MUST READ

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

 | 

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

 | 

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

MoltBot Skills exploited to distribute 400+ malware packages in days

 | 

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

 | 

Hackers exploit unsecured MongoDB instances to wipe data and demand ransom

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

 | 

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

 | 

Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

data breach

Pierluigi Paganini January 18, 2026
Security Affairs newsletter Round 559 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ukraine–Germany operation targets Black Basta, Russian leader wanted China-linked APT UAT-8837 targets North American critical infrastructure […]

Pierluigi Paganini January 16, 2026
Data breach at Canada’s Investment Watchdog Canadian Investment Regulatory Organization impacts 750,000 people

A data breach at Canada’s investment watchdog, Canadian Investment Regulatory Organization (CIRO), impacted about 750,000 people. The Canadian Investment Regulatory Organization (CIRO) is Canada’s national self-regulatory body overseeing investment dealers and marketplaces, protecting investors, enforcing compliance, and maintaining fair, efficient capital markets. CIRO announced that threat actors stole personal data of 750,000 people in an […]

Pierluigi Paganini January 15, 2026
A ransomware attack disrupted operations at South Korean conglomerate Kyowon

South Korean conglomerate Kyowon confirmed a ransomware attack that disrupted operations and may have exposed customer data. Kyowon Group is a major South Korean conglomerate with diverse business interests spanning education, publishing, media, and technology. It operates nationwide, serving millions of customers through its various subsidiaries and brands. The company is a significant player in […]

Pierluigi Paganini January 15, 2026
Central Maine Healthcare data breach impacted over 145,000 patients

A cyberattack on Central Maine Healthcare exposed the personal, medical, and insurance data of about 145,000 patients. Central Maine Healthcare notified patients affected by a data security incident. The organization detected unusual activity on June 1, 2025, secured its systems, and launched an investigation with the help of third-party cybersecurity experts while notifying law enforcement. […]

Pierluigi Paganini January 13, 2026
Threat actor claims the theft of full customer data from Spanish energy firm Endesa

Endesa disclosed a data breach exposing full customer data, including contact details, national ID numbers, and payment information. Spanish energy firm Endesa disclosed a data breach, threat actors stole full customer data, including contact details, national ID numbers, and payment information. “In this regard, we regret to inform you that Endesa Energía has detected a […]

Pierluigi Paganini January 11, 2026
Security Affairs newsletter Round 558 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A massive breach exposed data of 17.5M Instagram users North Korea–linked APT Kimsuky behind quishing attacks, […]

Pierluigi Paganini January 10, 2026
A massive breach exposed data of 17.5M Instagram users

A massive breach exposed data of 17.5M Instagram users, triggering mass password reset emails and fears that stolen data is already circulating online. A major data breach has exposed the personal data of about 17.5 million Instagram users, Malwarebytes Labs researchers warn. Exposed data includes usernames, physical addresses, phone numbers, and email addresses,. Since January […]

Pierluigi Paganini January 10, 2026
Illinois Department of Human Services (IDHS) suffered a data breach that impacted 700K individuals

Illinois Department of Human Services (IDHS) exposed personal and health data of nearly 700,000 residents due to incorrect privacy settings. The Illinois Department of Human Services (IDHS ) disclosed a data breach after misconfigured privacy settings exposed personal and health data of nearly 700,000 residents. On September 22, 2025, IDHS discovered that internal maps meant […]

Pierluigi Paganini January 05, 2026
Sedgwick discloses data breach after TridentLocker ransomware attack

Sedgwick confirmed a cyber incident at its federal contractor unit after TridentLocker claimed to steal 3.4GB of data. Sedgwick is a leading global claims management and risk services provider operating in the insurance and risk solutions sector. It employs roughly 33,000 people worldwide, across more than 80 countries. Estimated annual revenue is in the multi-billion […]

Pierluigi Paganini January 04, 2026
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 78

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Evasive Panda APT poisons DNS requests to deliver MgBot   Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations   EmEditor Supply Chain Incident Details Disclosed: Distribution of Information-Stealing Malware Sweeps […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Nearly 5 Million Web Servers Found Exposing Git Metadata – Study Reveals Widespread Risk of Code and Credential Leaks

Security / February 06, 2026

U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog

Security / February 06, 2026

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Uncategorized / February 05, 2026

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Hacktivism / February 05, 2026

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

APT / February 05, 2026