August 04, 2025
Pierluigi Paganini
July 17, 2013
Trend Micro uncovered targeted attack against European and Asian government agencies to steal login credentials from IE and Microsoft Outlook products. A new targeted attack has been uncovered by Tre ...
Pierluigi Paganini
July 17, 2013
The China-based group Android Security Squad revealed a new Android Master Key attack that exploits the vulnerability in the way the OS reads APK files allowing modification of signed legitimate apps ...
Pierluigi Paganini
July 16, 2013
Two security researchers announced that they have succeeded to transform Verizon mobile phones into spy tools to track Verizon’s users. The security experts revealed to the Reuters agency that it ...
Pierluigi Paganini
July 14, 2013
Security expert Dan Melamed discovered a critical Facebook vulnerability would allow an attacker to take complete control over any account. A critical Facebook vulnerability would allow an attacker t ...
August 02, 2025
August 01, 2025
August 05, 2025
August 05, 2025
Meta backs Pwn2Own Ireland 2025 in Cork, offering up to $1M for WhatsApp exploits; targets include phones and wearables, Oct 21–24 via Zero Day Initiative. Meta is sponsoring ZDI’s Pwn2Own Ire ...
Pierluigi Paganini
August 01, 2025
Storm-2603 group exploits SharePoint flaws and uses a custom C2 framework, AK47 C2, with HTTP- and DNS-based variants named AK47HTTP and AK47DNS. Check Point Research is tracking a ToolShell campa ...
Pierluigi Paganini
August 01, 2025
CISA releases Thorium, an open-source tool for malware and forensic analysis, now available to analysts in government, public, and private sectors. CISA has released Thorium, a new open-source pla ...
Pierluigi Paganini
August 01, 2025
Russia-linked Secret Blizzard targets foreign embassies in Moscow via ISP-level AitM attacks, deploying custom ApolloShadow malware. Microsoft researchers uncovered a cyberespionage campaign by th ...
Pierluigi Paganini
July 31, 2025
Microsoft offers up to $5M for Zero Day Quest 2026 bug hacking contest; top researchers join live hacking event after fall 2025 submissions. Microsoft is bringing back its live hacking contest, Z ...
Pierluigi Paganini
August 05, 2025
Cisco disclosed CRM data breach via vishing attack; basic user info was exposed, but no sensitive data or systems were compromised Cisco has confirmed a data breach involving a third-party CRM sys ...
Pierluigi Paganini
August 05, 2025
These are in plain sight without a Breach. No ransomware. No compromise. Just misconfigured systems, overpermissioned users, silent access. When we think of a breach, we imagine firewalls failing, ...
Pierluigi Paganini
August 05, 2025
SonicWall probes possible new zero-day after spike in Akira ransomware attacks on Gen 7 firewalls with SSLVPN enabled. SonicWall is investigating a potential new zero-day after a surge in Akira ra ...
Pierluigi Paganini
August 05, 2025
New flaws in NVIDIA's Triton Server let remote attackers take over systems via RCE, posing major risks to AI infrastructure. Newly revealed security flaws in NVIDIA's Triton Inference Server for W ...
Pierluigi Paganini
August 05, 2025
The cybercrime D4rk4rmy added the Monte-Carlo Société des Bains de Mer to the list of victims on its Tor dark web leak site. The cybercrime group D4rk4rmy claimed the hack of Monte-Carlo Sociét ...
Pierluigi Paganini
August 04, 2025
A January 2025 breach at Northwest Radiologists exposed data of 350,000 Washington State residents, the company confirmed. A data breach at Northwest Radiologists in January 2025 has exposed the p ...
Pierluigi Paganini
August 04, 2025
PlayPraetor Android RAT has hit 11K+ devices, spreading fast via campaigns targeting Spanish and French speakers, say Cleafy researchers. Cleafy researchers have identified a new Android RAT calle ...
Pierluigi Paganini
August 04, 2025
Lovense fixed bugs exposing emails and allowing account takeovers. Company CEO may take legal action after the flaws were publicly disclosed. Lovense, a manufacturer of internet-connected sex toys ...
Pierluigi Paganini
August 04, 2025
State-backed group CL-STA-0969 hit Southeast Asian telecoms in 2024, targeting critical infrastructure, says Palo Alto Networks' Unit 42. Palo Alto Networks reported that a nation-state actor, tra ...
Pierluigi Paganini
August 04, 2025
Akira ransomware targets fully patched SonicWall VPNs in suspected zero-day attacks, with multiple intrusions seen in late July 2025. Arctic Wolf Labs researchers reported that Akira ransomware is ...
Pierluigi Paganini
August 03, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Endgame Gear mouse config tool infected ...
Pierluigi Paganini
August 03, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
August 03, 2025
A stealthy Linux backdoor named Plague, hidden as a malicious PAM module, allows attackers to bypass auth and maintain persistent SSH access. Nextron Systems researchers discovered a new stealthy ...
Pierluigi Paganini
August 02, 2025
China questioned Nvidia over suspected backdoors in its H20 chips, adding to rising tensions in the tech fight between the U.S. and Beijing. China’s internet watchdog has summoned Nvidia over co ...
Pierluigi Paganini
August 02, 2025
AI-generated npm package @kodane/patch-manager drained Solana wallets; 1,500+ downloads before takedown on July 28, 2025. AI-generated npm package @kodane/patch-manager was flagged for hiding mali ...
