LATEST NEWS

VIEW ALL
OpenSSL patches for the fourth time in 2017 its library, and it will likely be the last one 
Pierluigi Paganini December 08, 2017

The OpenSSL Project released the OpenSSL 1.0.2n version that addresses two vulnerabilities discovered by the Google researcher David Benjamin. Benjamin discovered the vulnerabilities using t ...

Major Banking Applications were found vulnerable to MiTM attacks over SSL
Pierluigi Paganini December 07, 2017

Security experts discovered a critical vulnerability in major mobile banking applications that left banking credentials vulnerable to hackers. A group of security researchers has discovered a criti ...

NiceHash: security breach leads to 60 million lost - Iceman is behind?
Pierluigi Paganini December 07, 2017

NiceHash has been hacked, roughly to 60$ million (4,736.42 BTC) have been stolen while the bitcoin is crossing the 14k$ mark for the first time. A dark day for cryptocurrency miners, NiceHash has bee ...

Process Doppelgänging Attack allows evading most security software on all Windows Versions
Pierluigi Paganini December 07, 2017

Experts devised a new attack technique dubbed Process Doppelgänging, that could be implemented by vxers to bypass most antivirus solutions. A group of security researchers from Ensilo discovered a n ...

recent articles

Cyber Crime
Two Scattered Spider Members Sentenced to Prison Over £29 Million TfL Cyberattack

Two members of the Scattered Spider cybercrime group received jail sentences in the UK for the 2024 cyberattack on Transport for London. A UK court sentenced two Scattered Spider members, Thalha J ...

Pierluigi Paganini July 16, 2026
Artificial Intelligence
TuxBot v3: The IoT Botnet Built With AI - Bugs, Disclaimers and All

TuxBot v3, an AI-built IoT botnet for 17 architectures, shipped with LLM bugs and safety disclaimers the developer never removed. Palo Alto Networks' Unit 42 identified a previously undocumented m ...

Pierluigi Paganini July 16, 2026
Artificial Intelligence
Claude Code and DeepSeek Powered Chinese Cyber Espionage Campaign

Chinese actors used Claude Code and DeepSeek to automate attacks that breached government systems and targeted financial firms. Hunt.io researchers stumbled onto an active intrusion campaign in Ju ...

Pierluigi Paganini July 16, 2026
Security
Zoom Fixes CVE-2026-53412, a Critical Account Takeover Bug

Zoom warns of a critical Windows flaw, tracked as CVE-2026-53412, that could let attackers take over accounts without authentication. Zoom has fixed a critical Windows vulnerability, tracked as CV ...

Pierluigi Paganini July 16, 2026
Hacking
Chaotic Eclipse Unveils LegacyHive Exploit Affecting Fully Patched Windows Systems

LegacyHive PoC exposes a Windows Privilege Escalation flaw affecting fully patched Windows desktop and server systems. Just hours after Microsoft's July 2026 Patch Tuesday, security researcher Nig ...

Pierluigi Paganini July 15, 2026
Security
AsyncAPI npm Supply Chain Attack: Malware Injected Into Packages With 2 Million Weekly Downloads

AsyncAPI npm packages with 2M weekly downloads were compromised, spreading malware with info-stealing, crypto-theft and RAT capabilities. OX Security researchers disclosed on July 14 that the Asyn ...

Pierluigi Paganini July 15, 2026
Security
U.S. CISA adds SonicWall and Microsoft flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall and Microsoft flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security A ...

Pierluigi Paganini July 15, 2026
Hacking
SonicWall warns of active exploitation of two SMA 1000 zero-days

SonicWall warns of active attacks exploiting two SMA 1000 zero-days, including a flaw enabling arbitrary command execution. SonicWall confirmed the active exploitation of two zero-day vulnerabilit ...

Pierluigi Paganini July 15, 2026
Security
Patch Tuesday security updates for July 2026, the largest update ever. 621 CVEs in one month

Patch Tuesday: Microsoft fixes a record 621 CVEs, including 2 exploited zero-days and critical flaws affecting SharePoint, RDP, Hyper-V, and AD FS. Microsoft's July 2026 Patch Tuesday is, by a sig ...

Pierluigi Paganini July 14, 2026
Security
U.S. Treasury Sanctions VPN Provider and Cryptor Seller Behind Billions in Ransomware Losses

U.S. sanctions hit VPN provider 1VPNS and a cryptor seller for enabling ransomware gangs behind billions in losses to critical infrastructure. The U.S. Treasury's Office of Foreign Assets Control ...

Pierluigi Paganini July 14, 2026
Hacking
Attacker Used AI to Build Custom PowerShell Recon Malware

Huntress found an AI-generated PowerShell script used for AD reconnaissance, showing attackers are using AI to create custom, evasive tools. During an incident response investigation on June 3, 20 ...

Pierluigi Paganini July 14, 2026
Cyber Crime
Malware Hits Japan's Largest Taxi Company Nihon Kotsu, Services Temporarily Suspended

Japan's largest taxi operator Nihon Kotsu shut down systems after a malware attack, disrupting dispatch and bookings. Nihon Kotsu, Japan's largest taxi company, disclosed on July 13, 2026 that it ...

Pierluigi Paganini July 14, 2026
Malware
CrashStealer: New macOS Infostealer Uses Signed Apps to Evade Gatekeeper

New macOS infostealer CrashStealer uses a signed app to bypass Gatekeeper, steals credentials and wallets, then AES-encrypts stolen data. Jamf Threat Labs first spotted CrashStealer in early May 2 ...

Pierluigi Paganini July 14, 2026
Data Breach
Lidl Notified Online Shop Customers in Germany, Belgium, and the Netherlands of a Data Breach

Lidl disclosed a third-party data breach affecting online shop customers in Germany, Belgium, and the Netherlands. Payment data was not exposed. Lidl contacted customers of its online shop in Germ ...

Pierluigi Paganini July 13, 2026
Security
U.S. CISA adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)� ...

Pierluigi Paganini July 13, 2026
Intelligence
EU Targets FSB-Linked Hackers in New Sanctions Over Cyber Sabotage

EU sanctions target nine people and four entities tied to Russia's FSB over a 15-year cyberespionage and critical infrastructure sabotage campaign. The European Union imposed sanctions on Monday t ...

Pierluigi Paganini July 13, 2026
Cyber Crime
Dutch Nationals Suspected in Odido Hack That Exposed Six Million Customers

Dutch police suspect local hackers behind the Odido breach that exposed 6M customers after a phishing attack and seek public help identifying them. Dutch police have identified strong indications ...

Pierluigi Paganini July 13, 2026
Security
Australia Alerts Organizations to Ongoing CMS Exploitation Attacks

Australia warns of a global campaign exploiting CMS flaws to deploy webshells on WordPress, Joomla, and other websites. Australia's Signals Directorate has issued an alert about a large-scale expl ...

Pierluigi Paganini July 13, 2026
Uncategorized
Ryuk Ransomware Member Pleads Guilty Over Attacks on U.S. Organizations

An alleged Ryuk ransomware member pleaded guilty in the U.S. for helping deploy attacks on American companies and faces up to 15 years in prison. Armenian national Karen Serobovich Vardanyan (34) ...

Pierluigi Paganini July 12, 2026
Hacking
Progress Told ShareFile Customers to Pull the Plug on Their Servers. Here's What We Know.

Progress urged ShareFile Storage Zone customers to shut down internet-facing servers immediately over a credible security threat under investigation. Progress Software sent an urgent email to Shar ...

Pierluigi Paganini July 12, 2026