MUST READ

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

 | 

Samsung fixed actively exploited zero-day

 | 

UK train operator LNER (London North Eastern Railway) discloses a data breach

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

 | 

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

 | 

Google fixes critical Chrome flaw, researcher earns $43K

 | 

Kosovo man pleads guilty to running online criminal marketplace BlackDB

 | 

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

 | 

Jaguar Land Rover discloses a data breach after recent cyberattack

 | 

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

 | 

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

 | 

KillSec Ransomware is Attacking Healthcare Institutions in Brazil

 | 

Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

 | 

SAP September 2025 Patch Day fixed 4 critical flaws

 | 

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

 | 

LunaLock Ransomware threatens victims by feeding stolen data to AI models

 | 

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

 | 

Canadian investment platform Wealthsimple disclosed a data breach

 | 

Venezuela’s President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies

 | 

Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure

 | 

search

Date range
Filters

17476 results

Pierluigi Paganini November 05, 2017
Flaws in IEEE P1735 electronics standard expose intellectual property

Experts discovered flaws in IEEE P1735 electronics standard, which describes methods for encrypting electronic-design intellectual property (IP). Crypto flaws in the IEEE P1735 electronics standard expose highly-valuable intellectual property in plaintext. The IEEE P1735 electronics standard provides recommendations on methods and techniques for encrypting electronic-design intellectual property about the hardware and software in electronic equipment. The standard describes how to protect intellectual […]

Pierluigi Paganini November 04, 2017
Hacker threatens Canadian University to dump student info unless the university pay a ransom

A hacker is attempting to extort the Canadian University of Fraser Valley (UFV), threatening to dump student information unless the university pays a ransom. Extortion is a winning criminal model for crooks, a hacker is attempting to extort the Canadian University of Fraser Valley (UFV), threatening to dump student information unless the university pay 30,000 […]

Pierluigi Paganini November 04, 2017
Tor Project fixed TorMoil, a critical Tor Browser flaw that can leak users IP Address

The Tor Project fixed a critical vulnerability dubbed TorMoil that could leak users real IP addresses to potential attackers. Tor users must update their Tor browser to fix a critical vulnerability, dubbed TorMoil, that could leak their real IP addresses to potential attackers when they visit websites with certain content. The Tor Project released the Tor Browser 7.0.9 version for both […]

Pierluigi Paganini November 04, 2017
Fake WhatsApp app in official Google Play Store downloaded by over a million Android users

A fake WhatsApp version deployed on the Play Store was downloaded by over a million users, a failure for the automated checks implemented by Google. Once again crooks exploited the official Google’s Play Store as a repository for malicious apps. This time a fake WhatsApp version was used to infect over a million users that […]

Pierluigi Paganini November 03, 2017
Hackers poisoned Google Search results to spread Zeus Panda banking Trojan

Experts at Cisco Talos observed crooks exploiting black Search Engine Optimization (SEO) to spread the Zeus Panda banking Trojan. Threat actors behind the Zeus Panda banking Trojan leveraged black Search Engine Optimization (SEO) to propose malicious links in the search results. Crooks were focused on financial-related keyword queries. The campaign was first spotted by experts at Cisco Talos, attackers […]

Pierluigi Paganini November 03, 2017
US DoJ Identifies at least 6 Russian Government officials Involved in DNC hack

The United States Department of Justice has gathered evidence to charge at least six Russian government officials involved in the 2016 DNC hack. The United States Department of Justice has gathered evidence to charge at least six Russian government officials involved in the DNC hack during the 2016 Presidential election. In the past months, US intelligence blamed […]

Pierluigi Paganini November 03, 2017
Estonia suspends security digital certificates for up to 760,000 state-issued electronic ID-cards over Identity-Theft risk

It has happened, one of the most cyber-savvy states, Estonia decided to block Electronic ID Cards over identity theft risk. On Thursday, Estonia announced that it would suspend security digital certificates for up to 760,000 state-issued electronic ID-cards that are using the buggy chips to mitigate the risk of identity theft. The decision comes after IT security researchers recently […]

Pierluigi Paganini November 03, 2017
FireEye announced the arrest of LeakTheAnalyst, the hacker who claimed to have breached its systems

FireEye CEO Kevin Mandia announced the arrest of LeakTheAnalyst, the hacker who claimed to have breached its systems back in July. Late July a hacker who goes online with the moniker LeakTheAnalyst claimed to have breached FireEye systems. The hacker leaked details alleged stolen from a compromised system maintained by Adi Peretz, a Senior Analyst at Mandiant. The hacker leaked a […]

Pierluigi Paganini November 02, 2017
Threat actors using default SSH credentials to hijack Ethereum miners

Attackers scanned for the entire IPv4 range and look for Ethereum miners with open SSH connections. Hackers target Ethereum-mining farms in the attempt to hijack the funds by replacing the user’s wallet with their one. The attacks were first spotted on Monday, threat actors attempted to change the default configuration of Ethereum miners. “Illicit digital currency mining, either directly […]

Pierluigi Paganini November 02, 2017
OpenSSL patches vulnerabilities discovered with Google OSS-Fuzz fuzzing service

OpenSSL patches two low and medium severity vulnerabilities that were discovered by using Google’s open source OSS-Fuzz fuzzing service. The medium severity vulnerability tracked as CVE-2017-3736 was addressed with the release of OpenSSL 1.1.0g and 1.0.2m. The flaw is a carry propagating bug in the x86_64 Montgomery squaring procedure, it affects processors that support BMI1, BMI2 and […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

Security / September 12, 2025

Samsung fixed actively exploited zero-day

Hacking / September 12, 2025

UK train operator LNER (London North Eastern Railway) discloses a data breach

Data Breach / September 12, 2025

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

Hacking / September 12, 2025

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

Cyber Crime / September 11, 2025