MUST READ

Fintech firm Figure disclosed data breach after employee phishing attack

 | 

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

 | 

Suspected Russian hackers deploy CANFAIL malware against Ukraine

 | 

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

 | 

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

 | 

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

 | 

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

 | 

Odido confirms massive breach; 6.2 Million customers impacted

 | 

ApolloMD data breach impacts 626,540 people

 | 

LummaStealer activity spikes post-law enforcement disruption

 | 

Apple fixed first actively exploited zero-day in 2026

 | 

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

 | 

Volvo Group hit in massive Conduent data breach

 | 

Reynolds ransomware uses BYOVD to disable security before encryption

 | 

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

 | 

U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

 | 

ZeroDayRAT spyware grants attackers total access to mobile devices

 | 

Senegal shuts National ID office after ransomware attack

 | 

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

 | 

search

Date range
Filters

18047 results

Pierluigi Paganini May 19, 2019
Unpatched Ethereum Clients expose the ecosystem to 51% Attack risk

Security researchers from SRLabs have published a report that analyzed the risks for Ethereum network caused by unpatched Ethereum clients. Researchers at SRLabs published a report based on ethernodes.org data, that revealed that a large number of nodes using the popular clients Parity and Geth is still unpatched. The expert discovered that the Ethereum clients and […]

Pierluigi Paganini May 19, 2019
Security Affairs newsletter Round 214 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter” https://www.surveymonkey.com/r/EUBloggerAwards2018 Hacking the ‘Unhackable eyeDisk USB stick Security […]

Pierluigi Paganini May 19, 2019
Salesforce faced one of its biggest service disruption of ever

Salesforce is facing a huge outage, it shut down a good portion of its infrastructure due to change to the production environment. A change in the production environment is the root cause of the broad outage suffered by Salesforce. The service disruption affected its Pardot B2B marketing automation system, the cloud CRM company’s change broke […]

Pierluigi Paganini May 19, 2019
Dutch intelligence investigate alleged Huawei ‘backdoor’

Dutch intelligence services are probing Huawei for possibly spying for the Chinese government by using a “back door” in equipment of major telecoms firms. Dutch intelligence probes Huawei for possibly spying for the Chinese government by using a “back door” in the equipment used by major telecoms firms. Dutch intelligence shares the concerns raised by […]

Pierluigi Paganini May 18, 2019
Unistellar attackers already wiped over 12,000 MongoDB databases

Unistellar attackers have already wiped roughly 12,000 unsecured MongoDB databases exposed online over the past three. Every time hackers deleted a MongoDB database they left a message asking the administrators to contact them to restore the data. Unfortunately, the criminal practice of deleting MongoDB databases and request a ransom to restore data is common, experts […]

Pierluigi Paganini May 18, 2019
Facebook banned Archimedes Group, misinformation made in Israel

A new political misinformation campaign was uncovered and blocked by Facebook, this time it was not operated by Russia but Israel’s Archimedes Group Facebook uncovered and blocked a misinformation campaign powered by Israel’ Archimedes Group, the corporation used fake accounts to manipulated political campaigns. According to Facebook, the Archimedes Group used hundreds of pages, accounts, […]

Pierluigi Paganini May 17, 2019
Chinese state-sponsored hackers breached TeamViewer in 2016

The German newspaper Der Spiegel revealed that the software company behind TeamViewer was compromised in 2016 by Chinese hackers. China-linked hackers breached German software company behind TeamViewer in 2016, this news was reported by the German newspaper Der Spiegel According to the media outlet, Chinese state-sponsored hackers used the Winnti trojan malware to infect the systems […]

Pierluigi Paganini May 17, 2019
A flaw in Slack could allow hackers to steal, manipulate downloaded files

A recently patched flaw in the Slack desktop application for Windows can be exploited by attackers to steal and manipulate a targeted user’s downloaded files. Slack is a cloud-based set of proprietary team collaboration tools and services, Security researcher David Wells from Tenable discovered a critical flaw in version 3.3.7 of the Slack desktop app […]

Pierluigi Paganini May 17, 2019
Cisco addressed a critical flaw in networks management tool Prime Infrastructure

Cisco had issued security updates to address 57 security flaw, including three flaws in networks management tool Prime Infrastructure. One of the flaws addressed by Cisco in the Prime Infrastructure management tool could be exploited by an unauthenticated attacker to execute arbitrary code with root privileges on PI devices. “Multiple vulnerabilities in the web-based management […]

Pierluigi Paganini May 17, 2019
XSS flaw in WordPress Live Chat Plugin lets attackers compromise WP sites

A vulnerability in the Live Chat Support plugin for WordPress could be exploited by attackers to inject malicious scripts in websites using it Researchers at Sucuri have discovered a stored/persistent cross-site scripting (XSS) vulnerability in the WP Live Chat Support plugin for WordPress. The flaw could be exploited by remote, unauthenticated attackers to inject malicious […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Fintech firm Figure disclosed data breach after employee phishing attack

Data Breach / February 14, 2026

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

Breaking News / February 14, 2026

Suspected Russian hackers deploy CANFAIL malware against Ukraine

Hacking / February 14, 2026

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

Artificial Intelligence / February 13, 2026

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

Uncategorized / February 13, 2026