MUST READ

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

Researchers expose MalTerminal, an LLM-enabled malware pioneer

 | 

Beware: GitHub repos distributing Atomic Infostealer on macOS

 | 

search

Date range
Filters

17524 results

Pierluigi Paganini October 22, 2018
Israel Defense Forces were searching systems to spy on private social media messages

The Israel Defense Forces has bid to obtain spying systems that will allow monitoring of the private messages of social media users. Monitoring of social media platforms is a crucial activity for intelligence agencies, almost any government is working to gather intelligence for these systems. According to the Haaretz, the Israel Defense Forces has bid to […]

Pierluigi Paganini October 22, 2018
MPlayer and VLC media player affected by critical flaw CVE-2018-4013

Cisco Talos expert discovered a code execution vulnerability (CVE-2018-4013) that has been identified in Live Networks LIVE555 streaming media RTSPServer. Lilith Wyatt, a security researcher at Cisco Talos, has discovered a critical remote code execution vulnerability  (CVE-2018-4013) in the LIVE555 media streaming library that is used by popular media players, including VLC and MPlayer. LIVE555 […]

Pierluigi Paganini October 21, 2018
DarkPulsar and other NSA hacking tools used in hacking operations in the wild

Attackers are targeting high-value servers using a three of hacking tools from NSA arsenal, including DarkPulsar, that were leaked by the Shadow Brokers hacker group. The hackers used the powerful cyber weapons to compromise systems used in aerospace, nuclear energy, R&D, and other industries. According to experts from Kaspersky Lab, threat actors leverage NSA tools DarkPulsar, DanderSpritz and Fuzzbunch […]

Pierluigi Paganini October 21, 2018
Hackers breached into system that interacts with HealthCare.gov

Centers for Medicare and Medicaid Services announced hackers breached into a computer system that interacts with HealthCare.gov. Hackers breached into a computer system that interacts with HealthCare.gov, according to Centers for Medicare and Medicaid Services, attackers accessed to the sensitive personal data of some 75,000 people. After experts discovered the intrusion, the system was shut down and […]

Pierluigi Paganini October 21, 2018
Security Affairs newsletter Round 185 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·      Ex-NASA contractor pleaded guilty for cyberstalking crimes […]

Pierluigi Paganini October 20, 2018
Syrian victims of the GandCrab ransomware can decrypt their files for free

The developers of the GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. The authors of the infamous GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. The crooks decided to release the decryption keys after a Syrian Twitter user published a harrowing message asking […]

Pierluigi Paganini October 20, 2018
Thousands of applications affected by a zero-day issue in jQuery File Upload plugin

A security researcher discovered a zero-day vulnerability, tracked as CVE-2018-9206, that affects older versions of the jQuery File Upload plugin since 2010. Attackers can exploit the vulnerability to carry out several malicious activities, including defacement, exfiltration, and malware infection. The flaw was reported by the Akamai researcher Larry Cashdollar, he explained that many other packages that include […]

Pierluigi Paganini October 19, 2018
Drupal dev team fixed Remote Code Execution flaws in the popular CMS

The Drupal development team has patched several vulnerabilities in version 7 and 8 of the popular CMS, including RCE flaws. The development team of the Drupal content management system addressed several vulnerabilities in version 7 and 8, including some flaws that could be exploited for remote code execution. Drupal team fixed a critical vulnerability that resides in […]

Pierluigi Paganini October 19, 2018
Splunk addressed several vulnerabilities in Enterprise and Light products

Splunk recently addressed several vulnerabilities in Enterprise and Light products, some of them have been rated “high severity.” Splunk Enterprise solution allows organizations to aggregate, search, analyze, and visualize data from various sources that are critical to business operations. The Splunk Light is a comprehensive solution for small IT environments that automates log analysis and integrate […]

Pierluigi Paganini October 19, 2018
Attackers behind Operation Oceansalt reuse code from Chinese Comment Crew

Security researchers from McAfee have recently uncovered a cyber espionage campaign, tracked as Operation Oceansalt, targeting South Korea, the United States, and Canada. The threat actors behind Operation Oceansalt are reusing malware previously associated with China-linked cyberespionage group APT1. “McAfee Advanced Threat Research and Anti-Malware Operations teams have discovered another unknown data reconnaissance implant targeting Korean-speaking users.” reads the report. “We […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Hacking / September 26, 2025

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

Malware / September 26, 2025

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

Hacking / September 25, 2025

Operation HAECHI VI seized $439M from global cybercrime rings

Cyber Crime / September 25, 2025

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

Data Breach / September 25, 2025