MUST READ

Digital attacks drive a new wave of cargo theft, FBI says

 | 

Carding service Jerry’s Store leak exposes 345,000 stolen payment cards

 | 

Anthropic launches Claude Security to counter rapid AI-Powered exploits

 | 

SonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. Patch them now

 | 

Copy Fail: New Linux bug enables Root via page‑cache corruption

 | 

Agent’s claims on WhatsApp access spark security concerns

 | 

Meta accused of violating DSA by failing to safeguard minors

 | 

Large-scale Roblox hacking operation shut down by Ukrainian authorities

 | 

CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure

 | 

Internet censorship index reveals Russia’s lead and widespread content blocking

 | 

All supported cPanel versions hit by critical auth bug, now patched

 | 

U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog

 | 

ShinyHunters exploit Anodot incident to target Vimeo

 | 

CVE-2026-3854 GitHub flaw enables remote code execution

 | 

Signal Phishing Campaign Targets German Officials in Suspected Russian Operation

 | 

Microsoft fixes Entra ID flaw enabling privilege escalation

 | 

New Android spyware Morpheus linked to Italian surveillance firm

 | 

NCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort links

 | 

Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records

 | 

Chinese spy posed as researcher in spear-phishing campaign targeting NASA to steal defense software

 | 

LATEST NEWS

VIEW ALL
Malware
Duqu Trojan, Stuxnet-derived malware
Pierluigi Paganini November 02, 2011

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware s ...

Malware
Welcome on board
Pierluigi Paganini November 01, 2011

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve fo ...

top articles

Hackers access Booking.com user data, company secures systems
April 13, 2026
Inside ZionSiphon: politically driven malware aims at Israeli water systems
April 17, 2026
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace
April 23, 2026
Checkmarx supply chain attack impacts Bitwarden npm distribution path
April 24, 2026
Critical CrowdStrike LogScale bug could have allowed file access, but no exploitation was observed
April 26, 2026

newsletter

Subscribe to my email list and stay
up-to-date!

most popular

VIEW ALL
Cyber Crime

Digital attacks drive a new wave of cargo theft, FBI says

May 01, 2026

Cyber Crime
Carding service Jerry’s Store leak exposes 345,000 stolen payment cards

May 01, 2026

Artificial Intelligence
Anthropic launches Claude Security to counter rapid AI-Powered exploits

May 01, 2026

Security
SonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. Patch them now

May 01, 2026

Hacking
Copy Fail: New Linux bug enables Root via page‑cache corruption

April 30, 2026

recent articles

Cyber Crime
Digital attacks drive a new wave of cargo theft, FBI says

The FBI warns of rising cyber cargo theft, with hackers targeting brokers and carriers. Experts say digital attacks are replacing traditional cargo theft. The FBI has issued a Public Service Annou ...

Pierluigi Paganini May 01, 2026
Cyber Crime
Carding service Jerry’s Store leak exposes 345,000 stolen payment cards

Jerry’s Store, a card-checking service used by cybercriminals, exposed 345,000 stolen payment cards after leaving its server open, revealing sensitive data. A cybercriminal operation known as Je ...

Pierluigi Paganini May 01, 2026
Artificial Intelligence
Anthropic launches Claude Security to counter rapid AI-Powered exploits

Anthropic launched Claude Security to counter faster AI-driven cyberattacks, as tools like Mythos enable near-instant exploitation by threat actors. Anthropic introduced Claude Security to help de ...

Pierluigi Paganini May 01, 2026
Security
SonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. Patch them now

SonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. The company released firmware updates to block bypass attacks and unauthorized access. SonicWall released urgent firmware updates ...

Pierluigi Paganini May 01, 2026
Hacking
Copy Fail: New Linux bug enables Root via page‑cache corruption

Linux flaw CVE‑2026‑31431, 'Copy Fail,' lets any local user write four bytes into page cache files, enabling easy escalation to root on major distros. Xint Code researchers warn of a serious L ...