Pierluigi Paganini
August 01, 2025
Meta backs Pwn2Own Ireland 2025 in Cork, offering up to $1M for WhatsApp exploits; targets include phones and wearables, Oct 21–24 via Zero Day Initiative. Meta is sponsoring ZDI’s Pwn2Own Ire ...
Pierluigi Paganini
August 01, 2025
Storm-2603 group exploits SharePoint flaws and uses a custom C2 framework, AK47 C2, with HTTP- and DNS-based variants named AK47HTTP and AK47DNS. Check Point Research is tracking a ToolShell campa ...
Pierluigi Paganini
August 01, 2025
CISA releases Thorium, an open-source tool for malware and forensic analysis, now available to analysts in government, public, and private sectors. CISA has released Thorium, a new open-source pla ...
Pierluigi Paganini
August 01, 2025
Russia-linked Secret Blizzard targets foreign embassies in Moscow via ISP-level AitM attacks, deploying custom ApolloShadow malware. Microsoft researchers uncovered a cyberespionage campaign by th ...
Pierluigi Paganini
July 31, 2025
Microsoft offers up to $5M for Zero Day Quest 2026 bug hacking contest; top researchers join live hacking event after fall 2025 submissions. Microsoft is bringing back its live hacking contest, Z ...
Pierluigi Paganini
August 05, 2025
Cisco disclosed CRM data breach via vishing attack; basic user info was exposed, but no sensitive data or systems were compromised Cisco has confirmed a data breach involving a third-party CRM sys ...
Pierluigi Paganini
August 05, 2025
These are in plain sight without a Breach. No ransomware. No compromise. Just misconfigured systems, overpermissioned users, silent access. When we think of a breach, we imagine firewalls failing, ...
Pierluigi Paganini
August 05, 2025
SonicWall probes possible new zero-day after spike in Akira ransomware attacks on Gen 7 firewalls with SSLVPN enabled. SonicWall is investigating a potential new zero-day after a surge in Akira ra ...
Pierluigi Paganini
August 05, 2025
New flaws in NVIDIA's Triton Server let remote attackers take over systems via RCE, posing major risks to AI infrastructure. Newly revealed security flaws in NVIDIA's Triton Inference Server for W ...
Pierluigi Paganini
August 05, 2025
The cybercrime D4rk4rmy added the Monte-Carlo Société des Bains de Mer to the list of victims on its Tor dark web leak site. The cybercrime group D4rk4rmy claimed the hack of Monte-Carlo Sociét ...
Pierluigi Paganini
August 04, 2025
A January 2025 breach at Northwest Radiologists exposed data of 350,000 Washington State residents, the company confirmed. A data breach at Northwest Radiologists in January 2025 has exposed the p ...
Pierluigi Paganini
August 04, 2025
PlayPraetor Android RAT has hit 11K+ devices, spreading fast via campaigns targeting Spanish and French speakers, say Cleafy researchers. Cleafy researchers have identified a new Android RAT calle ...
Pierluigi Paganini
August 04, 2025
Lovense fixed bugs exposing emails and allowing account takeovers. Company CEO may take legal action after the flaws were publicly disclosed. Lovense, a manufacturer of internet-connected sex toys ...
Pierluigi Paganini
August 04, 2025
State-backed group CL-STA-0969 hit Southeast Asian telecoms in 2024, targeting critical infrastructure, says Palo Alto Networks' Unit 42. Palo Alto Networks reported that a nation-state actor, tra ...
Pierluigi Paganini
August 04, 2025
Akira ransomware targets fully patched SonicWall VPNs in suspected zero-day attacks, with multiple intrusions seen in late July 2025. Arctic Wolf Labs researchers reported that Akira ransomware is ...
Pierluigi Paganini
August 03, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Endgame Gear mouse config tool infected ...
Pierluigi Paganini
August 03, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
August 03, 2025
A stealthy Linux backdoor named Plague, hidden as a malicious PAM module, allows attackers to bypass auth and maintain persistent SSH access. Nextron Systems researchers discovered a new stealthy ...
Pierluigi Paganini
August 02, 2025
China questioned Nvidia over suspected backdoors in its H20 chips, adding to rising tensions in the tech fight between the U.S. and Beijing. China’s internet watchdog has summoned Nvidia over co ...
Pierluigi Paganini
August 02, 2025
AI-generated npm package @kodane/patch-manager drained Solana wallets; 1,500+ downloads before takedown on July 28, 2025. AI-generated npm package @kodane/patch-manager was flagged for hiding mali ...
Pierluigi Paganini
August 01, 2025
Meta backs Pwn2Own Ireland 2025 in Cork, offering up to $1M for WhatsApp exploits; targets include phones and wearables, Oct 21–24 via Zero Day Initiative. Meta is sponsoring ZDI’s Pwn2Own Ire ...
Pierluigi Paganini
August 01, 2025
Storm-2603 group exploits SharePoint flaws and uses a custom C2 framework, AK47 C2, with HTTP- and DNS-based variants named AK47HTTP and AK47DNS. Check Point Research is tracking a ToolShell campa ...
Pierluigi Paganini
August 01, 2025
CISA releases Thorium, an open-source tool for malware and forensic analysis, now available to analysts in government, public, and private sectors. CISA has released Thorium, a new open-source pla ...
Pierluigi Paganini
August 01, 2025
Russia-linked Secret Blizzard targets foreign embassies in Moscow via ISP-level AitM attacks, deploying custom ApolloShadow malware. Microsoft researchers uncovered a cyberespionage campaign by th ...
Pierluigi Paganini
July 31, 2025
