Pierluigi Paganini
July 13, 2023
Apple re-released its Rapid Security Response updates for iOS and macOS after fixing browsing issues on certain websites caused by the first RSR. Apple has re-released its Rapid Security Response ...
Pierluigi Paganini
July 13, 2023
Zimbra has released updates to address a zero-day vulnerability actively exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. Zimbra urges customers to manually install up ...
Pierluigi Paganini
July 13, 2023
Chinese hackers have compromised the emails of an unnamed US Federal Civilian Executive Branch (FCEB) agency. In Mid-June a malicious email activity was reported by an unnamed US Federal Civilian ...
Pierluigi Paganini
July 13, 2023
SonicWall fixed multiple critical vulnerabilities impacting its GMS firewall management and Analytics management and reporting engine. SonicWall addressed multiple critical vulnerabilities in its ...
Former US defense contractor exec Peter Williams pled guilty to stealing trade secrets and selling cyber exploits to a Russian broker, per the US DOJ. Ex-US defense contractor Peter Williams (39) ...
Pierluigi Paganini
October 30, 2025
Dentsu said its U.S. unit Merkle was hit by a cyberattack exposing staff and client data, forcing some systems offline to mitigate the security breach. Japanese multinational advertising and publi ...
Pierluigi Paganini
October 30, 2025
Canada’s cyber agency warns hacktivists breached critical infrastructure, altering industrial controls and risking public safety. The Canadian Centre for Cyber Security revealed that hacktivists ...
Pierluigi Paganini
October 29, 2025
Russian actors, likely linked to Sandworm, targeted Ukrainian firms using LotL tactics and dual-use tools to steal data and stay hidden, says Symantec and Carbon Black. Russian threat actors, like ...
Pierluigi Paganini
October 29, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dassault Systèmes DELMIA Apriso flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure S ...
Pierluigi Paganini
October 29, 2025
Threat Fabric researchers spotted Herodotus Android malware mimicking human typing with random delays to evade detection. Threat Fabric found a new Android malware, named Herodotus, which mimics ...
Pierluigi Paganini
October 29, 2025
A new Mirai-based IoT botnet, dubbed Aisuru, was used to launch multiple high-impact DDoS attacks exceeding 20Tb/sec and/or 4gpps. In October 2025, the Aisuru Mirai-based IoT botnet launched massi ...
Pierluigi Paganini
October 28, 2025
Hackers hit Sweden’s power grid operator Svenska kraftnät, stealing data via a file transfer tool. The power grid was not affected. Hackers breached Sweden’s state-owned power grid operator S ...
Pierluigi Paganini
October 28, 2025
QNAP warns of critical ASP.NET flaw (CVE-2025-55315) in NetBak PC Agent, letting attackers hijack credentials or bypass security via HTTP smuggling. QNAP urges users to patch a critical ASP.NET Co ...
Pierluigi Paganini
October 28, 2025
Only 23% of ransomware victims paid in Q3 2025, the lowest ever, continuing a six-year decline in payment rates, Coveware reports. Cybersecurity firm Coveware reports that only 23% of ransomware v ...
Pierluigi Paganini
October 28, 2025
X urges users with passkeys or YubiKeys to re-enroll 2FA by Nov 10, 2025, or risk account lockout. Re-enroll, switch 2FA, or disable it. Social media platform X is urging users who use passkeys or ...
Pierluigi Paganini
October 28, 2025
Kaspersky links the first Chrome zero-day of 2025 to tools used in attacks attributed to Memento Labs, formerly known as the Hacking Team. The actor behind Operation ForumTroll used the same tools ...
Pierluigi Paganini
October 27, 2025
Attackers can trick OpenAI Atlas browser via prompt injection, treating malicious instructions disguised as URLs in the omnibox as trusted commands. Attackers can exploit the OpenAI Atlas browser ...
Pierluigi Paganini
October 27, 2025
Qilin ransomware group used Linux binaries on Windows to evade EDRs, steal backups, and disable defenses via BYOVD attacks. Trend Research found that the Qilin ransomware group (aka Agenda) used a ...
Pierluigi Paganini
October 27, 2025
Hackers exploited old RCE flaws in WordPress GutenKit and Hunk Companion plugins. Wordfence firm blocked 8.7M attacks in two days. In September and October 2024, submissions revealed Arbitrary Plu ...
Pierluigi Paganini
October 27, 2025
Safepay group claims the hack of professional video surveillance provider Xortec and added the company to its data leak site. The Safepay group claimed responsibility for hacking German video surv ...
Pierluigi Paganini
October 26, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter TikTok videos continue to push infosteal ...
Pierluigi Paganini
October 26, 2025
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
October 26, 2025
A DDoS attack on Russia’s food safety agency Rosselkhoznadzor disrupted food shipments by crippling its VetIS and Saturn tracking systems. A DDoS cyberattack on Russia’s food safety agency, Ro ...
Pierluigi Paganini
October 25, 2025
Microsoft released urgent updates to address the critical WSUS RCE vulnerability CVE-2025-59287, which is under active attack.. Microsoft released an out-of-band fix for CVE-2025-59287, a critical ...
Pierluigi Paganini
October 25, 2025
