MUST READ

Authorities arrest 23-year-old accused of running the Kimwolf botnet

 | 

One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure

 | 

U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog

 | 

Global law enforcement operation takes First VPN offline

 | 

Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown

 | 

Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix

 | 

Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload

 | 

Discord adds end-to-end encryption to voice and video calls by default

 | 

PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch

 | 

Microsoft issues YellowKey mitigation, no patch yet

 | 

Carding site B1ack’s Stash dumps 4.6 Million stolen cards for free 

 | 

A malicious VS code extension just breached GitHub 's internal repositories

 | 

DirtyDecrypt: PoC Released for yet another Linux flaw

 | 

Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash

 | 

Drupal is rolling out an emergency security update on May 20. You cannot miss it

 | 

Microsoft dismantled malware-signing network Fox Tempest

 | 

Poland shifts away from Signal following cyberattacks on officials’ accounts

 | 

Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects

 | 

Shai-Hulud worm copycats emerge after source code leak

 | 

Grafana confirms GitHub token breach cybercrime group claims the attack

 | 

LATEST NEWS

VIEW ALL
APT
China-Linked Salt Typhoon breaches European Telecom via Citrix exploit
Pierluigi Paganini October 21, 2025

China-linked Salt Typhoon hacked a European telecom in July 2025 via a Citrix NetScaler Gateway exploit for initial access. A European telecom firm was targeted in July 2025 by China-linked APT gr ...

Data Breach
Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases
Pierluigi Paganini October 20, 2025

Russian hackers stole and leaked MoD files on eight RAF and Navy bases, exposing staff data in a “catastrophic” cyberattack via Dodd Group breach. Russian cybercrime group Lynx breached Dodd G ...

Uncategorized
CAPI Backdoor targets Russia’s auto and e-commerce sectors
Pierluigi Paganini October 20, 2025

A new campaign targets Russia’s auto and e-commerce sectors using a previously unknown .NET malware called CAPI Backdoor. Cybersecurity researchers at Seqrite Labs uncovered a new campaign, trac ...

Security
F5 breach exposes 262,000 BIG-IP systems worldwide
Pierluigi Paganini October 20, 2025

Over 262K F5 BIG-IP devices exposed after threat actors stole source code and data on undisclosed flaws in a recent F5 breach. Over 262,000 F5 BIG-IP devices are exposed online after F5 confirmed ...

top articles

Hackers access Booking.com user data, company secures systems
April 13, 2026
Inside ZionSiphon: politically driven malware aims at Israeli water systems
April 17, 2026
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace
April 23, 2026
Checkmarx supply chain attack impacts Bitwarden npm distribution path
April 24, 2026
Critical CrowdStrike LogScale bug could have allowed file access, but no exploitation was observed
April 26, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Cyber Crime

Authorities arrest 23-year-old accused of running the Kimwolf botnet

May 22, 2026

Hacking
One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure

May 22, 2026

Security
U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog

May 21, 2026

Cyber Crime
Global law enforcement operation takes First VPN offline

May 21, 2026

Security
Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown

May 21, 2026

recent articles

Cyber Crime
Authorities arrest 23-year-old accused of running the Kimwolf botnet

Canadian authorities arrested a 23-year-old Ottawa man accused of running the Kimwolf DDoS botnet. The US is now seeking extradition. US authorities have charged 23-year-old Jacob Butler (aka “D ...

Pierluigi Paganini May 22, 2026
Hacking
One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure

Hunt.io mapped 1,350+ C2 servers across the Middle East, revealing how a small group of providers quietly supports major malware activity. For years, threat intelligence focused mostly on malware ...

Pierluigi Paganini May 22, 2026
Security
U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ...

Pierluigi Paganini May 21, 2026
Cyber Crime
Global law enforcement operation takes First VPN offline

Police seized First VPN in a global crackdown, exposed its cybercrime users, and shut down infrastructure tied to ransomware and data theft. A major international law enforcement operation has tak ...

Pierluigi Paganini May 21, 2026
Security
Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown

Apple 2025 fraud report shows major App Store protections: over 2M apps rejected, 1B fake accounts blocked, and billions in fraud prevented. Apple 's annual fraud prevention report for 2025 paints ...

