MUST READ

Security Affairs newsletter Round 560 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Osiris ransomware emerges, leveraging BYOVD technique to kill security tools

 | 

U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog

 | 

11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)

 | 

Fortinet warns of active FortiCloud SSO bypass affecting updated devices

 | 

U.S. CISA adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

 | 

Investigation underway after 72M Under Armour records surface online

 | 

Machine learning–powered Android Trojans bypass script-based Ad Click detection

 | 

Critical SmarterMail vulnerability under attack, no CVE yet

 | 

Arctic Wolf detects surge in automated Fortinet FortiGate firewall configuration attacks

 | 

U.S. CISA adds a flaw in Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog

 | 

Zoom fixed critical Node Multimedia Routers flaw

 | 

ACME flaw in Cloudflare allowed attackers to reach origin servers

 | 

Crooks impersonate LastPass in campaign to harvest master passwords

 | 

VoidLink shows how one developer used AI to build a powerful Linux malware

 | 

PDFSIDER Malware - Exploitation of DLL Side-Loading for AV and EDR Evasion

 | 

Access broker caught: Jordanian pleads guilty to hacking 50 companies

 | 

Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems

 | 

Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions

 | 

UK NCSC warns of Russia-linked hacktivists DDoS attacks

 | 

data breach

Pierluigi Paganini January 25, 2026
Security Affairs newsletter Round 560 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Osiris ransomware emerges, leveraging BYOVD technique to kill security tools U.S. CISA adds a flaw in […]

Pierluigi Paganini January 23, 2026
Investigation underway after 72M Under Armour records surface online

Under Armour is investigating a data breach after 72M customer records were posted online by a cybercriminal. Under Armour is an American company that designs, manufactures, and sells sportswear, athletic shoes, and fitness-related accessories. TechCrunch reported that Under Armour is investigating a data breach after 72M customer records were posted online. The stolen data, linked […]

Pierluigi Paganini January 19, 2026
Ransomware attack on Ingram Micro impacts 42,000 individuals

Ingram Micro says a ransomware attack exposed personal data of about 42,000 people, including names, birth dates, SSNs, and job-related details. Ingram Micro is a global technology distributor and supply-chain services company. It acts as a middleman between IT vendors (like Microsoft, Cisco, HP, Apple, and cybersecurity firms) and businesses, resellers, and service providers, helping […]

Pierluigi Paganini January 18, 2026
Security Affairs newsletter Round 559 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ukraine–Germany operation targets Black Basta, Russian leader wanted China-linked APT UAT-8837 targets North American critical infrastructure […]

Pierluigi Paganini January 16, 2026
Data breach at Canada’s Investment Watchdog Canadian Investment Regulatory Organization impacts 750,000 people

A data breach at Canada’s investment watchdog, Canadian Investment Regulatory Organization (CIRO), impacted about 750,000 people. The Canadian Investment Regulatory Organization (CIRO) is Canada’s national self-regulatory body overseeing investment dealers and marketplaces, protecting investors, enforcing compliance, and maintaining fair, efficient capital markets. CIRO announced that threat actors stole personal data of 750,000 people in an […]

Pierluigi Paganini January 15, 2026
A ransomware attack disrupted operations at South Korean conglomerate Kyowon

South Korean conglomerate Kyowon confirmed a ransomware attack that disrupted operations and may have exposed customer data. Kyowon Group is a major South Korean conglomerate with diverse business interests spanning education, publishing, media, and technology. It operates nationwide, serving millions of customers through its various subsidiaries and brands. The company is a significant player in […]

Pierluigi Paganini January 15, 2026
Central Maine Healthcare data breach impacted over 145,000 patients

A cyberattack on Central Maine Healthcare exposed the personal, medical, and insurance data of about 145,000 patients. Central Maine Healthcare notified patients affected by a data security incident. The organization detected unusual activity on June 1, 2025, secured its systems, and launched an investigation with the help of third-party cybersecurity experts while notifying law enforcement. […]

Pierluigi Paganini January 13, 2026
Threat actor claims the theft of full customer data from Spanish energy firm Endesa

Endesa disclosed a data breach exposing full customer data, including contact details, national ID numbers, and payment information. Spanish energy firm Endesa disclosed a data breach, threat actors stole full customer data, including contact details, national ID numbers, and payment information. “In this regard, we regret to inform you that Endesa Energía has detected a […]

Pierluigi Paganini January 11, 2026
Security Affairs newsletter Round 558 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A massive breach exposed data of 17.5M Instagram users North Korea–linked APT Kimsuky behind quishing attacks, […]

Pierluigi Paganini January 10, 2026
A massive breach exposed data of 17.5M Instagram users

A massive breach exposed data of 17.5M Instagram users, triggering mass password reset emails and fears that stolen data is already circulating online. A major data breach has exposed the personal data of about 17.5 million Instagram users, Malwarebytes Labs researchers warn. Exposed data includes usernames, physical addresses, phone numbers, and email addresses,. Since January […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Security Affairs newsletter Round 560 by Pierluigi Paganini – INTERNATIONAL EDITION

Breaking News / January 25, 2026

Osiris ransomware emerges, leveraging BYOVD technique to kill security tools

Security / January 24, 2026

U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog

Security / January 24, 2026

11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)

Security / January 24, 2026

Fortinet warns of active FortiCloud SSO bypass affecting updated devices

Security / January 23, 2026