Security Affairs

LATEST NEWS

VIEW ALL

DolphinAttack - Hackers control Siri, Google Now, Alexa voice assistants with ultrasound

Pierluigi Paganini September 08, 2017

The DolphinAttack technique allows hackers to control Siri, Google Now, Alexa and other voice assistants with commands in ultrasonic frequencies. A team of researchers from the Chinese Zhejiang Unive ...

Data Breach

Equifax data breach could impact 143 million US consumers

Pierluigi Paganini September 08, 2017

Equifax, one of the three major US consumer credit reporting agencies is the last victim of a data breach that may have affected upwards to 143 million Americans. According to a statement publish ...

Hacking

PC-Wahl software used in Germany for vote counting lack of security

Pierluigi Paganini September 08, 2017

The European biggest hacker collective Chaos Computer Club demonstrated that PC-Wahl software used in Germany for vote counting is insecure. According to a study conducted by the hacker collective C ...

Malware

Experts spotted a 2007 variant of Babar, the spyware allegedly used by French Intelligence

Pierluigi Paganini September 07, 2017

Malware researchers at Palo Alto Networks have spotted a 2007 variant of Babar, a strain of malware likely designed by the French Intelligence. In March 2015, researchers detected Babar for the firs ...

1
2
3134
3135
3136
3137
3138
4539
4540
4541

recent articles

Hacking

French Ministry confirms data access to 1.2 Million bank accounts

A hacker accessed data from 1.2 million French bank accounts using stolen official credentials, the Economy Ministry said. A hacker gained access to data from 1.2 million French bank accounts usin ...

Pierluigi Paganini February 18, 2026

Hacking

Notepad++ patches flaw used to hijack update system

Notepad++ patched a vulnerability that attackers used to hijack its update system and deliver malware to targeted users. Notepad++ fixed a vulnerability that allowed a China-linked APT group to hi ...

Pierluigi Paganini February 18, 2026

Security

VS Code extensions with 125M+ installs expose users to cyberattacks

Four popular VS Code extensions with 125M+ installs have flaws that could let hackers steal files and run code remotely. OX Security researchers warn that security flaws in four widely used VS Cod ...

Pierluigi Paganini February 18, 2026

APT

China-linked APT weaponized Dell RecoverPoint zero-day since 2024

A suspected Chinese state-linked group exploited a critical Dell RecoverPoint flaw (CVE-2026-22769) in zero-day attacks starting mid-2024. Mandiant and Google’s Threat Intelligence Group (GTIG) ...

Pierluigi Paganini February 18, 2026

Uncategorized

U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities c ...

Pierluigi Paganini February 18, 2026

Malware

Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign

Kaspersky uncovered Keenadu, an Android backdoor used for ad fraud that can even take full control of devices. Kaspersky has identified a new Android malware called Keenadu. It can be preinstalled ...

Pierluigi Paganini February 18, 2026

Artificial Intelligence

SmartLoader hackers clone Oura MCP project to spread StealC malware

Hackers used a fake Oura MCP server to trick users into downloading malware that installs the StealC info-stealer. Straiker's AI Research (STAR) Labs team uncovered a SmartLoader campaign in which ...

Pierluigi Paganini February 17, 2026

Cyber Crime

Polish cybercrime Police arrest man linked to Phobos ransomware operation

Officers from Poland's Central Bureau of Cybercrime Control (CBZC) police arrested a 47-year-old man linked to the Phobos ransomware operation. Polish authorities arrested a 47-year-old man suspec ...

Pierluigi Paganini February 17, 2026

Security

Poorly crafted phishing campaign leverages bogus security incident report

Attackers used a fake PDF incident report hosted on AWS to scare victims into enabling 2FA, though a poorly crafted phishing campaign. Freelance security consultant Xavier Mertens reported a phis ...

Pierluigi Paganini February 17, 2026

Hacking

South Korea slaps $25M fine on Dior, Louis Vuitton, Tiffany over Salesforce breach

South Korea fined Dior, Louis Vuitton, and Tiffany $25M after hackers breached their Salesforce systems, exposing customer data. South Korea’s Personal Information Protection Commission fined lu ...

Pierluigi Paganini February 17, 2026

Security

Encrypted RCS messaging support lands in Apple’s iOS 26.4 developer build

Apple is testing end-to-end encrypted Rich Communications Services (RCS) messaging in the iOS 26.4 developer beta. Apple has added end-to-end encrypted RCS messaging to the iOS and iPadOS 26.4 dev ...

Pierluigi Paganini February 17, 2026

Malware

Hackers steal OpenClaw configuration in emerging AI agent threat

Researchers found an infostealer stole a victim’s OpenClaw configuration, marking a shift toward targeting personal AI agents. Cybersecurity researchers have uncovered a new information stealer ...

Pierluigi Paganini February 17, 2026

Data Breach

Hackers sell stolen Eurail traveler information on dark web

Eurail B.V. revealed that traveler data were stolen in a recent security breach, and are now being sold on the dark web. Eurail B.V. confirmed that the traveler data stolen in a breach earlier thi ...

Pierluigi Paganini February 17, 2026

Security

A security flaw at DavaIndia Pharmacy allowed attackers to access customers' data and more

A security flaw at DavaIndia Pharmacy exposed customer data and gave outsiders full admin control of its systems. DavaIndia is a large Indian pharmacy retail chain focused on selling affordable ge ...

Pierluigi Paganini February 16, 2026

Data Breach

ShinyHunters leaked 600K+ Canada Goose customer records, but the firm denies it was breached

ShinyHunters leaked 600,000+ Canada Goose customer records, though the company insists its systems were not breached. Data extortion group ShinyHunters has published over 600,000 Canada Goose cust ...

Pierluigi Paganini February 16, 2026

Hacking

Microsoft alerts on DNS-based ClickFix variant delivering malware via nslookup

Microsoft warns of a new ClickFix variant that tricks users into running DNS commands to fetch malware via nslookup. Microsoft has revealed a new ClickFix variant that deceives users into running ...

Pierluigi Paganini February 16, 2026

Security

Google fixes first actively exploited Chrome zero-day of 2026

Google patched Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw actively exploited in the wild. Google has released urgent security updates to address a high-severity zero-da ...

Pierluigi Paganini February 16, 2026

APT

Malicious npm and PyPI packages linked to Lazarus APT fake recruiter campaign

Researchers found malicious npm and PyPI packages tied to a fake recruitment campaign linked to North Korea’s Lazarus Group. ReversingLabs researcher uncovered new malicious packages on npm and ...

Pierluigi Paganini February 15, 2026

Malware

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 84

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Stan Ghouls targeting Russia and Uzbekis ...

Pierluigi Paganini February 15, 2026

Security

Security Affairs newsletter Round 563 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini February 15, 2026

LATEST NEWS

top articles

newsletter

Subscribe to my email list and stay up-to-date!

most popular

recent articles

Subscribe to my email list and stay
up-to-date!