MUST READ

Drupal is rolling out an emergency security update on May 20. You cannot miss it

 | 

Microsoft dismantled malware-signing network Fox Tempest

 | 

Poland shifts away from Signal following cyberattacks on officials’ accounts

 | 

Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects

 | 

Shai-Hulud worm copycats emerge after source code leak

 | 

Grafana confirms GitHub token breach cybercrime group claims the attack

 | 

ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed

 | 

Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq

 | 

Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix

 | 

Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97

 | 

Security Affairs newsletter Round 577 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores

 | 

Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total

 | 

U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog

 | 

OpenAI hit by supply chain attack linked to malicious TanStack packages

 | 

Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K

 | 

CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day

 | 

Ghostwriter group resumes attacks on Ukrainian Government targets

 | 

Researchers uncover YellowKey and GreenPlasma Windows Zero-Days

 | 

LATEST NEWS

VIEW ALL
Malware
Terror EK rising in the threat landscape while Sundown EK drops
Pierluigi Paganini April 17, 2017

The Sundown EK has been inactive since early this year, the Terror EK is being very popular in the cybercriminal ecosystem. One year ago the Angler EK and Nuclear EK disappeared from the threat land ...

Hacking
Callisto APT Group exploited Hacking Team surveillance tools to hack Government targets
Pierluigi Paganini April 16, 2017

The Callisto APT Group borrowed the source code leaked by hackers that broke into Hacking Team network. According to F-Secure Labs, The Callisto APT Group used the HackingTeam leaked surveillance s ...

Hacking
Flaws in the Bosch Drivelog Connector dongle could allow hackers to halt the engine
Pierluigi Paganini April 16, 2017

Security experts discovered vulnerabilities in the Bosch Drivelog Connector dongle that could be exploited by hackers to stop the engine. Security Researchers at automotive cybersecurity firm Argus d ...

Hacking
Security Affairs newsletter Round 107 – News of the week
Pierluigi Paganini April 16, 2017

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. First of all, let me inform you that at the #infosec16 SecurityAffairs was awarded ...

top articles

Hackers access Booking.com user data, company secures systems
April 13, 2026
Inside ZionSiphon: politically driven malware aims at Israeli water systems
April 17, 2026
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace
April 23, 2026
Checkmarx supply chain attack impacts Bitwarden npm distribution path
April 24, 2026
Critical CrowdStrike LogScale bug could have allowed file access, but no exploitation was observed
April 26, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

Drupal is rolling out an emergency security update on May 20. You cannot miss it

May 19, 2026

Cyber Crime
Microsoft dismantled malware-signing network Fox Tempest

May 19, 2026

Intelligence
Poland shifts away from Signal following cyberattacks on officials’ accounts

May 19, 2026

Cyber Crime
Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects

May 19, 2026

Malware
Shai-Hulud worm copycats emerge after source code leak

May 19, 2026

recent articles

Security
Drupal is rolling out an emergency security update on May 20. You cannot miss it

Drupal Is Pushing an Emergency Security Update Tomorrow. If You Run a Drupal Site, This Is Not One to Miss. Something significant is coming out of the Drupal project tomorrow, and the way the anno ...

Pierluigi Paganini May 19, 2026
Cyber Crime
Microsoft dismantled malware-signing network Fox Tempest

Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) that allowed attackers to sign malware with fake trusted certificates. Microsoft said it disrupted a cybercrime operation ru ...

Pierluigi Paganini May 19, 2026
Intelligence
Poland shifts away from Signal following cyberattacks on officials’ accounts

Poland told officials to stop using the popular instant messaging app Signal after cyberattacks targeted government accounts. Poland has instructed government officials to stop using Signal for se ...

Pierluigi Paganini May 19, 2026
Cyber Crime
Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects

INTERPOL led Operation Ramz in MENA, resulting in 201 arrests and 382 suspects tied to cybercrime networks. INTERPOL coordinated Operation Ramz across the Middle East and North Africa, leading to ...

