MUST READ

Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376

 | 

DarkSword emerges as powerful iOS exploit tool in global attacks

 | 

Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

 | 

Russia establishes Vienna as key western spy hub targeting NATO

 | 

U.S. CISA adds Microsoft SharePoint and Zimbra  flaws to its Known Exploited Vulnerabilities catalog

 | 

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

 | 

CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit

 | 

Robotic surgery firm Intuitive reports data breach after targeted phishing attack

 | 

Tracking the Iran War: A Month of Escalation and Regional Impact

 | 

EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure

 | 

RondoDox botnet expands arsenal targeting 174 flaws, and hits 15,000 daily exploit attempts

 | 

CL-STA-1087 targets military capabilities since 2020

 | 

From Windows to macOS: ClickFix attacks shift tactics with ChatGPT-based lures

 | 

Attack on Stryker’s Microsoft environment wiped employee devices without malware

 | 

Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets

 | 

FBI launches inquiry into Steam games spreading malware

 | 

Former Germany’s foreign intelligence VP hit in Signal account takeover campaign

 | 

Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services

 | 

Unprivileged users could exploit AppArmor bugs to gain root access

 | 

Payload Ransomware claims the hack of Royal Bahrain Hospital

 | 

LATEST NEWS

VIEW ALL
Security
Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376
Pierluigi Paganini March 19, 2026

Russian APT exploits a critical XSS flaw in Zimbra, tracked as CVE-2025-66376, running scripts via HTML emails to target users in Ukraine. Russia-linked threat actor exploits a high-severity XSS v ...

Hacking
DarkSword emerges as powerful iOS exploit tool in global attacks
Pierluigi Paganini March 19, 2026

DarkSword, a new iOS exploit kit, is used by multiple actors to steal data in campaigns targeting Saudi Arabia, Turkey, Malaysia, and Ukraine. Lookout Threat Labs discovered a new iOS exploit kit ...

Malware
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure
Pierluigi Paganini March 19, 2026

The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulner ...

Intelligence
Russia establishes Vienna as key western spy hub targeting NATO
Pierluigi Paganini March 19, 2026

Russia uses Vienna as its largest Western spy hub, monitoring NATO and other sensitive communications via diplomatic sites and satellite dishes. Western intelligence reports that Russia has transf ...

top articles

Threat actors use custom AuraInspector to harvest data from Salesforce systems
March 10, 2026
Starbucks data breach impacts 889 employees
March 14, 2026
RondoDox botnet expands arsenal targeting 174 flaws, and hits 15,000 daily exploit attempts
March 17, 2026
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure
March 19, 2026
Researchers warn of unpatched, critical Telnetd flaw affecting all versions
March 18, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Security

Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376

March 19, 2026

Hacking
DarkSword emerges as powerful iOS exploit tool in global attacks

March 19, 2026

Malware
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

March 19, 2026

Intelligence
Russia establishes Vienna as key western spy hub targeting NATO

March 19, 2026

Security
U.S. CISA adds Microsoft SharePoint and Zimbra  flaws to its Known Exploited Vulnerabilities catalog

March 18, 2026

recent articles

Security
Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376

Russian APT exploits a critical XSS flaw in Zimbra, tracked as CVE-2025-66376, running scripts via HTML emails to target users in Ukraine. Russia-linked threat actor exploits a high-severity XSS v ...

Pierluigi Paganini March 19, 2026
Hacking
DarkSword emerges as powerful iOS exploit tool in global attacks

DarkSword, a new iOS exploit kit, is used by multiple actors to steal data in campaigns targeting Saudi Arabia, Turkey, Malaysia, and Ukraine. Lookout Threat Labs discovered a new iOS exploit kit ...

Pierluigi Paganini March 19, 2026
Malware
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure

The Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulner ...

Pierluigi Paganini March 19, 2026
Intelligence
Russia establishes Vienna as key western spy hub targeting NATO

Russia uses Vienna as its largest Western spy hub, monitoring NATO and other sensitive communications via diplomatic sites and satellite dishes. Western intelligence reports that Russia has transf ...

Pierluigi Paganini March 19, 2026
Security
U.S. CISA adds Microsoft SharePoint and Zimbra  flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SharePoint and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Age ...

