LATEST NEWS

VIEW ALL
Security Affairs newsletter Round 122 – News of the week
Pierluigi Paganini August 06, 2017

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. ·      Apple removed iOS VPN apps from Chinese App Store in compliance to c ...

Hackers leak the fourth episode of Game of Thrones season 7 online
Pierluigi Paganini August 06, 2017

Episode 4 of the fantasy drama Game of Thrones season 7, 'The Spoils Of War', has been widely shared online through Vidme, Google Drive, and The Pirate Bay. Hackers leaked the fourth episode of Game ...

US Army bans use of Chinese DJI drones over cyber security concerns
Pierluigi Paganini August 06, 2017

The US Army has ordered its units to stop using Chinese DJI drones because of "cyber vulnerabilities" in the products. The US Army is going to ban its units from using drones manufactured by the Chin ...

WannaCry Hero Marcus Hutchins pleads not guilty to malware claims
Pierluigi Paganini August 05, 2017

Yesterday the judge approved to release the researcher Marcus Hutchins on bail for a bond of $30,000 under certain conditions. Marcus Hutchins, also known as MalwareTech, is the 22-year-old security ...

recent articles

Hacking
Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild

Attackers are exploiting the critical Adobe ColdFusion flaw CVE-2026-48282, which allows remote code execution on unpatched servers. Attackers have started exploiting CVE-2026-48282, a maximum-sev ...

Pierluigi Paganini July 06, 2026
Artificial Intelligence
Hidden Web Prompts Trick AI Agents Into Sending Money

Hidden prompts on malicious websites trick AI agents into making payments or trusting fake sites, exposing new risks for autonomous AI workflows. Zscaler ThreatLabz documented two active campaigns ...

Pierluigi Paganini July 06, 2026
Security
Seven Bugs in FatFs Put IoT and Embedded Devices at Risk

runZero found 7 flaws in FatFs, a filesystem used in IoT and embedded devices. Bugs can cause memory corruption, crashes, or data leaks via crafted storage. Cybersecurity firm runZero has disclose ...

Pierluigi Paganini July 06, 2026
Hacking
Bad Epoll Flaw Gives Attackers Root Access on Linux and Android

Bad Epoll (CVE-2026-46242) lets local attackers gain root on Linux and Android. The flaw was missed by AI but found by a security researcher. A newly disclosed Linux kernel vulnerability, named&nb ...

Pierluigi Paganini July 06, 2026
Cyber Crime
Medtronic Notifies 3.8 Million After ShinyHunters Data Breach

Medtronic says a ShinyHunters attack exposed the personal and medical data of over 3.8 million people. Products and operations were unaffected. Medtronic is notifying 3,834,294 individuals after a ...

Pierluigi Paganini July 05, 2026
Uncategorized
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hijacked npm Packages Use Novel VSCode A ...

Pierluigi Paganini July 05, 2026
Security
Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini July 05, 2026
Security
U.S. Government Agency Paid $1M to Data Extortion Group Kairos

A U.S. government agency paid $1M to Kairos, a group focused on data theft and extortion rather than ransomware, Ransom-ISAC reports. A new case study from Ransom-ISAC reconstructs a complete data ...

Pierluigi Paganini July 04, 2026
Cyber Crime
FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials

FBI says TeamPCP poisoned trusted developer tools to steal cloud credentials, spread malware through software updates, and extort victims. On July 2, 2026, the FBI published a FLASH alert identify ...

Pierluigi Paganini July 04, 2026
Malware
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds

A former EU lawmaker was hacked with Pegasus spyware while investigating its use, according to Citizen Lab. The Citizen Lab published a report documenting one of the more darkly ironic findings in ...

Pierluigi Paganini July 03, 2026
Artificial Intelligence
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation

Sysdig reports an AI agent ran a full ransomware attack end-to-end, exploiting flaws, stealing creds, moving laterally, and encrypting data without humans. Sysdig's Threat Research Team has docume ...

Pierluigi Paganini July 03, 2026
Hacking
The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident

Vercel breach happened after an employee used an unvetted AI tool. Attackers exploited it as a trusted link to access systems, steal data, and extort $2M. The Vercel breach of April 2026 did not b ...

Pierluigi Paganini July 03, 2026
Cyber Crime
Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut

Google disrupted NetNut, a major proxy network that routed internet traffic through compromised home devices used by cybercriminals. Google has disrupted NetNut, one of the world's largest residen ...

Pierluigi Paganini July 03, 2026
Security
Government and Healthcare Are the Weakest Links in Global Email Security

Government and healthcare sectors have weak email security. Many domains lack SPF, DMARC, DKIM, and MTA-STS, leaving them open to phishing attacks. Comparitech analyzed live DNS records for 5,849 ...

Pierluigi Paganini July 03, 2026
Security
Europe Confirms Record €4.1B Penalty Against Google for Android Practices

EU's top court upheld a €4.1B fine against Google, ruling it abused Android's market dominance through restrictive licensing practices. The Court of Justice of the European Union issued its ruli ...

Pierluigi Paganini July 02, 2026
Security
U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secu ...

Pierluigi Paganini July 02, 2026
Security
430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link

FortiBleed exposed 430,000 FortiGate firewalls, linked to INC Ransom and Lynx, enabling domain compromise and at least 12 ransomware attacks. SOCRadar's Threat Research Unit has connected FortiBle ...

Pierluigi Paganini July 02, 2026
Security
Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic

Adobe fixed multiple critical flaws, including max severity bugs in ColdFusion and Campaign Classic that could lead to remote code execution Adobe has released security updates for ColdFusion and ...

Pierluigi Paganini July 02, 2026
Security
Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges

Alleged Scattered Spider member Peter Stokes, 19, was extradited from Finland to the U.S. over hacking, fraud, and extortion charges. Peter Stokes, 19, an alleged Scattered Spider member known onl ...

Pierluigi Paganini July 02, 2026
Security
Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed

Oracle E-Business Suite flaw CVE-2026-46817 is under active attack, with about 950 vulnerable internet-facing instances still exposed. This week, Defused Cyber researchers warned that a critical v ...

Pierluigi Paganini July 01, 2026