MUST READ

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

 | 

Samsung fixed actively exploited zero-day

 | 

UK train operator LNER (London North Eastern Railway) discloses a data breach

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

 | 

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

 | 

Google fixes critical Chrome flaw, researcher earns $43K

 | 

Kosovo man pleads guilty to running online criminal marketplace BlackDB

 | 

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

 | 

Jaguar Land Rover discloses a data breach after recent cyberattack

 | 

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

 | 

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

 | 

KillSec Ransomware is Attacking Healthcare Institutions in Brazil

 | 

Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

 | 

SAP September 2025 Patch Day fixed 4 critical flaws

 | 

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

 | 

LunaLock Ransomware threatens victims by feeding stolen data to AI models

 | 

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

 | 

Canadian investment platform Wealthsimple disclosed a data breach

 | 

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

 | 

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

 | 

search

Date range
Filters

17476 results

Pierluigi Paganini January 12, 2018
Security issue in Intel’s Active Management Technology (AMT) allows to gain full remote access to corporate devices

Security researchers from F-Secure have discovered a new issue in Intel’s Advanced Management Technology (AMT) implementation that can be exploited by remote attackers to access most of the corporate laptops. Intel is the middle of a tempest, after the discovery of the Meltdown and Spectre attacks, security researchers have discovered a new vulnerability in Intel’s […]

Pierluigi Paganini January 12, 2018
A flaw in macOS High Sierra allows to unlock the App Store Preferences without password

Security expert discovered a new vulnerability in macOS High Sierra that could be exploited by users logged as admins to unlock the AppStore Preferences in System Preferences by providing any password. Security expert discovered a new vulnerability in macOS High Sierra that could be exploited by users logged as admins to unlock the AppStore Preferences in System Preferences by […]

Pierluigi Paganini January 12, 2018
Is the INSCOM (U.S. Army Intelligence & Security Command) working on a PSYOPS software?

The INSCOM (U.S. Army Intelligence & Security Command) is working on a software that could be used to monitor social media and influence the sentiment on specific topics. We have a long discussed the possible use of social media for both intelligence gathering and PSYOPs operations. In 2013 I wrote an interesting post about Social Media use in the […]

Pierluigi Paganini January 12, 2018
Never too late, Skype supports end-to-end encryption for new Private Conversations feature

It’s official, Microsoft’s Skype is rolling out a new feature called Private Conversations, which uses end-to-end encryption. The latest version of Skype implements end-to-end encryption and introduces the support for the Signal protocol. which is the protocol used by WhatsApp, Facebook Messenger, Google Allo, and Signal. Attackers will not able to snoop on Skype Private Conversations will support text, […]

Pierluigi Paganini January 11, 2018
CSE Malware ZLab – Double Process Hollowing -The stealth process injection of the new Ursnif malware

A new variant of the infamous Ursnif malware spread in the wild and adopts a new advanced evasion technique dubbed Double Process Hollowing. Whereas the malware LockPos, famous for its new incredibly advanced and sophisticated evasion technique, spread and affected many Points of Sale, another variant spread in the wild and adopts a similar but […]

Pierluigi Paganini January 11, 2018
A security issue in WhatsApp potentially allows attackers to eavesdrop on encrypted Group chats

An attacker can secretly eavesdrop on your private end-to-end encrypted group chats on WhatsApp, Threema and Signal messaging apps. Even if the messaging services implement end-to-end encryption, an attacker or someone in the company that provides the service can decrypt your messages. A Group of researchers from Ruhr-Universität Bochum (RUB) in Germany discovered that anyone who controls […]

Pierluigi Paganini January 11, 2018
Italian researcher discovered that Gmail shutdown after sending a Zalgo text

Researchers at security firm We Are Segment have discovered a vulnerability in Gmail, a “distorted” message shuts down the most famous webmail in the world. This Cybersec company We Are Segment, part of the Interlogica group, discovered a severe vulnerability in Gmail. Last month the Italian firm made the headlines due to the discovery of the Tormoil […]

Pierluigi Paganini January 10, 2018
New Malware Dubbed LockPos Introduces New Injection Technique To Avoid Detection

Security Researchers from Cyberbit have discovered a new malware injection technique being used by a variant of Flokibot malware named LockPoS. A Point of Sale (PoS) malware is a malicious application that steals credit card data from the memory of computers connected to credit card equipment. Once infected the system, the LockPoS malware tries to gain access […]

Pierluigi Paganini January 10, 2018
Electrum patches a critical flaw that exposed Bitcoin Wallets to hack since 2016

The development team behind the popular Electrum Bitcoin wallet app has issued an emergency patch for a critical vulnerability in the company bitcoin wallets. Electrum is a free application that’s used by many cryptocurrency sites to store bitcoin. Administrators can run their own Electrum server and the software supports hardware wallets such as Trezor, Ledger and Keepkey. The […]

Pierluigi Paganini January 10, 2018
Turla APT group’s espionage campaigns now employs Adobe Flash Installer and ingenious social engineering

Turla APT group’s espionage campaigns now employs Adobe Flash Installer and an ingenious social engineering technique, the backdoor is downloaded from what appears to be legitimate Adobe URLs and IP addresses. Security researchers from ESET who have analyzed recent cyber espionage campaigns conducted by the dreaded Turla APT group reported that hackers leverage on malware downloaded from […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

Security / September 12, 2025

Samsung fixed actively exploited zero-day

Hacking / September 12, 2025

UK train operator LNER (London North Eastern Railway) discloses a data breach

Data Breach / September 12, 2025

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

Hacking / September 12, 2025

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

Cyber Crime / September 11, 2025