Pierluigi Paganini March 18, 2026
Hacking
Researchers warn of unpatched, critical Telnetd flaw affecting all versions

CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company Dream disclosed a critical flaw, tracked as ...

Pierluigi Paganini March 18, 2026
Security
CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit

Ubuntu flaw CVE-2026-3888 lets attackers gain root via a systemd timing exploit, affecting Desktop 24.04+ with high severity. Qualys researchers found a high-severity flaw, tracked as CVE-2026-388 ...

Pierluigi Paganini March 18, 2026
Data Breach
Robotic surgery firm Intuitive reports data breach after targeted phishing attack

Intuitive suffered a phishing attack leading to a data breach exposing customer, employee, and corporate information. Intuitive is an American company that designs, manufactures, and sells robotic ...

Pierluigi Paganini March 18, 2026
Cyber warfare
Tracking the Iran War: A Month of Escalation and Regional Impact

Iran war likely prolonged, increasing cyber threats, energy disruption, and instability, with companies in the Middle East facing higher risk. Resecurity (USA) released a strategic intelligence u ...

Pierluigi Paganini March 18, 2026
Security
EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure

EU sanctions Chinese and Iranian firms and individuals for cyberattacks targeting critical infrastructure and over 65,000 devices across member states. The Council of the European Union has impose ...

Pierluigi Paganini March 17, 2026
Malware
RondoDox botnet expands arsenal targeting 174 flaws, and hits 15,000 daily exploit attempts

RondoDox botnet targets 174 flaws, reaching 15,000 daily exploit attempts in a more focused and strategic campaign. RondoDox botnet is ramping up attacks, targeting 174 vulnerabilities with up to ...

Pierluigi Paganini March 17, 2026
APT
CL-STA-1087 targets military capabilities since 2020

China-linked APT group CL-STA-1087 has targeted Southeast Asian militaries since 2020 using AppleChris and MemFun. A suspected China-linked espionage campaign, tracked as CL-STA-1087, has targeted ...

Pierluigi Paganini March 17, 2026
Cyber Crime
From Windows to macOS: ClickFix attacks shift tactics with ChatGPT-based lures

ClickFix campaigns are evolving, with attackers increasingly targeting macOS users and deploying more advanced infostealers, according to Sophos researchers. ClickFix is a growing social engineeri ...

Pierluigi Paganini March 17, 2026
Hacking
Attack on Stryker’s Microsoft environment wiped employee devices without malware

The recent cyberattack on Stryker wiped tens of thousands of employee devices through its Microsoft environment, and systems are still offline. A recent cyberattack on medical technology giant Str ...

Pierluigi Paganini March 17, 2026
Malware
Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets

Russia-linked threat actors target Ukrainian entities with DRILLAPP backdoor and use Edge debugging for stealth. A new DRILLAPP backdoor campaign targets Ukrainian organizations, abusing Microsoft ...

Pierluigi Paganini March 16, 2026
Cyber Crime
FBI launches inquiry into Steam games spreading malware

The FBI is asking gamers who installed malware-infected Steam games between May 2024 and January 2026 to come forward as part of an ongoing investigation. The FBI is seeking gamers who downloaded ...

Pierluigi Paganini March 16, 2026
Intelligence
Former Germany’s foreign intelligence VP hit in Signal account takeover campaign

Former BND VP Arndt Freytag von Loringhoven was targeted in a Signal cyberattack, part of a wave hitting officials and politicians in Germany. A cyberattack targeting Signal and WhatsApp users has ...

Pierluigi Paganini March 16, 2026
Security
Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services

Android 17 will block non-accessibility apps from using the Accessibility API under Advanced Protection Mode to reduce malware abuse. Android 17 introduces a new security feature in Advanced Prote ...

Pierluigi Paganini March 16, 2026
Hacking
Unprivileged users could exploit AppArmor bugs to gain root access

Researchers found nine “CrackArmor” flaws in Linux AppArmor that could let unprivileged users bypass protections, gain root privileges, and weaken container isolation. Qualys researchers discl ...

Pierluigi Paganini March 16, 2026
Cyber Crime
Payload Ransomware claims the hack of Royal Bahrain Hospital

The Payload Ransomware group claims to have breached the Royal Bahrain Hospital (RBH), a leading healthcare facility in Bahrain. The Payload Ransomware group claims to have hacked the Royal Bahrai ...

Pierluigi Paganini March 15, 2026