MUST READ

Microsoft warns of RAT delivered through trojanized gaming utilities

 | 

Aeternum botnet hides commands in Polygon smart contracts

 | 

iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification

 | 

Juniper issues emergency patch for critical PTX router RCE

 | 

How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently

 | 

12 Million exposed .env files reveal widespread security failures

 | 

ManoMano data breach impacted 38 Million customer accounts

 | 

Trend Micro fixes two critical flaws in Apex One

 | 

UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor

 | 

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control

 | 

Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries

 | 

Untrusted repositories turn Claude code into an attack vector

 | 

ShinyHunters cyberattack on CarGurus impacts 12.4 Million users

 | 

U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog

 | 

Lazarus APT group deployed Medusa Ransomware against Middle East target

 | 

SolarWinds patches four critical Serv-U flaws enabling root access

 | 

VMware Aria Operations flaws could enable remote attacks

 | 

Arkanix Stealer: AI-assisted info-stealer shuts down after brief campaign

 | 

Operation MacroMaze: APT28 exploits webhooks for covert data exfiltration

 | 

CISA

Pierluigi Paganini February 26, 2026
U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Cisco SD-WAN flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: This week, Cisco warned of a critical Cisco SD-WAN vulnerability, tracked […]

Pierluigi Paganini February 25, 2026
U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Soliton Systems K.K FileZen flaw, tracked as CVE-2026-25108 (CVSS v4 score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. Soliton Systems K.K. FileZen is a […]

Pierluigi Paganini February 21, 2026
U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two RoundCube Webmail flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: Roundcube is a popular webmail platform and has been repeatedly targeted […]

Pierluigi Paganini February 19, 2026
U.S. CISA adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Dell RecoverPoint and GitLab flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first vulnerability added to the catalog is […]

Pierluigi Paganini February 18, 2026
U.S. CISA adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium CSS, Microsoft Windows, TeamT5 ThreatSonar Anti-Ransomware, and Zimbra flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws […]

Pierluigi Paganini February 14, 2026
U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an BeyondTrust RS and PRA vulnerability, tracked as CVE-2026-1731 (CVSS score of 9.9), to its Known Exploited Vulnerabilities (KEV) catalog. This week BeyondTrust released security updates to […]

Pierluigi Paganini February 13, 2026
U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws […]

Pierluigi Paganini February 11, 2026
U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: This week, Microsoft Patch Tuesday security […]

Pierluigi Paganini February 06, 2026
U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: Attackers are […]

Pierluigi Paganini February 03, 2026
U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: The first […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft warns of RAT delivered through trojanized gaming utilities

Uncategorized / February 28, 2026

Aeternum botnet hides commands in Polygon smart contracts

Mobile / February 27, 2026

iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification

Security / February 27, 2026

Juniper issues emergency patch for critical PTX router RCE

Security / February 27, 2026

How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently

Artificial Intelligence / February 27, 2026