Pierluigi Paganini May 21, 2026
Hacking
Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix

Attackers bypassed MFA on patched SonicWall Gen6 VPNs because admins missed extra manual steps required to fully fix the flaw. There is a particular kind of security failure that is harder to catc ...

Pierluigi Paganini May 21, 2026
Security
Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload

Cisco fixed a critical Secure Workload flaw (CVE-2026-20223) that could let attackers gain Site Admin privileges through crafted API requests. Cisco released patches for a critical vulnerability, ...

Pierluigi Paganini May 21, 2026
Security
Discord adds end-to-end encryption to voice and video calls by default

Discord now enables end-to-end encryption by default for all voice and video calls, making conversations inaccessible even to the platform itself. No announcement fanfare, no opt-in required, no s ...

Pierluigi Paganini May 21, 2026
Security
PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch

PinTheft is a Linux LPE flaw in the RDS subsystem with public exploit code. Arch Linux users face the highest risk and should patch immediately. The wave of Linux local privilege escalation vulner ...

Pierluigi Paganini May 20, 2026
Hacking
Microsoft issues YellowKey mitigation, no patch yet

Microsoft acknowledged the YellowKey BitLocker bypass flaw and released mitigations, urging admins to disable autofstx.exe and enable TPM+PIN. A week after Chaotic Eclipse publicly dropped the Yel ...

Pierluigi Paganini May 20, 2026
Cyber Crime
Carding site B1ack’s Stash dumps 4.6 Million stolen cards for free 

Carding forum B1ack's Stash claims to have released millions of stolen CVV2 payment card records for free after suspending sellers. B1ack's Stash, one of the most active stolen card marketplaces o ...

Pierluigi Paganini May 20, 2026
Cyber Crime
A malicious VS code extension just breached GitHub 's internal repositories

One employee installed a trojanized VS Code extension. Result: ~3,800 GitHub internal repositories exfiltrated. TeamPCP claims credit, wants $50K. There is something almost ironic about GitHub, th ...

Pierluigi Paganini May 20, 2026
Uncategorized
DirtyDecrypt: PoC Released for yet another Linux flaw

DirtyDecrypt (CVE-2026-31635): working PoC out for a Linux kernel LPE flaw. Missing COW guard in rxgk_decrypt_skb lets local attackers reach root. After Copy Fail, Dirty Frag, and Fragnesia, here ...

Pierluigi Paganini May 20, 2026
Hacking
Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash

A Huawei zero-day flaw reportedly caused Luxembourg’s 2025 nationwide outage, disrupting landline, 4G/5G, and emergency services On July 23, 2025, a nationwide telecom outage in Luxembourg was r ...

Pierluigi Paganini May 20, 2026
Security
Drupal is rolling out an emergency security update on May 20. You cannot miss it

Drupal Is Pushing an Emergency Security Update Tomorrow. If You Run a Drupal Site, This Is Not One to Miss. Something significant is coming out of the Drupal project tomorrow, and the way the anno ...

Pierluigi Paganini May 19, 2026
Cyber Crime
Microsoft dismantled malware-signing network Fox Tempest

Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) that allowed attackers to sign malware with fake trusted certificates. Microsoft said it disrupted a cybercrime operation ru ...

Pierluigi Paganini May 19, 2026
Intelligence
Poland shifts away from Signal following cyberattacks on officials’ accounts

Poland told officials to stop using the popular instant messaging app Signal after cyberattacks targeted government accounts. Poland has instructed government officials to stop using Signal for se ...

Pierluigi Paganini May 19, 2026
Cyber Crime
Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects

INTERPOL led Operation Ramz in MENA, resulting in 201 arrests and 382 suspects tied to cybercrime networks. INTERPOL coordinated Operation Ramz across the Middle East and North Africa, leading to ...

Pierluigi Paganini May 19, 2026
Malware
Shai-Hulud worm copycats emerge after source code leak

Shai-Hulud worm copycats are already attacking NPM developers after its source code leaked, enabling fast supply chain exploitation. The first copycats of the Shai-Hulud worm have already started ...

Pierluigi Paganini May 19, 2026
Breaking News
Grafana confirms GitHub token breach cybercrime group claims the attack

Grafana confirmed a GitHub token breach that exposed source code, but said no customer data or systems were affected. Grafana Labs confirmed a security incident after the extortion group Coinbase ...

Pierluigi Paganini May 18, 2026