MUST READ

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

 | 

SonicWall warns of actively exploited flaw in SMA 100 AMC

 | 

GNV ferry Fantastic under cyberattack probe amid remote hijack fears

 | 

Askul data breach exposed over 700,000 records after ransomware attack

 | 

Russian state hackers targeted Western critical infrastructure for years, Amazon says

 | 

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

 | 

A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations

 | 

Hackers are exploiting critical Fortinet flaws days after patch release

 | 

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

 | 

French Interior Minister says hackers breached its email servers

 | 

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

 | 

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

 | 

CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use

 | 

APT

Pierluigi Paganini October 05, 2020
Second-ever UEFI rootkit used in North Korea-themed attacks

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. Researchers from Kaspersky have spotted a UEFI malware that was involved in attacks on organizations with an interest in North Korea. The experts were investigating several suspicious UEFI firmware images when discovered four […]

Pierluigi Paganini October 04, 2020
Security Affairs newsletter Round 284

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Apple addresses four vulnerabilities in macOS Google removes 17 Joker -infected apps from the Play Store Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT Mount Locker […]

Pierluigi Paganini October 02, 2020
XDSpy APT remained undetected since at least 2011

Researchers from ESET uncovered the activity of a new APT group, tracked as XDSpy, that has been active since at least 2011. XDSpy is the name used by ESET researchers to track a nation-state actor that has been active since at least 2011. The APT group, recently discovered by ESET, targeted government and private companies […]

Pierluigi Paganini October 01, 2020
North Korea APT group targeted tens of UN Security Council officials

North Korea-linked APT group targeted UN Security Council officials over the past year, states a report from the United Nations organ. A North-Korea-linked cyber espionage group has launched spear-phishing attacks aimed at compromising tens of officials from the United Nations Security Council. The campaign targeted at least 28 UN officials, including at least 11 individuals […]

Pierluigi Paganini September 27, 2020
Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT

Microsoft removed 18 Azure Active Directory applications from its Azure portal that were created by a Chinese-linked APT group Gadolinium. Microsoft announced this week to have removed 18 Azure Active Directory applications from its Azure portal that were created by a China-linked cyber espionage group tracked as APT group Gadolinium (aka APT40, or Leviathan). The 18 […]

Pierluigi Paganini September 20, 2020
Security Affairs newsletter Round 282

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Gaming hardware manufacturer Razer suffered a data leak CIRWA Project tracks ransomware attacks on critical infrastructure Popular Marketing Tool exposes data of users of dating sites Staples discloses data breach […]

Pierluigi Paganini September 15, 2020
China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security. Chinese state-sponsored hackers have probed US government networks looking for vulnerable networking […]

Pierluigi Paganini September 11, 2020
Chinese, Iranian, and Russian APT groups target 2020 US election

Microsoft reveals that state-sponsored hackers had tried to breach email accounts belonging to people involved in the US election. Microsoft announced to have detected a new wave of attacks carried out by Chinese, Iranian, and Russian state-sponsored hackers against the US election. Threat actors had tried to compromise email accounts belonging to people associated with […]

Pierluigi Paganini August 26, 2020
DeathStalker cyber-mercenary group targets the financial sector

A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. Victim organizations are small and medium-sized businesses located in Argentina, China, Cyprus, India, Israel, […]

Pierluigi Paganini August 26, 2020
Lazarus APT targets cryptocurrency organizations with using LinkedIn lures

North Korea-linked Lazarus APT group targets cryptocurrency organizations with fake job offers in an ongoing spear-phishing campaign. North Korea-linked Lazarus APT group (aka HIDDEN COBRA) has been observed while using LinkedIn lures in a spear-phishing campaign targeting the cryptocurrency organizations worldwide, including in the United States, the United Kingdom, Germany, Singapore, the Netherlands, Japan. The activity of […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

Cyber Crime / December 19, 2025

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

Security / December 19, 2025

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

APT / December 19, 2025

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

Security / December 18, 2025

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

Cyber Crime / December 18, 2025