MUST READ

FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

 | 

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

 | 

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

 | 

Samsung fixed actively exploited zero-day

 | 

UK train operator LNER (London North Eastern Railway) discloses a data breach

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

 | 

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

 | 

Google fixes critical Chrome flaw, researcher earns $43K

 | 

Kosovo man pleads guilty to running online criminal marketplace BlackDB

 | 

Attackers abuse ConnectWise ScreenConnect to drop AsyncRAT

 | 

Jaguar Land Rover discloses a data breach after recent cyberattack

 | 

Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts

 | 

Google Pixel 10 adds C2PA to camera and Photos to spot AI-generated or edited images

 | 

KillSec Ransomware is Attacking Healthcare Institutions in Brazil

 | 

Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws

 | 

SAP September 2025 Patch Day fixed 4 critical flaws

 | 

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

 | 

LunaLock Ransomware threatens victims by feeding stolen data to AI models

 | 

Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack

 | 

Canadian investment platform Wealthsimple disclosed a data breach

 | 

search

Date range
Filters

17478 results

Pierluigi Paganini October 18, 2017
South Africa – About 30-million identity numbers and other personal and financial information leaked online

South Africa – About 30-million identity numbers and other personal and financial information leaked online, it is the largest data leak in the country. About 30-million identity numbers and other personal and financial information had been hacked and leaked online, it could be the biggest data breach suffered by the South Africa. The data breach was discovered […]

Pierluigi Paganini October 18, 2017
The Necurs botnet is back spreading a downloader with new interesting features

The Necurs botnet is spreading a new downloader that takes screenshots of the victims’ desktops and Runtime Errors back to the operators. The Necurs botnet is back once again, the dreaded botnet was spreading a downloader that takes screenshots of the victims’ desktops and Runtime Errors back to the attackers. “Recently we have seen a resurgence of […]

Pierluigi Paganini October 18, 2017
BAE Systems report links Taiwan heist to North Korean LAZARUS APT

Researchers at BAE Systems investigated the recent cyber-heist that targeted a bank in Taiwan and linked the action to the notorious Lazarus APT group. The activity of the Lazarus APT Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. […]

Pierluigi Paganini October 18, 2017
CUTLET MAKER ATM malware offered for 5000 USD on darknet forum

Hacking ATM could be very easy thanks to the availability of the CUTLET MAKER ATM malware on an underground hacking forum. Wannabe crooks can buy an ATM malware on a Darknet market for around $5000, the discovery was made by researchers at Kaspersky Lab that noticed a forum post advertising the malicious code dubbed Cutlet Maker. […]

Pierluigi Paganini October 17, 2017
ROCA vulnerability (CVE-2017-15361) allows attackers to recover users Private RSA Keys

ROCA vulnerability (CVE-2017-15361) allows attackers to recover users Private RSA Keys, billion devices potentially impacted. While security experts are discussing the dreaded KRACK attack against WiFi networks IT giants, including Fujitsu, Google, HP, Lenovo, and Microsoft are warning their customers of a severe flaw in widely used RSA cryptographic library produced by German semiconductor manufacturer Infineon Technologies. The vulnerability, tracked […]

Pierluigi Paganini October 17, 2017
Cyberespionage group stolen Microsoft vulnerabilities DB back in 2013

Another day, another news about a clamorous data breach, this time the Reuters agency revealed that Microsoft suffered a major security breach back in 2013. According to five former employees, hackers broke into the company vulnerabilities and bug reports database, but the news was never disclosed. The former employees explained that Microsoft addressed all the […]

Pierluigi Paganini October 17, 2017
Even With The Best Email Spoofing Defences in The World, HMRC is Spoofed

Even with the most advanced email protections in place and an entire government organization to support them, the bad actors were able to spoof Her Majesty’s Revenue and Customs (HMRC) emails to spread a Java-based remote administration tool to unsuspecting UK recipients. In September 2017, Trustwave identified a scam campaign that pretended to come from HMRC. The […]

Pierluigi Paganini October 17, 2017
BlackOasis APT leverages new Flash zero-day exploit to deploy FinSpy

Security researchers from Kaspersky Labs spotted the BlackOasis APT group exploiting a new zero-day RCE vulnerability in Adobe Flash. Security researchers from Kaspersky Labs have discovered a new zero-day remote code execution vulnerability in Adobe Flash, tracked as CVE-2017-11292, which was being actively exploited by hackers in the wild to deliver the surveillance software FinSpy. Hackers belonging to the […]

Pierluigi Paganini October 16, 2017
Wifi networks are vulnerable to WPA KRACK attack

The KRACK attack allows an attacker to decrypt information included in protected WPA2 traffic. WPA2 standard has been compromised! Boffins have discovered several key management flaws in the core of Wi-Fi Protected Access II (WPA2) protocol that could be exploited by an attacker to hack into Wi-Fi network and eavesdrop on the Internet communications stealing sensitive […]

Pierluigi Paganini October 16, 2017
Pizza Hut notifies card breach while users have already reported fraudulent transactions

Pizza Hut U.S. notified customers over the weekend a “temporary security intrusion” on PizzaHut.com that exposed payment card and contact information. Pizza Hut U.S. notified customers over the weekend a “temporary security intrusion” on PizzaHut.com, the security breach might have exposed payment card and contact information. The popular restaurant chain notified users via email, according to Pizza […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

Cyber Crime / September 13, 2025

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

Malware / September 13, 2025

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

Security / September 12, 2025

Samsung fixed actively exploited zero-day

Hacking / September 12, 2025

UK train operator LNER (London North Eastern Railway) discloses a data breach

Data Breach / September 12, 2025