities have charged 23-year-old Jacob Butler (aka “D ...
Pierluigi Paganini
May 22, 2026
Hunt.io mapped 1,350+ C2 servers across the Middle East, revealing how a small group of providers quietly supports major malware activity. For years, threat intelligence focused mostly on malware ...
Pierluigi Paganini
May 22, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ...
Pierluigi Paganini
May 21, 2026
Police seized First VPN in a global crackdown, exposed its cybercrime users, and shut down infrastructure tied to ransomware and data theft. A major international law enforcement operation has tak ...
Pierluigi Paganini
May 21, 2026
Apple 2025 fraud report shows major App Store protections: over 2M apps rejected, 1B fake accounts blocked, and billions in fraud prevented. Apple 's annual fraud prevention report for 2025 paints ...
Pierluigi Paganini
May 21, 2026
Attackers bypassed MFA on patched SonicWall Gen6 VPNs because admins missed extra manual steps required to fully fix the flaw. There is a particular kind of security failure that is harder to catc ...
Pierluigi Paganini
May 21, 2026
Cisco fixed a critical Secure Workload flaw (CVE-2026-20223) that could let attackers gain Site Admin privileges through crafted API requests. Cisco released patches for a critical vulnerability, ...
Pierluigi Paganini
May 21, 2026
Discord now enables end-to-end encryption by default for all voice and video calls, making conversations inaccessible even to the platform itself. No announcement fanfare, no opt-in required, no s ...
Pierluigi Paganini
May 21, 2026
PinTheft is a Linux LPE flaw in the RDS subsystem with public exploit code. Arch Linux users face the highest risk and should patch immediately. The wave of Linux local privilege escalation vulner ...
Pierluigi Paganini
May 20, 2026
Microsoft acknowledged the YellowKey BitLocker bypass flaw and released mitigations, urging admins to disable autofstx.exe and enable TPM+PIN. A week after Chaotic Eclipse publicly dropped the Yel ...
Pierluigi Paganini
May 20, 2026
Carding forum B1ack's Stash claims to have released millions of stolen CVV2 payment card records for free after suspending sellers. B1ack's Stash, one of the most active stolen card marketplaces o ...
Pierluigi Paganini
May 20, 2026
One employee installed a trojanized VS Code extension. Result: ~3,800 GitHub internal repositories exfiltrated. TeamPCP claims credit, wants $50K. There is something almost ironic about GitHub, th ...
Pierluigi Paganini
May 20, 2026
DirtyDecrypt (CVE-2026-31635): working PoC out for a Linux kernel LPE flaw. Missing COW guard in rxgk_decrypt_skb lets local attackers reach root. After Copy Fail, Dirty Frag, and Fragnesia, here ...
Pierluigi Paganini
May 20, 2026
