MUST READ

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

 | 

Samsung fixed actively exploited zero-day

 | 

UK train operator LNER (London North Eastern Railway) discloses a data breach

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

 | 

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

 | 

Google fixes critical Chrome flaw, researcher earns $43K

 | 

Kosovo man pleads guilty to running online criminal marketplace BlackDB

 | 

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

 | 

Jaguar Land Rover discloses a data breach after recent cyberattack

 | 

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

 | 

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

 | 

KillSec Ransomware is Attacking Healthcare Institutions in Brazil

 | 

Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

 | 

SAP September 2025 Patch Day fixed 4 critical flaws

 | 

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

 | 

LunaLock Ransomware threatens victims by feeding stolen data to AI models

 | 

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

 | 

Canadian investment platform Wealthsimple disclosed a data breach

 | 

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

 | 

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

 | 

search

Date range
Filters

17476 results

Pierluigi Paganini November 09, 2017
Hack the hackers. Watch out the NEW IPCAM EXPLOIT, it is a scam!

Security experts have discovered a new hacking tool dubbed NEW IPCAM EXPLOIT containing a backdoor that is offered on several underground hacking forums. Wannabe hackers, be careful out of free hacking tools, many of them are scams. Recently security experts reported several cases of fake hacking tools hiding backdoors, for example, a fake Facebook hacking tool or the Cobian RAT. […]

Pierluigi Paganini November 09, 2017
Experts can hack most CPUs since 2008 over USB by triggering Intel Management Engine flaw

Intel’s management engine – in most Positive Technologies plans to demonstrate at the next Black Hat conference how to hack over USB into Intel Management Engine of most CPUs since 2008. Experts from Positive Technologies that in September announced to have devised a technique a to attack the Intel Management Engine, now provided more details about […]

Pierluigi Paganini November 09, 2017
Russia-Linked APT28 group observed using DDE attack to deliver malware

Security experts at McAfee observed the Russian APT28 group using the recently reported the DDE attack technique to deliver malware in espionage campaign. Security experts at McAfee observed the Russian APT group APT28 using the recently reported the DDE technique to deliver malware in targeted attacks. The cyber spies were conducting a cyber espionage campaign that involved blank documents […]

Pierluigi Paganini November 08, 2017
Google Syzkaller fuzzer allowed to discover several flaws in Linux USB Subsystem

The Google researcher Andrey Konovalov discovered several vulnerabilities in the Linux kernel USB subsystem using the Google Syzkaller fuzzer. Google researcher Andrey Konovalov has discovered many security vulnerabilities in Linux USB Subsystem. The expert used a fuzzing tool developed by Google dubbed Syzkaller fuzzer, he discovered tens of vulnerabilities, including 22 security flaws. Konovalov published a detailed analysis of 14 vulnerabilities that have […]

Pierluigi Paganini November 08, 2017
Android Security Bulletin—November 2017 – Google addresses critical flaws and high-risk KRACK vulnerabilities in Android

Android Security Bulletin—November 2017 – Google addresses critical vulnerabilities and high-risk KRACK flaws in Android OS. Google released the Android Security Bulletin—November 2017 that address 31 vulnerabilities, 9 of which are critical remote code execution flaws. The Android Security Bulletin includes three different security patch levels. The 2017-11-01 and 2017-11-05 patch levels contain fixes for both Critical […]

Pierluigi Paganini November 08, 2017
A regular GitHub user accidentally triggered a flaw Ethereum Parity Wallet that locked up $280 million in Ether

A GitHub user accidentally triggered a flaw in the Parity Wallet library contract of the standard multi-sig contract that locked up $280 million in Ether. Ethereum made again the headlines, someone has accidentally triggered a vulnerability in the popular Parity Wallet that locked up $280 million in Ether, including $90 million raised by Parity Technologies’s founder Gavin Woods. The […]

Pierluigi Paganini November 08, 2017
Symantec uncovered a new APT, the cyber espionage Sowbug group

Malware researchers from Symantec have spotted a new cyber espionage APT dubbed Sowbug group that has been active at least since 2015. A new cyber espionage group dubbed Sowbug appeared in the threat landscape, according to the experts it has been active since 2015 and was involved in highly targeted attacks against a host of government organizations in […]

Pierluigi Paganini November 07, 2017
Owners have found a built-in Keylogger in MantisTek GK2 Keyboards that send some data to China

One of the most popular Keyboards in the gaming industry, 104-key Mantistek GK2 Mechanical Gaming Keyboard send data back to China. A wrong keyboard could represent an entry point for any organization. One of the most popular Keyboards in the gaming industry, 104-key Mantistek GK2 Mechanical Gaming Keyboard seems to include a built-in Keylogger. A number […]

Pierluigi Paganini November 07, 2017
Vietnamese APT32 group is one of the most advanced APTs in the threat landscape

According to the incident response firm Volexity, Vietnamese APT32 group is today one of the most advanced APTs in the threat landscape According to the incident response firm Volexity, the cyber espionage campaigns associated with a group operating out of Vietnam and tracked as tracked as OceanLotus and APT32 have become increasingly sophisticated. Researchers at Volexity has been tracking the threat actor since […]

Pierluigi Paganini November 07, 2017
German users exploit a Twitter bug to post 30,000-character tweet

Over the weekend, two German Twitter users successfully bypassed the existing character limit by exploiting a Twitter bug and sending a 30,396-character tweet. Two German Twitter users, Timrasett and HackneyYT, were able to bypass the 280-character limit by posting a 30,000-character Tweet. Unfortunately, the side effect was that the long tweet caused problems, with some users complaining of crashes. […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

Security / September 12, 2025

Samsung fixed actively exploited zero-day

Hacking / September 12, 2025

UK train operator LNER (London North Eastern Railway) discloses a data breach

Data Breach / September 12, 2025

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

Hacking / September 12, 2025

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

Cyber Crime / September 11, 2025