Pierluigi Paganini April 30, 2026
Social Networks
Agent’s claims on WhatsApp access spark security concerns

A US agent claimed WhatsApp encryption is fake and Meta can access messages; the probe was abruptly shut, raising security concerns. A US agent claimed WhatsApp encryption is fake, alleging Meta a ...

Pierluigi Paganini April 30, 2026
Laws and regulations
Meta accused of violating DSA by failing to safeguard minors

The European Commission accuses Meta of failing to protect children, allowing users under 13 on Instagram and Facebook, in breach of the DSA rules. The European Commission has accused Meta of viol ...

Pierluigi Paganini April 30, 2026
Cyber Crime
Large-scale Roblox hacking operation shut down by Ukrainian authorities

Ukrainian police arrested three hackers who hijacked 610,000 Roblox accounts and sold them for $225,000 in profit. Police in Ukraine arrested three suspects accused of hacking over 610,000 Roblox ...

Pierluigi Paganini April 30, 2026
Hacking
CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure

Attackers quickly exploited a critical LiteLLM flaw (CVE-2026-42208) to access and modify sensitive database data via SQL injection. Attackers rapidly exploited a critical vulnerability in LiteLLM ...

Pierluigi Paganini April 29, 2026
Security
Internet censorship index reveals Russia’s lead and widespread content blocking

Global study shows targeted internet censorship worldwide, with Russia leading; VPNs, news, and adult content are most frequently blocked categories. The Global Internet Censorship Index 2026 offe ...

Pierluigi Paganini April 29, 2026
Security
All supported cPanel versions hit by critical auth bug, now patched

cPanel fixed a critical authentication flaw that could let attackers access servers. The issue affects all supported versions. cPanel released security updates to address a critical authenticatio ...

Pierluigi Paganini April 29, 2026
Security
U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infra ...

Pierluigi Paganini April 29, 2026
Security
ShinyHunters exploit Anodot incident to target Vimeo

The video platform Vimeo confirmed a security breach via Anodot that exposed metadata, video titles, and some user emails. Vimeo said some user data was accessed after a breach at Anodot. Anodot i ...

Pierluigi Paganini April 29, 2026
Security
CVE-2026-3854 GitHub flaw enables remote code execution

Critical GitHub flaw CVE-2026-3854 lets attackers run code with a single git push, exploiting a command injection bug. Researchers found a critical vulnerability in GitHub, tracked as CVE-2026-385 ...

Pierluigi Paganini April 28, 2026
Intelligence
Signal Phishing Campaign Targets German Officials in Suspected Russian Operation

Suspected Russian phishing via Signal targeted German officials, exploiting trust to access accounts and sensitive political communications. A new wave of cyber operations targeting European polit ...

Pierluigi Paganini April 28, 2026
Security
Microsoft fixes Entra ID flaw enabling privilege escalation

Microsoft fixed a Microsoft Entra ID flaw where the Agent ID Administrator role could enable privilege escalation and account takeover. Microsoft addressed a flaw in Microsoft Entra ID that could ...

Pierluigi Paganini April 28, 2026
Malware
New Android spyware Morpheus linked to Italian surveillance firm

Osservatorio Nessuno uncovered Morpheus spyware spreading via fake Android apps to steal data, highlighting rising covert surveillance tools. The non-partisan, non-religious, nonprofit organizatio ...

Pierluigi Paganini April 28, 2026
Security
NCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort links

NCSC’s SilentGlass blocks malicious HDMI/DisplayPort links, protecting monitors from hardware attacks. Now commercialized for global use. The UK’s National Cyber Security Centre (NCSC) has lau ...

Pierluigi Paganini April 28, 2026
Cyber Crime
Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records

Medtronic confirmed a breach of its IT systems after ShinyHunters claimed the theft of over 9 million records. Medtronic confirmed a cyberattack on its corporate IT systems after the hacker group ...

Pierluigi Paganini April 27, 2026
Intelligence
Chinese spy posed as researcher in spear-phishing campaign targeting NASA to steal defense software

A Chinese national posed as a U.S. researcher, tricking NASA staff in a phishing campaign to steal sensitive data tied to defense software and exports. A Chinese national ran a spear-phishing camp ...

Pierluigi Paganini April 27, 2026