Pierluigi Paganini
July 26, 2018
Security expert discovered Kernel Level Privilege Escalation vulnerability in the Availability Suite Service component of Oracle Solaris 10 and 11.3 Security researchers from Trustwave have discover ...
Pierluigi Paganini
July 26, 2018
Researchers from Proofpoint have discovered a new variant of the infamous Kronos banking Trojan that was involved in several attacks in the recent months. The infamous Kronos banking Trojan is back ...
Pierluigi Paganini
July 25, 2018
Security experts from Fortinet have discovered that the Hide ‘N Seek botnet is now targeting vulnerabilities in home automation systems. The Hide ‘N Seek botnet was first spotted on January 1 ...
Pierluigi Paganini
July 25, 2018
Davolink dvw 3200 routers have their login portal up on port 88, the access is password protected, but the password is hardcoded in the HTLM of login page. The story started in 2018 when Anubhav no ...
April 23, 2026
Researchers uncovered a 230-node cloud-based email relay network after the actor PCPJack accidentally exposed tools, logs, and C2 files online A threat actor tracked as PCPJack compromised 230 clo ...
Pierluigi Paganini
June 05, 2026
SafeBreach tricked Gemini into obeying attackers via WhatsApp notifications, using hidden foreign-language text to bypass Google's defenses and control smart home devices. SafeBreach Labs research ...
Pierluigi Paganini
June 05, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Sec ...
Pierluigi Paganini
June 04, 2026
Cisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely. Cisco has addressed a high-severity vulnerability, tracked as C ...
Pierluigi Paganini
June 04, 2026
Gamaredon exploits a WinRAR flaw to drop modular, nearly fileless malware on Ukrainian targets, hiding payloads in Windows streams and resolving C2s via Telegram. Sekoia's Threat Detection & R ...
Pierluigi Paganini
June 04, 2026
A researcher publicly released a VS Code exploit within hours, citing past disputes with Microsoft over bug handling. The security researcher Ammar Askar found a new serious zero-day in Visual Stu ...
Pierluigi Paganini
June 04, 2026
International Operation KRATOS led by Europol dismantled illegal streaming networks, leading to 29 arrests and nine crime groups taken down. An international law enforcement operation, codenamed O ...
Pierluigi Paganini
June 04, 2026
Attackers spent five months silently stealing emails from a stock exchange executive's Outlook account in a suspected espionage operation. A threat actor quietly sat inside a senior executive's Ou ...
Pierluigi Paganini
June 03, 2026
Russia's FSB claims foreign intelligence planted malware on senior officials' phones to intercept calls and activate cameras. No technical evidence, no country named. On June 2, 2026, Russia's Fed ...
Pierluigi Paganini
June 03, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...
Pierluigi Paganini
June 03, 2026
Google fixed 124 Android flaws, including CVE-2025-48595, an actively exploited privilege escalation bug linked to targeted attacks. Google has released its June 2026 Android security updates, fix ...
Pierluigi Paganini
June 03, 2026
Rapid7 details a critical unauthenticated overflow in HP Poly VoIP phones that can lead to root RCE, with patches available for affected models. Rapid7’s latest disclosure on CVE-2026-0826 shoul ...
Pierluigi Paganini
June 03, 2026
Attackers exploited Meta’s AI support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. Attackers abused Meta’s AI-powered support chatbot to ...
Pierluigi Paganini
June 02, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CI ...
Pierluigi Paganini
June 02, 2026
ENISA NIS360 2026 shows cybersecurity improving across EU critical sectors, but health, water, rail, and space remain in the risk zone. ENISA has published its third annual NIS360 report, assessin ...
Pierluigi Paganini
June 02, 2026
Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware ...
Pierluigi Paganini
June 02, 2026
16,699 ransomware leak posts over 2 years show 84% drop Monday–Friday, peak at European afternoon hours. October spikes yearly. Someone analyzed 16,699 ransomware leak-site posts across 200 gro ...
Pierluigi Paganini
June 01, 2026
CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create WordPress admin accounts. 2,858 attacks blocked in 24 hours. WP Maps Pro plugin allows WordPress site owners to embed Google Maps ...
Pierluigi Paganini
June 01, 2026
CIFSwitch is a 19-year-old Linux logic bug turning forged CIFS auth keys into root. Affects Mint, CentOS, Rocky, Kali, SLES. CIFSwitch stands apart from typical privilege escalation vulnerabilitie ...
Pierluigi Paganini
June 01, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...
Pierluigi Paganini
June 01, 2026
