MUST READ

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

 | 

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

 | 

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

 | 

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

 | 

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

 | 

Paris raid on X focuses on child abuse material allegations

 | 

GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

 | 

Microsoft: Info-Stealing malware expands from Windows to macOS

 | 

U.S. CISA adds SolarWinds Web Help Desk, Sangoma FreePBX, and GitLab flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused React Native CLI flaw to deploy Rust malware before public disclosure

 | 

APT28 exploits Microsoft Office flaw in Operation Neusploit

 | 

Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom

 | 

MoltBot Skills exploited to distribute 400+ malware packages in days

 | 

Panera Bread breach affected 5.1 Million accounts, HIBP Confirms

 | 

Hackers exploit unsecured MongoDB instances to wipe data and demand ransom

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

 | 

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

 | 

Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

DOJ releases details alleged talented hacker working for Jeffrey Epstein

 | 

Cyberattacks Disrupt Communications at Wind, Solar, and Heat Facilities in Poland

 | 

DLL sideloading

Pierluigi Paganini January 20, 2026
PDFSIDER Malware – Exploitation of DLL Side-Loading for AV and EDR Evasion

Threat actors use PDFSIDER malware with social engineering and DLL sideloading to bypass AV/EDR, and ransomware gangs already abuse it. Resecurity has learned about PDFSIDER during an investigation of a network intrusion attempt that was successfully prevented by a Fortune 100 energy corporation. The threat actor contacted their staff, impersonating technical support, and used social […]

Pierluigi Paganini August 18, 2023
Bronze Starlight targets the Southeast Asian gambling sector

Experts warn of an ongoing campaign attributed to China-linked Bronze Starlight that is targeting the Southeast Asian gambling sector. SentinelOne observed China-linked APT group Bronze Starlight (aka APT10, Emperor Dragonfly or Storm-0401) targeting the gambling sector within Southeast Asia. The malware and infrastructure employed in the campaign are linked to the ones observed in Operation ChattyGoblin attributed by the […]

Pierluigi Paganini May 07, 2023
Dragon Breath APT uses double-dip DLL sideloading strategy

An APT group tracked as Dragon Breath has been observed employing a new DLL sideloading technique. Sophos researchers observed an APT group, tracked as Dragon Breath (aka APT-Q-27 and Golden Eye), that is using a new DLL sideloading technique that adds complexity and layers to the execution of the classic DLL sideloading. The attack consists of a clean […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

Uncategorized / February 05, 2026

Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics

Hacktivism / February 05, 2026

China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025

APT / February 05, 2026

CVE-2025-22225 in VMware ESXi now used in active ransomware attacks

Security / February 04, 2026

Taiwanese operator of Incognito Market sentenced to 30 years over $105M darknet drug ring

Deep Web / February 04, 2026