Pierluigi Paganini
May 25, 2014
Experts at Mandiant have corroborated the DOJ’s data by releasing additional evidence not included in the original APT1 report. One of the news most important shared on the internet this week it th ...
Pierluigi Paganini
May 25, 2014
The Egyptian security researcher Ahmed Aboul-Ela has discovered a vulnerability which allowed deleting comments of any user in all Yahoo sites. A couple of days ago I was contacted by the Egyp ...
Pierluigi Paganini
May 24, 2014
Security Experts at Fidelis Cyber Security firm have recently discovered a new phishing campaign using the Unrecom RAT (remote access trojan). Fidelis Cyber Security firm has recently issued the Fide ...
Pierluigi Paganini
May 24, 2014
Security experts have discovered three new critical eBay vulnerabilities, the privacy and data of more than 145 million users is still at risk. Just a few days after the disclosure of a major dat ...
April 23, 2026
April 27, 2026
CVE-2026-6770 let attackers fingerprint Firefox and Tor users, even in Private mode. Firefox 150 and Tor Browser 15.0.10 fixed it. A vulnerability, tracked as CVE-2026-6770, allowed attackers to f ...
Pierluigi Paganini
April 27, 2026
Fast16 is a pre-Stuxnet malware that tampered with precision software and spread itself. Evidence suggests links to U.S. operations during early cyber tensions. SentinelOne uncovered Fast16, a sab ...
Pierluigi Paganini
April 27, 2026
Italy plans to extradite Xu Zewei to the U.S. over alleged hacks on COVID-19 research tied to state-backed operations. Italy is moving to extradite Xu Zewei, the Chinese national arrested in 2025 ...
Pierluigi Paganini
April 27, 2026
Itron detected unauthorized access to part of its IT environment on April 13, 2026, and launched incident response and notified authorities. Itron disclosed a cyber incident involving unauthorized ...
Pierluigi Paganini
April 27, 2026
CrowdStrike fixed CVE-2026-40050 in LogScale self-hosted, a critical flaw allowing unauthenticated file access via path traversal. CrowdStrike recently disclosed a critical vulnerability, tracked ...
Pierluigi Paganini
April 26, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Morpheus: A new Spyware linked to IPS Intelligence The iPho ...
Pierluigi Paganini
April 26, 2026
Trigona ransomware now uses a custom command-line tool to steal data faster and evade detection, replacing tools like Rclone and MegaSync. Symantec researchers report that recent Trigona ransomwar ...
Pierluigi Paganini
April 26, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
April 26, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ...
Pierluigi Paganini
April 25, 2026
Attackers exploit a Breeze Cache flaw (CVE-2026-3844) to upload files without login. Wordfence researchers detected over 170 attacks. Threat actors are exploiting a critical flaw, tracked as CVE-2 ...
Pierluigi Paganini
April 25, 2026
CISA said a federal Cisco Firepower ASA device was infected with the FIRESTARTER backdoor in Sept 2025, and it survived security patches. CISA revealed that a U.S. federal civilian agency’s Cisc ...
Pierluigi Paganini
April 25, 2026
'Pack2TheRoot' flaw lets local Linux users gain root via PackageKit. CVE-2026-41651 (8.8) has existed for nearly 12 years. The Pack2TheRoot flaw, tracked as CVE-2026-41651, lets unprivileged users ...
Pierluigi Paganini
April 24, 2026
Germany’s Bundestag President Klöckner was targeted in a Signal phishing attack via a fake CDU group chat. Germany’s Bundestag President Julia Klöckner has reportedly become the latest Euro ...
Pierluigi Paganini
April 24, 2026
Bitwarden CLI was hit by the Checkmarx supply chain attack. Version 2026.4.0 shipped malicious code in bw1.js via a compromised GitHub Action. Bitwarden CLI has been compromised as part of the ong ...
Pierluigi Paganini
April 24, 2026
UK National Cyber Security Centre (NCSC) warns China-linked hackers use hijacked devices as proxy networks to hide activity and evade detection. UK National Cyber Security Centre (NCSC) and global ...
Pierluigi Paganini
April 24, 2026
Rituals disclosed a breach where hackers accessed and downloaded some My Rituals members’ data, including names and addresses. Luxury cosmetics giant Rituals disclosed a data breach impacting My ...
Pierluigi Paganini
April 23, 2026
Apple fixed an iOS flaw that kept deleted notifications on devices, allowing recovery of messages, including from apps like Signal. Apple released updates for iOS and iPadOS to address the vulnera ...
Pierluigi Paganini
April 23, 2026
Leaked data from RAMP reveals Russia’s ransomware ecosystem, analyzing 1,732 threads, 7,707 users, and 340,000 IP records from the forum. RAMP was not just another dark web forum. It was one of ...
Pierluigi Paganini
April 23, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security ...
Pierluigi Paganini
April 23, 2026
A new GoGra Linux malware uses Microsoft Graph API and an Outlook inbox to deliver payloads, making it stealthy and hard to detect. A new Linux version of the GoGra backdoor uses Microsoft’s Gra ...
Pierluigi Paganini
April 23, 2026
