MUST READ

Emergency fixes deployed by Google and Apple after targeted attacks

 | 

Notepad++ fixed updater bugs that allowed malicious update hijacking

 | 

Elastic detects stealthy NANOREMOTE malware using Google Drive as C2

 | 

U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Gogs zero-day under attack, 700 servers hacked

 | 

GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

 | 

Google fixed a new actively exploited Chrome zero-day

 | 

Pro-Russia Hacktivist Support: Ukrainian Faces US Charges

 | 

Fortinet fixed two critical authentication-bypass vulnerabilities

 | 

New EtherRAT backdoor surfaces in React2Shell attacks tied to North Korea

 | 

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day

 | 

Ivanti warns customers of new EPM flaw enabling remote code execution

 | 

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

 | 

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

 | 

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

 | 

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

 | 

Oracle EBS zero-day used by Clop to breach Barts Health NHS

 | 

AWS: China-linked threat actors weaponized React2Shell hours after disclosure

 | 

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

 | 

LATEST NEWS

VIEW ALL
Hacking
Emergency fixes deployed by Google and Apple after targeted attacks
Pierluigi Paganini December 13, 2025

Google and Apple issued emergency updates to address zero-day flaws exploited in attacks targeting an unknown number of users. Apple and Google have both pushed out urgent security updates after u ...

Hacking
Notepad++ fixed updater bugs that allowed malicious update hijacking
Pierluigi Paganini December 12, 2025

Notepad++ addressed an updater vulnerability that allows attackers hijack update traffic due to weak file authentication. Notepad++ addressed a flaw in its updater that allowed attackers to hijack ...

Malware
Elastic detects stealthy NANOREMOTE malware using Google Drive as C2
Pierluigi Paganini December 12, 2025

Elastic found a new Windows backdoor, NANOREMOTE, similar to FINALDRAFT/REF7707, using the Google Drive API for C2. Elastic Security Labs researchers uncovered NANOREMOTE, a new Windows backdoor t ...

Hacking
U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog
Pierluigi Paganini December 12, 2025

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...

top articles

Multiple London councils faced a cyberattack
November 26, 2025
ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm
December 04, 2025
Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet
December 04, 2025
U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog
December 04, 2025
Porsche outage in Russia serves as a reminder of the risks in connected vehicle security
December 07, 2025

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Hacking

Emergency fixes deployed by Google and Apple after targeted attacks

December 13, 2025

Hacking
Notepad++ fixed updater bugs that allowed malicious update hijacking

December 12, 2025

Malware
Elastic detects stealthy NANOREMOTE malware using Google Drive as C2

December 12, 2025

Hacking
U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog

December 12, 2025

Hacking
Critical Gogs zero-day under attack, 700 servers hacked

December 11, 2025

recent articles

Hacking
Emergency fixes deployed by Google and Apple after targeted attacks

Google and Apple issued emergency updates to address zero-day flaws exploited in attacks targeting an unknown number of users. Apple and Google have both pushed out urgent security updates after u ...

Pierluigi Paganini December 13, 2025
Hacking
Notepad++ fixed updater bugs that allowed malicious update hijacking

Notepad++ addressed an updater vulnerability that allows attackers hijack update traffic due to weak file authentication. Notepad++ addressed a flaw in its updater that allowed attackers to hijack ...

Pierluigi Paganini December 12, 2025
Malware
Elastic detects stealthy NANOREMOTE malware using Google Drive as C2

Elastic found a new Windows backdoor, NANOREMOTE, similar to FINALDRAFT/REF7707, using the Google Drive API for C2. Elastic Security Labs researchers uncovered NANOREMOTE, a new Windows backdoor t ...

Pierluigi Paganini December 12, 2025
Hacking
U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini December 12, 2025
Hacking
Critical Gogs zero-day under attack, 700 servers hacked

Hackers exploited an unpatched Gogs zero-day, allowing remote code execution and compromising around 700 Internet-facing servers. Gogs is a self-hosted Git service, similar to GitHub, GitLab, or B ...

