Security Affairs

LATEST NEWS

VIEW ALL

Clop gang exploiting CVE-2021-35211 RCE in SolarWinds Serv-U in recent attack

Pierluigi Paganini November 09, 2021

The Clop ransomware gang is exploiting CVE-2021-35211 vulnerability in SolarWinds Serv-U to compromise corporate networks. Threat actors always look for new ways to compromise target networks, Cl ...

Cyber Crime

International law enforcement arrested REvil ransomware affiliates in Romania and Kuwait

Pierluigi Paganini November 09, 2021

Romanian police arrested two alleged Sodinokibi/REvil ransomware affiliates accused to have orchestrated attacks against thousands of victims. Romanian law enforcement agencies have arrested two ...

Cyber Crime

US DoS offers a reward of up to $10M for leaders of REvil ransomware gang

Pierluigi Paganini November 09, 2021

The U.S. government offers up to $10 million for identifying or locating leaders in the REvil/Sodinokibi ransomware operation The Department of State offers up to $10 million for information that ...

Cyber Crime

Ukrainian REvil affiliate charged with Ransomware Attack on Kaseya

Pierluigi Paganini November 09, 2021

The US DoJ has charged a REvil ransomware affiliate that is suspected to have orchestrated the attack on Kaseya MSP platform in July. The US Department of Justice has charged a REvil ransomware ...

1
2
1501
1502
1503
1504
1505
4542
4543
4544

recent articles

Security

U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini February 21, 2026

Data Breach

PayPal discloses extended data leak linked to Loan App glitch

PayPal disclosed a six-month data breach that exposed sensitive user data, including Social Security numbers, due to a software error. PayPal has disclosed a data breach caused by a software bug i ...

Pierluigi Paganini February 20, 2026

Cyber Crime

North Korean IT worker scam nets Ukrainian five-year sentence in the U.S.

A Ukrainian man was sentenced to five years in the U.S. for helping North Korean IT workers use stolen identities to get hired by U.S. firms. Oleksandr “Alexander” Didenko, a 29-year-old Ukrai ...

Pierluigi Paganini February 20, 2026

Cyber Crime

FBI warns of surge in ATM Jackpotting, $20 Million lost in 2025

The FBI warns ATM jackpotting is rising nationwide, with over $20 million lost in 2025 and 1,900 incidents reported since 2020. The FBI has warned of a sharp rise in ATM jackpotting attacks across ...

Pierluigi Paganini February 20, 2026

Cyber Crime

Red Card 2.0: INTERPOL busts scam networks across Africa, seizes millions

INTERPOL’s Operation Red Card 2.0 led to 651 arrests across 16 African countries and recovered over $4.3 million from online scams. INTERPOL’s Operation Red Card 2.0, a joint effort involving ...

Pierluigi Paganini February 20, 2026

Artificial Intelligence

PromptSpy abuses Gemini AI to gain persistent access on Android

PromptSpy is the first Android malware to abuse Google’s Gemini AI, enabling persistence and advanced spying features. Security researchers at ESET have uncovered PromptSpy, the first known Andr ...

Pierluigi Paganini February 20, 2026

Breaking News

Germany’s national rail operator Deutsche Bahn hit by a DDoS attack

Germany’s national rail operator, Deutsche Bahn, suffered a major DDoS attack that disrupted booking and information systems for several hours. Germany’s rail operator Deutsche Bahn was hit by ...

Pierluigi Paganini February 19, 2026

Hacking

U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ...

Pierluigi Paganini February 19, 2026

Security

CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs

CISA warns Honeywell CCTVs are affected by a critical auth bypass flaw (CVE-2026-1670) allowing unauthorized access or account hijacking. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini February 19, 2026

Artificial Intelligence

Irish regulator probes X after Grok allegedly generated sexual images of children

Ireland’s Data Protection Commission opened a probe into X over Grok AI tool allegedly generating sexual images, including of children. Ireland’s Data Protection Commission has launched anothe ...

Pierluigi Paganini February 19, 2026

Malware

Intellexa’s Predator spyware infected Angolan journalist’s device, Amnesty reports

Amnesty reports Angolan journalist’s iPhone was infected by Intellexa’s Predator spyware via a WhatsApp link in May 2024. Amnesty International reports that in May 2024, Intellexa’s Predator ...

Pierluigi Paganini February 19, 2026

Hacking

French Ministry confirms data access to 1.2 Million bank accounts

A hacker accessed data from 1.2 million French bank accounts using stolen official credentials, the Economy Ministry said. A hacker gained access to data from 1.2 million French bank accounts usin ...

Pierluigi Paganini February 18, 2026

Hacking

Notepad++ patches flaw used to hijack update system

Notepad++ patched a vulnerability that attackers used to hijack its update system and deliver malware to targeted users. Notepad++ fixed a vulnerability that allowed a China-linked APT group to hi ...

Pierluigi Paganini February 18, 2026

Security

VS Code extensions with 125M+ installs expose users to cyberattacks

Four popular VS Code extensions with 125M+ installs have flaws that could let hackers steal files and run code remotely. OX Security researchers warn that security flaws in four widely used VS Cod ...

Pierluigi Paganini February 18, 2026

APT

China-linked APT weaponized Dell RecoverPoint zero-day since 2024

A suspected Chinese state-linked group exploited a critical Dell RecoverPoint flaw (CVE-2026-22769) in zero-day attacks starting mid-2024. Mandiant and Google’s Threat Intelligence Group (GTIG) ...

Pierluigi Paganini February 18, 2026

Uncategorized

U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities c ...

Pierluigi Paganini February 18, 2026

Malware

Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign

Kaspersky uncovered Keenadu, an Android backdoor used for ad fraud that can even take full control of devices. Kaspersky has identified a new Android malware called Keenadu. It can be preinstalled ...

Pierluigi Paganini February 18, 2026

Artificial Intelligence

SmartLoader hackers clone Oura MCP project to spread StealC malware

Hackers used a fake Oura MCP server to trick users into downloading malware that installs the StealC info-stealer. Straiker's AI Research (STAR) Labs team uncovered a SmartLoader campaign in which ...

Pierluigi Paganini February 17, 2026

Cyber Crime

Polish cybercrime Police arrest man linked to Phobos ransomware operation

Officers from Poland's Central Bureau of Cybercrime Control (CBZC) police arrested a 47-year-old man linked to the Phobos ransomware operation. Polish authorities arrested a 47-year-old man suspec ...

Pierluigi Paganini February 17, 2026

Security

Poorly crafted phishing campaign leverages bogus security incident report

Attackers used a fake PDF incident report hosted on AWS to scare victims into enabling 2FA, though a poorly crafted phishing campaign. Freelance security consultant Xavier Mertens reported a phis ...

Pierluigi Paganini February 17, 2026

LATEST NEWS

top articles

newsletter

Subscribe to my email list and stay up-to-date!

most popular

recent articles

Subscribe to my email list and stay
up-to-date!