Security Affairs - Page 520 of 1858 - Read, think, share … Security is everyone's responsibility

LATEST NEWS

VIEW ALL

Social Networks

The Socialbot Network

Pierluigi Paganini November 02, 2011

Online Social Networks(OSN) are an integral part of today's Web. Hacktivist,Politicians, celebrities, revolutionists, and others use OSNs as carrier for their message to a wide audience. The downs ...

Duqu Trojan, Stuxnet-derived malware

Pierluigi Paganini November 02, 2011

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...

Welcome on board

Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

1
2
4641
4642
4643

most popular

VIEW ALL

ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed

May 18, 2026

Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq

May 18, 2026

Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix

May 18, 2026

Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945

May 18, 2026

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97

May 17, 2026

recent articles

Data Breach

ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed

7-Eleven confirmed a breach after ShinyHunters claimed theft of over 600,000 Salesforce records and franchisee data. 7-Eleven has confirmed a data breach after the ShinyHunters hacking group claim ...

Pierluigi Paganini May 18, 2026

Data Breach

Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq

A hotel check-in system exposed over 1 million passports, IDs, and selfies online due to a misconfigured cloud storage bucket. A security lapse in the Reqrea's Tabiq hotel check-in system exposed ...

Pierluigi Paganini May 18, 2026

Hacking

Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix

MiniPlasma: a Windows SYSTEM privilege escalation believed patched in 2020 (CVE-2020-17103) is still fully working on every patched Windows 11. Once again, security researcher Chaotic Eclipse has ...

Pierluigi Paganini May 18, 2026

Hacking

Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945

A critical NGINX flaw (CVE-2026-42945) is actively exploited, allowing crashes or possible code execution via malicious HTTP requests. A critical vulnerability in NGINX Plus and NGINX Open, tracke ...

Pierluigi Paganini May 18, 2026

Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter JDownloader site hacked to replace insta ...

Pierluigi Paganini May 17, 2026

Security

Security Affairs newsletter Round 577 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini May 17, 2026

Cyber Crime

Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores

Attackers are exploiting a critical flaw in the WordPress Funnel Builder plugin to inject skimming code into WooCommerce checkout pages. A critical vulnerability in the WordPress Funnel Builder pl ...

Pierluigi Paganini May 17, 2026

Hacking

Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total

Pwn2Own Berlin 2026 ended with 47 zero-days and $1.29M in payouts, as DEVCORE dominated the competition across all categories. Pwn2Own Berlin 2026 ended after three intense days, with participants ...

Pierluigi Paganini May 17, 2026

Hacking

U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...

Pierluigi Paganini May 16, 2026

Hacking

OpenAI hit by supply chain attack linked to malicious TanStack packages

OpenAI said the TanStack supply chain attack compromised two employee devices and exposed credentials from code repositories. OpenAI confirmed that the recent TanStack supply chain attack compromi ...

Pierluigi Paganini May 16, 2026

Security

Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K

Day two of Pwn2Own Berlin 2026 saw $385,750 earned for 15 zero-days, bringing the total to $908,750 and 39 vulnerabilities over two days. During the second day of Pwn2Own Berlin 2026, security res ...

Pierluigi Paganini May 15, 2026

Security

CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day

Microsoft warned that attackers are exploiting a new Exchange Server zero-day vulnerability, tracked as CVE-2026-42897, in the wild. Microsoft warned that threat actors are actively exploiting a n ...

Pierluigi Paganini May 15, 2026

APT

Ghostwriter group resumes attacks on Ukrainian Government targets

ESET uncovered new Ghostwriter (aka FrostyNeighbor) activity targeting Ukrainian government organizations in a campaign active since March 2026. ESET researchers published a new report documenting ...

Pierluigi Paganini May 15, 2026

Hacking

Researchers uncover YellowKey and GreenPlasma Windows Zero-Days

Researchers disclosed two new Windows zero-days named YellowKey and GreenPlasma affecting BitLocker and the CTFMON framework. A security researcher known as Chaotic Eclipse, also called Nightmare- ...

Pierluigi Paganini May 15, 2026

Hacking

Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall

Pwn2Own Berlin 2026 day one saw 22 entries and 24 zero-days across major software, with researchers earning $523,000 in total rewards. Day one of Pwn2Own Berlin 2026 featured 22 entries targeting ...

Pierluigi Paganini May 15, 2026

Hacking

U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secu ...

Pierluigi Paganini May 14, 2026

Security

Linux Kernel bug Fragnesia allows local root access attacks

Fragnesia, a new Linux kernel flaw tracked as CVE-2026-46300, could let local attackers gain root access through page cache corruption. Researchers disclosed a new Linux kernel privilege escalatio ...

Pierluigi Paganini May 14, 2026

Security

Broadcom releases VMware Fusion security update for root access bug

Broadcom patched a high-severity VMware Fusion flaw, CVE-2026-41702, that could let local attackers gain root privileges. Broadcom released a security update for VMware Fusion to address a high-se ...

Pierluigi Paganini May 14, 2026

Hacking

NGINX Rift: an 18-year-old flaw in the world's most deployed web server just came to light

Researchers found a critical 18-year-old buffer overflow flaw in NGINX, tracked as CVE-2026-42945 and named NGINX Rift. If you run NGINX, and statistically speaking, there is a very good chance yo ...

Pierluigi Paganini May 14, 2026

APT

FamousSparrow targets Azerbaijani energy sector in multi-wave espionage campaign

Chinese-linked FamousSparrow repeatedly targeted an Azerbaijani oil and gas company, reusing the same entry point in three intrusions from Dec 2025 to Feb 2026. Chinese-linked threat actor FamousS ...

Pierluigi Paganini May 14, 2026