LATEST NEWS

VIEW ALL
Snatch group claims to have hacked military provider HENSOLDT France
Pierluigi Paganini October 31, 2022

The Snatch ransomware group claims to have hacked HENSOLDT France, a company specializing in military and defense electronics. The Snatch ransomware group claims to have hacked the French comp ...

GitHub flaw could have allowed attackers to takeover repositories of other users
Pierluigi Paganini October 31, 2022

A critical flaw in the cloud-based repository hosting service GitHub could've allowed attackers to takeover other repositories. The cloud-based repository hosting service GitHub has addressed a vu ...

Malicious dropper apps on Play Store totaled 30.000+ installations
Pierluigi Paganini October 31, 2022

ThreatFabric researchers discovered five malicious dropper apps on Google Play Store with more than 130,000 downloads. Researchers at ThreatFabric have discovered five malicious dropper apps on t ...

Former British Prime Minister Liz Truss 's phone was allegedly hacked by Russian spies
Pierluigi Paganini October 30, 2022

According to the Daily Mail, Former British Prime Minister Liz Truss 's personal phone was hacked by Russian spies. The personal mobile phone of British Prime Minister Liz Truss was hacked by cyb ...

recent articles

Data Breach
AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack

AssuranceAmerica confirmed a breach exposing nearly 7 million driver's licenses after hackers compromised an employee account and stole customer data. U.S. auto insurer AssuranceAmerica has confir ...

Pierluigi Paganini July 09, 2026
Security
Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)

Microsoft fixed RoguePlanet (CVE-2026-50656), a Defender flaw allowing local attackers to gain higher privileges through the Malware Protection Engine. Microsoft released security updates for Rogu ...

Pierluigi Paganini July 09, 2026
Malware
Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes

Fake apps like WireVPN and a trojanized 7-Zip turn victims' devices into residential proxies, letting criminals route traffic through their IPs. Infoblox's threat research team started pulling on ...

Pierluigi Paganini July 09, 2026
Security
Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation

Ubiquiti patched seven UniFi OS flaws, including critical CVE-2026-50746, which allows command injection in UniFi Connect Application. Ubiquiti released security updates for seven critical UniFi O ...

Pierluigi Paganini July 08, 2026
Data Breach
A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach

Accenture confirmed a breach after a hacker claimed to steal 35 GB of source code, keys, and Azure credentials now offered for sale. A threat actor using the handle "888" claimed on the cybercrime ...

Pierluigi Paganini July 08, 2026
Malware
Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools

RedWing: The Android Banking Trojan You Can Rent on Telegram for Less Than a Coffee Subscription Zimperium's zLabs team has uncovered RedWing, an Android spyware operation sold as a subscription s ...

Pierluigi Paganini July 08, 2026
Hacking
U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalo ...

Pierluigi Paganini July 08, 2026
Artificial Intelligence
CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code

CISA is using Anthropic's Mythos AI to scan federal code for vulnerabilities, aiming to find flaws before hackers and foreign intelligence services. Three sources familiar with the matter told Reu ...

Pierluigi Paganini July 08, 2026
Hacking
Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets

Attackers are exploiting a critical Gitea flaw (CVE-2026-20896) that bypasses authentication with a single HTTP header, exposing repositories and sensitive data. Sysdig researchers warn that attac ...

Pierluigi Paganini July 07, 2026
Hacktivism
Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)

Spain arrested a suspected CARR and Z-Pentest collaborator in an FBI-led probe for aiding pro-Russian hackers, coordinating attacks, and using crypto. Spanish National Police arrested a man in Pal ...

Pierluigi Paganini July 07, 2026
Security
Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available

CERT/CC warns an unpatched backdoor in several Tenda routers lets attackers bypass login and gain full admin access with a hidden password. CERT/CC published an alert documenting an undocumented a ...

Pierluigi Paganini July 07, 2026
APT
AI-Generated Malware Powers New Armored Likho APT Campaign

Armored Likho APT uses AI-generated malware, phishing, and BusySnake Stealer to target governments and power grids in Russia, Kazakhstan, and Brazil. Kaspersky's threat research team has documente ...

Pierluigi Paganini July 07, 2026
Security
Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks

Januscape: A 16-year-old Linux KVM flaw lets cloud VM tenants crash hosts and potentially escape guests. It affects Intel and AMD systems. Security researcher Hyunwoo Kim has published details of ...

Pierluigi Paganini July 07, 2026
Hacking
Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild

Attackers are exploiting the critical Adobe ColdFusion flaw CVE-2026-48282, which allows remote code execution on unpatched servers. Attackers have started exploiting CVE-2026-48282, a maximum-sev ...

Pierluigi Paganini July 06, 2026
Artificial Intelligence
Hidden Web Prompts Trick AI Agents Into Sending Money

Hidden prompts on malicious websites trick AI agents into making payments or trusting fake sites, exposing new risks for autonomous AI workflows. Zscaler ThreatLabz documented two active campaigns ...

Pierluigi Paganini July 06, 2026
Security
Seven Bugs in FatFs Put IoT and Embedded Devices at Risk

runZero found 7 flaws in FatFs, a filesystem used in IoT and embedded devices. Bugs can cause memory corruption, crashes, or data leaks via crafted storage. Cybersecurity firm runZero has disclose ...

Pierluigi Paganini July 06, 2026
Hacking
Bad Epoll Flaw Gives Attackers Root Access on Linux and Android

Bad Epoll (CVE-2026-46242) lets local attackers gain root on Linux and Android. The flaw was missed by AI but found by a security researcher. A newly disclosed Linux kernel vulnerability, named&nb ...

Pierluigi Paganini July 06, 2026
Cyber Crime
Medtronic Notifies 3.8 Million After ShinyHunters Data Breach

Medtronic says a ShinyHunters attack exposed the personal and medical data of over 3.8 million people. Products and operations were unaffected. Medtronic is notifying 3,834,294 individuals after a ...

Pierluigi Paganini July 05, 2026
Uncategorized
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hijacked npm Packages Use Novel VSCode A ...

Pierluigi Paganini July 05, 2026
Security
Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...

Pierluigi Paganini July 05, 2026