Pierluigi Paganini May 19, 2026
Malware
Shai-Hulud worm copycats emerge after source code leak

Shai-Hulud worm copycats are already attacking NPM developers after its source code leaked, enabling fast supply chain exploitation. The first copycats of the Shai-Hulud worm have already started ...

Pierluigi Paganini May 19, 2026
Breaking News
Grafana confirms GitHub token breach cybercrime group claims the attack

Grafana confirmed a GitHub token breach that exposed source code, but said no customer data or systems were affected. Grafana Labs confirmed a security incident after the extortion group Coinbase ...

Pierluigi Paganini May 18, 2026
Data Breach
ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed

7-Eleven confirmed a breach after ShinyHunters claimed theft of over 600,000 Salesforce records and franchisee data. 7-Eleven has confirmed a data breach after the ShinyHunters hacking group claim ...

Pierluigi Paganini May 18, 2026
Data Breach
Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq

A hotel check-in system exposed over 1 million passports, IDs, and selfies online due to a misconfigured cloud storage bucket. A security lapse in the Reqrea's Tabiq hotel check-in system exposed ...

Pierluigi Paganini May 18, 2026
Hacking
Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix

MiniPlasma: a Windows SYSTEM privilege escalation believed patched in 2020 (CVE-2020-17103) is still fully working on every patched Windows 11. Once again, security researcher Chaotic Eclipse has ...

Pierluigi Paganini May 18, 2026
Hacking
Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945

A critical NGINX flaw (CVE-2026-42945) is actively exploited, allowing crashes or possible code execution via malicious HTTP requests. A critical vulnerability in NGINX Plus and NGINX Open, tracke ...

Pierluigi Paganini May 18, 2026
Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter JDownloader site hacked to replace insta ...

Pierluigi Paganini May 17, 2026
Security
Security Affairs newsletter Round 577 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini May 17, 2026
Cyber Crime
Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores

Attackers are exploiting a critical flaw in the WordPress Funnel Builder plugin to inject skimming code into WooCommerce checkout pages. A critical vulnerability in the WordPress Funnel Builder pl ...

Pierluigi Paganini May 17, 2026
Hacking
Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total

Pwn2Own Berlin 2026 ended with 47 zero-days and $1.29M in payouts, as DEVCORE dominated the competition across all categories. Pwn2Own Berlin 2026 ended after three intense days, with participants ...

Pierluigi Paganini May 17, 2026
Hacking
U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...

Pierluigi Paganini May 16, 2026
Hacking
OpenAI hit by supply chain attack linked to malicious TanStack packages

OpenAI said the TanStack supply chain attack compromised two employee devices and exposed credentials from code repositories. OpenAI confirmed that the recent TanStack supply chain attack compromi ...

Pierluigi Paganini May 16, 2026
Security
Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K

Day two of Pwn2Own Berlin 2026 saw $385,750 earned for 15 zero-days, bringing the total to $908,750 and 39 vulnerabilities over two days. During the second day of Pwn2Own Berlin 2026, security res ...

Pierluigi Paganini May 15, 2026
Security
CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day

Microsoft warned that attackers are exploiting a new Exchange Server zero-day vulnerability, tracked as CVE-2026-42897, in the wild. Microsoft warned that threat actors are actively exploiting a n ...

Pierluigi Paganini May 15, 2026
APT
Ghostwriter group resumes attacks on Ukrainian Government targets

ESET uncovered new Ghostwriter (aka FrostyNeighbor) activity targeting Ukrainian government organizations in a campaign active since March 2026. ESET researchers published a new report documenting ...

Pierluigi Paganini May 15, 2026
Hacking
Researchers uncover YellowKey and GreenPlasma Windows Zero-Days

Researchers disclosed two new Windows zero-days named YellowKey and GreenPlasma affecting BitLocker and the CTFMON framework. A security researcher known as Chaotic Eclipse, also called Nightmare- ...

Pierluigi Paganini May 15, 2026