Pierluigi Paganini
April 10, 2018
"SirenJack is a vulnerability found in ATI Systems’ emergency alert systems that can be exploited via radio frequencies (RF) to activate sirens and trigger false alarms." Security experts at Bastil ...
Pierluigi Paganini
April 10, 2018
A cyber attack shut down the entire government infrastructure of the Caribbean island Sint Maarten. public services were interrupted. A massive cyber attack took offline the entire government in ...
Pierluigi Paganini
April 10, 2018
Microsoft Office documents created with the exploit builder kit dubbed ThreadKit now include the code for CVE-2018-4878 flaw exploitation. At the end of March, security experts at Proofpoint discover ...
Pierluigi Paganini
April 10, 2018
Researchers have discovered several vulnerabilities in the Linux command line tool Beep, some experts suggest to remove the utility from distros. An unnamed security researcher has found several vul ...
April 23, 2026
KDDI Corporation disclosed a breach affecting up to 14.2 million email accounts after attackers exploited a vulnerability in third-party software. KDDI Corporation disclosed a data breach that exp ...
Pierluigi Paganini
June 28, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter More Than 4,000 Legacy Routers Compromis ...
Pierluigi Paganini
June 28, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
June 28, 2026
FBI warns Russian spies now target Signal Backup Recovery Keys, enabling access to message history and long-term account takeover. The FBI and CISA updated their March 2026 warning about Russian i ...
Pierluigi Paganini
June 27, 2026
Microsoft warns of a phishing campaign targeting the hospitality sector with fake guest emails that install TonRAT using resilient persistence. Microsoft Threat Intelligence published a detailed a ...
Pierluigi Paganini
June 27, 2026
DirtyClone: a Linux kernel privilege escalation that silently rewrites executables in memory, leaving no disk trace. Patch now. JFrog Security Research published a working exploit walkthrough on J ...
Pierluigi Paganini
June 27, 2026
Chinese-speaking APT CL-STA-1062 targeted Southeast Asian government and energy networks open-source tools, and a new TinyRCT backdoor. Palo Alto Networks Unit 42 researchers published a detailed ...
Pierluigi Paganini
June 26, 2026
Russian authorities used Cellebrite tools to unlock an activist’s iPhone and analyze private data despite canceled support, raising abuse concerns. On May 31, 2021, Russian security services pul ...
Pierluigi Paganini
June 26, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructur ...
Pierluigi Paganini
June 26, 2026
Polymarket confirmed hackers stole funds from some users after attackers injected malicious code through a compromised third-party vendor. Polymarket confirmed that a security breach at a third-pa ...
Pierluigi Paganini
June 26, 2026
macOS.Gaslight: DPRK Rust implant for Mac with a prompt injection payload designed to fool AI-based malware analysts. SentinelLabs researchers spotted a Rust-based macOS implant, dubbed macOS.Gasl ...
Pierluigi Paganini
June 26, 2026
Tata Electronics confirmed a data breach after hackers claimed to steal 630GB of data, including alleged Apple supplier and Tesla documents. Tata Electronics, a major supplier to Apple and Tesla, ...
Pierluigi Paganini
June 25, 2026
Curl fixed 18 vulnerabilities, including a 25-year-old bug, with issues spanning auth bypass, memory safety, and host validation in libcurl. Curl maintainers addressed eighteen vulnerabilities wit ...
Pierluigi Paganini
June 25, 2026
Mistic is a stealthy backdoor used by KongTuke-linked actors to keep long-term access in ransomware-targeted networks. Mistic is the kind of backdoor that tells you the operator wants time, not no ...
Pierluigi Paganini
June 25, 2026
Hackers exploited Cisco Catalyst SD-WAN flaw CVE-2026-20245 as a zero-day months before disclosure, enabling privileged command execution. Google-owned Mandiant reported that an unknown threat act ...
Pierluigi Paganini
June 25, 2026
Third DraftKings hacker gets 18 months in prison for a 2022 credential-stuffing attack that compromised 1,600 accounts and stole $600,000. Nathan Austad, the third person sentenced over the 2022 D ...
Pierluigi Paganini
June 25, 2026
Operation Endgame disrupted malware services like StealC and Amadey that enable ransomware, fraud, and attacks on critical infrastructure. Between June 15 and 19, 2026, Europol coordinated a two-w ...
Pierluigi Paganini
June 24, 2026
Frontier AI could drive a 10x surge in vulnerabilities. CTEM helps organizations continuously identify, prioritize, and reduce real cyber risk. Your vulnerability management program was not design ...
Pierluigi Paganini
June 24, 2026
Attackers exploit Cisco Unified CM flaw (CVE-2026-20230) allowing unauth HTTP requests to trigger SSRF, write files, and gain root access Cisco Unified Communications Manager has a serious vulnera ...
Pierluigi Paganini
June 24, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ubiquiti UniFi OS and Lantronix EDS5000 flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...
Pierluigi Paganini
June 24, 2026
