Pierluigi Paganini
March 29, 2022
Threat actors compromised WordPress sites to deploy a script that was used to launch DDoS attacks, when they are visited, on Ukrainian websites. MalwareHunterTeam researchers discovered the malici ...
Pierluigi Paganini
March 29, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Chrome and Redis flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Securit ...
Pierluigi Paganini
March 29, 2022
This post explains what is a credential stuffing attack and which are the countermeasures to prevent them. A credential stuffing attempt can be caught as a behavioral anomaly - if you’re looking ...
Pierluigi Paganini
March 29, 2022
Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure. On March 29, 2022, a massive cyber attack caused a major intern ...
February 09, 2026
February 12, 2026
February 11, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
February 15, 2026
Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an employee and steal a limited number of files. Blockchain-based lending firm Figure confirmed a data br ...
Pierluigi Paganini
February 14, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Sec ...
Pierluigi Paganini
February 14, 2026
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL malware. Google Threat Intelligence Group identified a previously undocumented threat ...
Pierluigi Paganini
February 14, 2026
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial organizations, Cisco Talos reports. Cisco Talos spotted a previously unknown threat actor, trac ...
Pierluigi Paganini
February 13, 2026
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code execution. Threat actors rapidly began exploiting a newly patched BeyondTru ...
Pierluigi Paganini
February 13, 2026
Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations. Google DeepMind and GTIG report a rise in model extraction or “distillation” attacks a ...
Pierluigi Paganini
February 13, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities ...
Pierluigi Paganini
February 13, 2026
Hackers accessed data from 6.2 million Odido accounts, exposing names, contacts, bank details, and ID numbers. Subsidiary Ben also warned customers. Hackers broke into Dutch telecom firm Odido and ...
Pierluigi Paganini
February 12, 2026
A May 2025 cyberattack on ApolloMD exposed the personal data of over 626,000 patients linked to affiliated physicians and practices. ApolloMD is a US-based healthcare services company that partner ...
Pierluigi Paganini
February 12, 2026
Bitdefender reports a surge in LummaStealer activity, showing the MaaS infostealer rebounded after 2025 law enforcement disruption. Bitdefender observed renewed LummaStealer activity, proving the ...
Pierluigi Paganini
February 12, 2026
Apple fixed an exploited zero-day in iOS, macOS, and other devices that allowed attackers to run code via a memory flaw. Apple released updates for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS ...
Pierluigi Paganini
February 12, 2026
Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely. Ivanti released patches for more than a dozen vulnerabiliti ...
Pierluigi Paganini
February 12, 2026
A Conduent breach exposed data of nearly 17,000 Volvo Group North America employees as the total impact rises to 25 million people. A data breach at business services provider Conduent has impacte ...
Pierluigi Paganini
February 11, 2026
Researchers discovered Reynolds ransomware, which uses BYOVD technique to disable security tools and evade detection before encryption. Researchers found a new ransomware, named Reynolds, that imp ...
Pierluigi Paganini
February 11, 2026
A new Linux botnet, SSHStalker, has infected about 7,000 systems using old 2009-era exploits, IRC bots, and mass-scanning malware. Flare researchers uncovered a previously undocumented Linux botne ...
Pierluigi Paganini
February 11, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruc ...
Pierluigi Paganini
February 11, 2026
Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for February 2026 fix 58 new security flaws ...
Pierluigi Paganini
February 10, 2026
ZeroDayRAT is a commercial mobile spyware that grants full remote access to Android and iOS devices for spying and data theft. ZeroDayRAT is a newly discovered commercial mobile spyware toolkit th ...
Pierluigi Paganini
February 10, 2026
Senegal closed its national ID card office after a ransomware cyberattack disrupted ID, passport, and biometric services. Senegal confirmed a cyberattack on the Directorate of File Automation, the ...
Pierluigi Paganini
February 10, 2026
