MUST READ

Phishing campaign exploits OAuth redirection to bypass defenses

 | 

Android devices hit by exploited Qualcomm flaw CVE-2026-21385

 | 

Chrome security flaw enabled spying via Gemini Live assistant

 | 

Middle east crisis prompts UK NCSC warning on potential Iranian cyber activity

 | 

Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch

 | 

APT37 combines cloud storage and USB implants to infiltrate air-gapped systems

 | 

Europol’s Project Compass nets 30 arrests in crackdown on “The Com”

 | 

ClawJacked flaw exposed OpenClaw users to data theft

 | 

Ukrainian hacker pleads guilty to running OnlyFake AI ID scam site

 | 

ShinyHunters leaked the full Odido dataset

 | 

Claude code abused to steal 150GB in cyberattack on Mexican agencies

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 86

 | 

CVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instances

 | 

Security Affairs newsletter Round 565 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Canadian Tire 2025 data breach impacts 38 million users

 | 

Microsoft warns of RAT delivered through trojanized gaming utilities

 | 

Aeternum botnet hides commands in Polygon smart contracts

 | 

iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification

 | 

Juniper issues emergency patch for critical PTX router RCE

 | 

How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently

 | 

CVE-2026-21385

Pierluigi Paganini March 03, 2026
Android devices hit by exploited Qualcomm flaw CVE-2026-21385

Google confirms that the Qualcomm Android vulnerability CVE-2026-21385 was exploited in real-world attacks. Google has confirmed that CVE-2026-21385 (CVSS score of 7.8), a high-severity vulnerability affecting an open-source Qualcomm component used in Android devices, has been actively exploited. “There are indications that CVE-2026-21385 may be under limited, targeted exploitation.” reads Google’s advisory. The flaw is […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Phishing campaign exploits OAuth redirection to bypass defenses

Hacking / March 03, 2026

Android devices hit by exploited Qualcomm flaw CVE-2026-21385

Security / March 03, 2026

Chrome security flaw enabled spying via Gemini Live assistant

Security / March 03, 2026

Middle east crisis prompts UK NCSC warning on potential Iranian cyber activity

APT / March 02, 2026

Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch

Security / March 02, 2026