MUST READ

Google fixes the fifth actively exploited Chrome zero-day of 2026

 | 

U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog

 | 

CVE-2026-23111: Linux nf_tables Flaw Enables Root Exploits

 | 

Meta Accuses NSO of Violating WhatsApp Court Injunction

 | 

Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access

 | 

UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms

 | 

Meta AI Recovery Tool Flaw Exposed 20,000+ Instagram Accounts

 | 

IoT Botnet C0XMO Adds Competitor-Killing Capability

 | 

DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 100

 | 

Security Affairs newsletter Round 580 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog

 | 

Report: Anthropic Deploys Engineers to Support NSA Use of Mythos

 | 

Claude Opus Found a Four-Year-Old Hole in Zcash's Privacy Layer. Nobody Knows If Someone Already Used It.

 | 

Silent Ransom Group (SRG): Switching To DNS Fast Flux Infrastructure

 | 

Cisco SD-WAN Has a New Root-Level Problem, and There's No Fix Yet

 | 

PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network

 | 

Fake Context Alignment: The Attack That Made Gemini Obey Strangers Through Your Notifications

 | 

U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges

 | 

CISA

Pierluigi Paganini June 09, 2026
U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities (KEV) catalog. The two flaws added to the catalog are: The CVE-2026-42271 […]

Pierluigi Paganini June 06, 2026
U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Serv-U flaw, tracked as CVE-2026-28318 (CVSS ver 3.1 score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. SolarWinds Serv-U is a managed file transfer (MFT) and secure file […]

Pierluigi Paganini June 04, 2026
U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Mirasvit Full Page Cache Warmer flaw, tracked as CVE-2026-45247 (CVSS ver 4.0 score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2026-45247 flaw is a […]

Pierluigi Paganini June 03, 2026
U.S. CISA adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first flaw added to the catalog, tracked […]

Pierluigi Paganini June 02, 2026
U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2024-21182 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2024-21182 flaw is an easily exploitable vulnerability affecting Oracle WebLogic […]

Pierluigi Paganini June 01, 2026
U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2026-0257 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May […]

Pierluigi Paganini May 28, 2026
U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first flaw, tracked as CVE-2026-8398, […]

Pierluigi Paganini May 22, 2026
U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Trend Micro Apex One and Langflow flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2025-34291 (CVSS score of 9.4) is […]

Pierluigi Paganini May 21, 2026
U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2008-4250 (CVSS v3.1 score of 9.8) is a […]

Pierluigi Paganini May 16, 2026
U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Exchange Server, tracked as CVE-2026-42897 (CVSS score of 8.1), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft warned that threat actors are […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Google fixes the fifth actively exploited Chrome zero-day of 2026

Hacking / June 09, 2026

U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog

Security / June 09, 2026

CVE-2026-23111: Linux nf_tables Flaw Enables Root Exploits

Hacking / June 09, 2026

Meta Accuses NSO of Violating WhatsApp Court Injunction

Security / June 08, 2026

Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access

Security / June 08, 2026