Pierluigi Paganini
October 30, 2023
A sophisticated malware tracked as StripedFly remained undetected for five years and infected approximately one million devices. Researchers from Kaspersky discovered a sophisticated malware, dubb ...
Pierluigi Paganini
October 29, 2023
IT Army of Ukraine hacktivists have temporarily disrupted internet services in some of the territories that have been occupied by Russia. Ukrainian hacktivists belonging to the IT Army of Ukraine� ...
Pierluigi Paganini
October 29, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Pierluigi Paganini
October 28, 2023
The Pwn2Own Toronto 2023 hacking competition is over, bug hunters earned $1,038,500 for 58 zero-day exploits. The Pwn2Own Toronto 2023 hacking competition is over, the organizers awarded $1,038,25 ...
April 23, 2026
Operation Endgame disrupted malware services like StealC and Amadey that enable ransomware, fraud, and attacks on critical infrastructure. Between June 15 and 19, 2026, Europol coordinated a two-w ...
Pierluigi Paganini
June 24, 2026
Frontier AI could drive a 10x surge in vulnerabilities. CTEM helps organizations continuously identify, prioritize, and reduce real cyber risk. Your vulnerability management program was not design ...
Pierluigi Paganini
June 24, 2026
Attackers exploit Cisco Unified CM flaw (CVE-2026-20230) allowing unauth HTTP requests to trigger SSRF, write files, and gain root access Cisco Unified Communications Manager has a serious vulnera ...
Pierluigi Paganini
June 24, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ubiquiti UniFi OS and Lantronix EDS5000 flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...
Pierluigi Paganini
June 24, 2026
FortiBleed exposed valid credentials for 73,000+ Fortinet firewalls, revealing a large-scale access-brokering operation targeting organizations worldwide. In mid-June 2026, researcher Volodymyr "B ...
Pierluigi Paganini
June 24, 2026
A nationwide GSM-R outage stopped trains across Germany, exposing how one aging communications system can still bring an entire rail network to a halt At 10:30 PM on Tuesday June 23, Deutsche Bahn ...
Pierluigi Paganini
June 24, 2026
Samsung’s KNOX flaw (CVE-2026-20971) is a kernel UAF in PROCA/FIVE that can enable corruption via a race; Samsung patched it in Jan 2026. Experts found a nasty kernel flaw in Samsung’s KNOX st ...
Pierluigi Paganini
June 23, 2026
Four flaws in Dify exposed cross-tenant data, documents and AI conversations. Two critical bugs enabled unauthenticated access and data theft. Zafran Labs researchers disclosed four vulnerabilitie ...
Pierluigi Paganini
June 23, 2026
Xsolis disclosed a breach affecting 1.4M people after a phishing attack exposed personal and health data from its hospital clients’ systems. Healthcare tech company Xsolis, Inc. has disclosed a ...
Pierluigi Paganini
June 23, 2026
Attackers backdoored ShapedPlugin Pro updates, deploying malware that steals credentials, 2FA secrets, and grants full site access. If you installed a ShapedPlugin Pro plugin between April and Jun ...
Pierluigi Paganini
June 23, 2026
Squidbleed is a 29-year-old Squid Proxy flaw that can leak credentials, tokens, and other users' HTTP data through a memory overread. Researchers at Calif.io have disclosed CVE-2026-47729, a memor ...
Pierluigi Paganini
June 23, 2026
WhatsApp accounts were hijacked to spread fake debt notices that install remote access software, giving attackers control of victims' PCs. Kaspersky published a technical analysis this week of an ...
Pierluigi Paganini
June 22, 2026
Texas Parks and Wildlife Department (TPWD) breach exposed data of 3M people via a third-party license vendor, including sensitive personal information. The Texas Parks and Wildlife Department (TPW ...
Pierluigi Paganini
June 22, 2026
Senate testimony claims Anthropic's Mythos AI breached NSA and Cyber Command systems in hours, prompting a U.S.-ordered shutdown. On June 12, the Trump administration directed Anthropic to restric ...
Pierluigi Paganini
June 22, 2026
FortiBleed targeted 430,000+ FortiGate devices, harvesting 110M credentials and enabling breaches through large-scale credential theft. A new threat intelligence report from SOCRadar's Threat Rese ...
Pierluigi Paganini
June 22, 2026
AryStinger hijacks outdated routers via old flaws, turning 4,300+ devices into a stealth network for reconnaissance and intrusion support. On March 12, 2026, QiAnXin's XLab threat detection system ...
Pierluigi Paganini
June 22, 2026
usbliter8 is an unpatchable BootROM exploit affecting A12/A13 devices, enabling code execution and extending checkm8-like risks to newer iPhones. Security researchers at Paradigm Shift published a ...
Pierluigi Paganini
June 22, 2026
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter OptinMonster supply chain attack hits 1. ...
Pierluigi Paganini
June 21, 2026
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly Security ...
Pierluigi Paganini
June 21, 2026
The Gentlemen equips affiliates with a centralized EDR-killer suite, rapidly weaponizing BYOVD exploits to disable security tools before ransomware attacks. ESET published a detailed breakdown of ...
Pierluigi Paganini
June 20, 2026