Pierluigi Paganini December 11, 2025
Hacking
GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

Google fixed GeminiJack, a zero-click Gemini Enterprise flaw that could leak corporate data via crafted emails, invites, or documents, Noma Security says. Google addressed a Gemini Enterprise flaw ...

Pierluigi Paganini December 11, 2025
Hacking
Google fixed a new actively exploited Chrome zero-day

Google addressed three vulnerabilities in the Chrome browser, including a high-severity bug already exploited in the wild. Google released security updates to fix three vulnerabilities in the Chro ...

Pierluigi Paganini December 11, 2025
Hacktivism
Pro-Russia Hacktivist Support: Ukrainian Faces US Charges

Ukrainian Victoria Dubranova, 33, faces US charges for aiding pro-Russia hacktivist groups CARR and NoName057(16) in global cyberattacks. A Ukrainian woman, Victoria Dubranova (33), has been charg ...

Pierluigi Paganini December 11, 2025
Security
Fortinet fixed two critical authentication-bypass vulnerabilities

Fortinet patched 18 flaws, including two authentication-bypass bugs affecting FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager with FortiCloud SSO enabled. Fortinet addressed 18 vulnerabiliti ...

Pierluigi Paganini December 10, 2025
APT
New EtherRAT backdoor surfaces in React2Shell attacks tied to North Korea

NK-linked hackers are likely exploiting the React2Shell flaw to deploy a newly discovered remote access trojan, dubbed EtherRAT. North Korea–linked threat actors are likely exploiting the new cr ...

Pierluigi Paganini December 10, 2025
Security
U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ...

Pierluigi Paganini December 10, 2025
Breaking News
Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day

Microsoft Patch Tuesday security updates for December 2025 address 57 vulnerabilities, including three critical flaws. Microsoft Patch Tuesday security updates for December 2025 addressed 57 vulne ...

Pierluigi Paganini December 10, 2025
Hacking
Ivanti warns customers of new EPM flaw enabling remote code execution

Ivanti warns users to address a newly disclosed Endpoint Manager vulnerability that could let attackers execute code remotely. Software firm Ivanti addressed a newly disclosed vulnerability, track ...

Pierluigi Paganini December 09, 2025
Malware
Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

Mirai-based Broadside botnet targets vulnerable TBK Vision DVRs, posing a potential threat to the maritime logistics sector, Cydome warns. Cydome researchers have identified a new Mirai botnet var ...

Pierluigi Paganini December 09, 2025
Cyber Crime
Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

Poland arrested three Ukrainian nationals accused of using hacking devices to target IT systems and obtain sensitive defense-related data. Polish police arrested three Ukrainian nationals for alle ...

Pierluigi Paganini December 09, 2025
Cyber Crime
FinCEN data shows $4.5B in ransomware payments, record spike in 2023

Ransomware payments reported to FinCEN exceeded $4.5B by 2024, with 2023 marking a record year at $1.1B across 1,512 incidents. FinCEN analyzed ransomware trends using Bank Secrecy Act (BSA) repor ...

Pierluigi Paganini December 09, 2025
Cyber Crime
FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

The FBI warns of criminals altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom scams. The FBI warns that criminals are altering publicly ...

Pierluigi Paganini December 08, 2025
Data Breach
Oracle EBS zero-day used by Clop to breach Barts Health NHS

Clop ransomware stole data from Barts Health NHS after exploiting a zero-day in its Oracle E-Business Suite. Barts Health NHS confirmed that Clop ransomware group stole data by exploiting zero-day ...

Pierluigi Paganini December 08, 2025
Security
AWS: China-linked threat actors weaponized React2Shell hours after disclosure

Multiple China-linked threat actors began exploiting the CVE-2025-55182, aka React2Shell flaw, within hours, AWS Security warns. Multiple China-linked threat actors began exploiting the CVE-2025-5 ...

Pierluigi Paganini December 08, 2025
Security
U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secu ...

Pierluigi Paganini December 08, 2025