MUST READ

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

MoltBot Skills exploited to distribute 400+ malware packages in days

 | 

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

 | 

Hackers exploit unsecured MongoDB instances to wipe data and demand ransom

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

 | 

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

 | 

Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Cybercrime

Pierluigi Paganini July 23, 2023
Security Affairs newsletter Round 429 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Multiple DDoS botnets were observed targeting Zyxel devices CISA warns of attacks against Citrix NetScaler ADC […]

Pierluigi Paganini July 20, 2023
Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. The APT41 group, aka Winnti, Axiom, Barium, Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. Researchers at cybersecurity firm […]

Pierluigi Paganini July 20, 2023
ALPHV/BlackCat and Clop gangs claim to have hacked cosmetics giant Estée Lauder

The American cosmetics giant company Estée Lauder was hacked by two distinct ransomware groups, the ALPHV/BlackCat and Clop gangs. Yesterday the cybersecurity expert @sonoclaudio first alerted me about a strange circumstance, two ransomware actors, ALPHV/BlackCat and Clop, claim to have hacked the cosmetics giant company Estée Lauder and added the company to their Tor leak […]

Pierluigi Paganini July 20, 2023
P2PInfect, a Rusty P2P worm targets Redis Servers on Linux and Windows systems

Cybersecurity researchers discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers. Palo Alto Networks Unit 42 researchers have discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers running on both Linux and Windows systems. The capability to target Redis servers running on both Linux and Windows operating systems makes P2PInfect more scalable and […]

Pierluigi Paganini July 18, 2023
FIN8 Group spotted delivering the BlackCat Ransomware

The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group FIN8 (aka Syssphinx) was spotted using a revamped version of a backdoor tracked as Sardonic to deliver the BlackCat ransomware (aka Noberus ransomware). Sardonic is a sophisticated backdoor that supports a wide range of features that was designed […]

Pierluigi Paganini July 18, 2023
Hacking campaign targets sites using WordPress WooCommerce Payments Plugin

Threat actors are actively exploiting a critical flaw, tracked as CVE-2023-28121, in the WooCommerce Payments WordPress plugin. Threat actors are actively exploiting a recently disclosed critical vulnerability, tracked as CVE-2023-28121 (CVSS score: 9.8), in the WooCommerce Payments WordPress plugin. The flaw is an authentication bypass issue that can be exploited by an unauthenticated attacker to impersonate arbitrary […]

Pierluigi Paganini July 17, 2023
Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

The admins of the darkweb Genesis Market announced the sale of their platform to a threat actor that will restart operations next month. In April, the FBI seized the Genesis Market, a black marketplace for stolen credentials that was launched in 2017. Genesis Market was an invite-only marketplace, but it was not complex to find invite […]

Pierluigi Paganini July 17, 2023
Pompompurin, the BreachForums owner, pleads guilty to hacking charges and possession of child pornography

The owner of the BreachForums Conor Brian Fitzpatrick, aka Pompompurin, pleads guilty to hacking charges. The owner of the BreachForums Conor Brian Fitzpatrick agrees to plead guilty to a three-count criminal information charging the defendant with conspiracy to commit access device fraud, solicitation for the purpose of offering access devices, and possession of child pornography. […]

Pierluigi Paganini July 16, 2023
WormGPT, the generative AI tool to launch sophisticated BEC attacks

The WormGPT case: How Generative artificial intelligence (AI) can improve the capabilities of cybercriminals and allows them to launch sophisticated attacks. Researchers from SlashNext warn of the dangers related to a new generative AI cybercrime tool dubbed WormGPT. Since chatbots like ChatGPT made the headlines, cybersecurity experts warned of potential abuses of Generative artificial intelligence (AI) […]

Pierluigi Paganini July 15, 2023
Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

Security / February 06, 2026

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

Security / February 06, 2026

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Uncategorized / February 05, 2026

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Hacktivism / February 05, 2026

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

APT / February 05, 2026