MUST READ

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

 | 

Cisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flaws

 | 

Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer

 | 

Iran-nexus APT Dust Specter targets Iraq officials with new malware

 | 

U.S. CISA adds Apple, Rockwell, and Hikvision  flaws to its Known Exploited Vulnerabilities catalog

 | 

Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow

 | 

Phobos Ransomware admin faces up to 20 years after guilty plea

 | 

Russian APT targets Ukraine with BadPaw and MeowMeow malware

 | 

Operation Leak: FBI and Europol dismantle LeakBase Cybercrime forum

 | 

Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1

 | 

Cisco fixes maximum-severity Secure FMC bugs threatening firewall security

 | 

Automate or orchestrate? Implementing a streamlined remediation program to shorten MTTR

 | 

LastPass warns of spoofed alerts aimed at stealing master passwords

 | 

From phishing to Google Drive C2: Silver Dragon expands APT41 playbook

 | 

U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog

 | 

Data breach at University of Hawaiʻi Cancer Center impacts 1.2 Million individuals

 | 

Facebook is experiencing a global outage

 | 

Ariomex, Iran-based crypto exchange, suffers data leak

 | 

Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked

 | 

Phishing campaign exploits OAuth redirection to bypass defenses

 | 

Brickstorm

Pierluigi Paganini February 18, 2026
China-linked APT weaponized Dell RecoverPoint zero-day since 2024

A suspected Chinese state-linked group exploited a critical Dell RecoverPoint flaw (CVE-2026-22769) in zero-day attacks starting mid-2024. Mandiant and Google’s Threat Intelligence Group (GTIG) reported that a suspected China-linked APT group quietly exploited a critical zero-day flaw in Dell RecoverPoint for Virtual Machines starting in mid-2024. “Mandiant and Google Threat Intelligence Group (GTIG) have identified […]

Pierluigi Paganini September 26, 2025
Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

China-linked actors used Brickstorm malware to spy on U.S. tech and legal firms, stealing data undetected for over a year, Google warns. Google Threat Intelligence Group (GTIG) observed the use of the Go-based backdoor BRICKSTORM to maintain persistence in U.S. organizations since March 2025. Targets include legal, Software as a Service (SaaS) providers, Business Process Outsourcers […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

APT / March 06, 2026

Cisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flaws

Security / March 06, 2026

Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer

Malware / March 06, 2026

Iran-nexus APT Dust Specter targets Iraq officials with new malware

APT / March 06, 2026

U.S. CISA adds Apple, Rockwell, and Hikvision  flaws to its Known Exploited Vulnerabilities catalog

Security / March 06, 2026