MUST READ

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

 | 

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

 | 

SonicWall warns of actively exploited flaw in SMA 100 AMC

 | 

GNV ferry Fantastic under cyberattack probe amid remote hijack fears

 | 

Askul data breach exposed over 700,000 records after ransomware attack

 | 

Russian state hackers targeted Western critical infrastructure for years, Amazon says

 | 

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

 | 

A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations

 | 

Hackers are exploiting critical Fortinet flaws days after patch release

 | 

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

 | 

French Interior Minister says hackers breached its email servers

 | 

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

 | 

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

 | 

APT

Pierluigi Paganini August 01, 2021
GhostEmperor, a new Chinese-speaking threat actor targets Southeast Asia

Kaspersky experts spotted a previously undocumented Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange flaws in attacks on high-profile victims. Kaspersky spotted a new Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange vulnerabilities in attacks aimed at high-profile victims. The long-running operation carried out by the group mostly targeted […]

Pierluigi Paganini June 26, 2021
Microsoft: Russia-linked SolarWinds hackers breached three new entities

Microsoft discovered that Russia-linked SolarWinds hackers, tracked as Nobelium, have breached the network of three new organizations. Microsoft revealed on Friday that Russia-linked SolarWinds hackers, tracked as Nobelium or APT29, have conducted new cyber attacks against other organizations. Threat actors carried out brute-force and password spraying attacks in an attempt to gain access to Microsoft customer accounts. […]

Pierluigi Paganini June 20, 2021
Security Affairs newsletter Round 319

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. APWG: Phishing maintained near-record levels in the first quarter of 2021 BackdoorDiplomacy APT targets diplomats from Africa and […]

Pierluigi Paganini June 19, 2021
North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

North Korea-linked APT group Kimsuky allegedly breached South Korea’s atomic research agency KAERI by exploiting a VPN vulnerability. South Korean representatives declared on Friday that North Korea-linked APT group Kimsuky is believed to have breached the internal network of the South Korean Atomic Energy Research Institute (KAERI). The Korea Atomic Energy Research Institute (KAERI) in Daejeon, South Korea […]

Pierluigi Paganini June 17, 2021
Ferocious Kitten APT targets Telegram and Psiphon VPN users in Iran

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. Researchers from Kaspersky reported that Iran-linked threat actors, tracked as Ferocious Kitten, used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on […]

Pierluigi Paganini June 13, 2021
BackdoorDiplomacy APT targets diplomats from Africa and the Middle East

ESET researchers discovered an advanced persistent threat (APT) group, tracked as BackdoorDiplomacy, that is targeting diplomats across Africa and the Middle East.  ESET researchers spotted a new state-sponsored group, dubbed BackdoorDiplomacy, that was behind a series of cyberattacks against Ministries of Foreign Affairs aimed at numerous African countries, the Middle East, Europe, and Asia. The group […]

Pierluigi Paganini May 28, 2021
China-linked APT groups targets orgs via Pulse Secure VPN devices

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information. FireEye monitored the activities of two […]

Pierluigi Paganini May 27, 2021
APT hacked a US municipal government via an unpatched Fortinet VPN

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN. “The FBI is […]

Pierluigi Paganini May 04, 2021
Project Signal: a second Iranian State-Sponsored Ransomware Operation

Iran-linked ATP group carried out a ransomware operation through a contracting company based in the country, Flashpoint researchers warn. Researchers from Flashpoint have uncovered a state-sponsored ransomware campaign conducted by Iran’s Islamic Revolutionary Guard Corps (IRGC) through an Iranian contracting company called “Emen Net Pasargard” (ENP) (aka “Imannet Pasargad,” “Iliant Gostar Iranian,” “Eeleyanet Gostar Iraniyan”). […]

Pierluigi Paganini April 28, 2021
Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years. The Naikon APT group is a China-linked cyber espionage group that has been active at least since 2010 and that remained under the radar since 2015 while targeting entities in Asia-Pacific (APAC) region.  Organizations targeted by the […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

Hacking / December 20, 2025

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

Cyber Crime / December 19, 2025

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

Security / December 19, 2025

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

APT / December 19, 2025

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

Security / December 18, 2025