MUST READ

DraftKings thwarts credential stuffing attack, but urges password reset and MFA

 | 

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

 | 

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

 | 

GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns

 | 

CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025

 | 

Discord discloses third-party breach affecting customer support data

 | 

Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers

 | 

LinkedIn sues ProAPIs for $15K/Month LinkedIn data scraping scheme

 | 

Zimbra users targeted in zero-day exploit using iCalendar attachments

 | 

Reading the ENISA Threat Landscape 2025 report

 | 

Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 65

 | 

Security Affairs newsletter Round 544 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

GreyNoise detects 500% surge in scans targeting Palo Alto Networks portals

 | 

U.S. CISA adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog

 | 

ShinyHunters Launches Data Leak Site: Trinity of Chaos Announces New Ransomware Victims

 | 

ProSpy, ToSpy malware pose as Signal and ToTok to steal data in UAE

 | 

Google warns of Cl0p extortion campaign against Oracle E-Business users

 | 

CERT-UA warns UAC-0245 targets Ukraine with CABINETRAT backdoor

 | 

Allianz Life data breach impacted 1.5 Million people

 | 

ENISA

Pierluigi Paganini October 06, 2025
Reading the ENISA Threat Landscape 2025 report

ENISA Threat Landscape 2025: Rising ransomware, AI phishing, and state-backed espionage mark a converging, persistent EU cyber threat landscape. ENISA Threat Landscape 2025 report provides a comprehensive analysis of the evolving threat landscape in Europe. The report analyzes the events that occurred between July 2024 and June 2025, including nearly 4,900 verified incidents. This year’s […]

Pierluigi Paganini September 22, 2025
EU agency ENISA says ransomware attack behind airport disruptions

The EU cybersecurity agency ENISA confirmed that airport check-in disruptions were caused by a cyberattack, and law enforcement is investigating. A cyber attack on Collins Aerospace disrupted check-in and boarding systems at major European airports, heavily impacting Heathrow, Brussels, and Berlin. The outage caused numerous flight delays and cancellations, forcing manual operations. Collins Aerospace is […]

Pierluigi Paganini December 24, 2023
Europol and ENISA spotted 443 e-stores compromised with digital skimming

A joint law enforcement operation led by Europol and the ENISA, along with private security firms, identified 443 online shops compromised with digital skimming. Europol and ENISA collaborated in a joint law enforcement operation uncovering 443 online shops affected by digital skimming. The operation is part of EMPACT priority, a law enforcement activity targeting the criminals […]

Pierluigi Paganini December 11, 2023
CISA and ENISA signed a Working Arrangement to enhance cooperation

ENISA has signed a Working Arrangement with the US CISA to enhance capacity-building, best practices exchange and awareness. The European Union Agency for Cybersecurity (ENISA) has signed a Working Arrangement with the Cybersecurity and Infrastructure Security Agency (CISA) to enhance cooperation on capacity-building, best practices exchange, and situational awareness. In the increasingly complex geopolitical environment, […]

Pierluigi Paganini December 05, 2023
ENISA published the ENISA Threat Landscape for DoS Attacks Report

ENISA published the ENISA Threat Landscape for DoS Attacks report to bring new insights to the DoS threat landscape. Denial-of-Service (DoS) attacks pose a persistent and significant security risk for organizations. Over the past few years, threat actors have increasingly had access to cost-effective and efficient means and services to carry out such kinds of […]

Pierluigi Paganini October 19, 2023
THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

I’m proud to announce the release of the 11th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report, which is the annual analysis of the state of the cybersecurity threat landscape. This is the 11th edition of the […]

Pierluigi Paganini July 06, 2023
Ransomware accounts for 54% of cyber threats in the health sector

The European Union Agency for Cybersecurity (ENISA) releases its first cyber threat landscape report for the health sector. The European Union Agency for Cybersecurity (ENISA) releases today its first cyber threat landscape report for the health sector. The report identifies prime threats, threat actors, and trends and covers a period of over 2 years. The […]

Pierluigi Paganini March 22, 2023
ENISA: Ransomware became a prominent threat against the transport sector in 2022

The European Union Agency for Cybersecurity (ENISA) published its first cyber threat landscape report for the transport sector. A new report published by the European Union Agency for Cybersecurity (ENISA) analyzes threats and incidents in the transport sector. The report covers incidents in aviation, maritime, railway, and road transport industries between January 2021 and October […]

Pierluigi Paganini February 19, 2023
ENISA and CERT-EU warns Chinese APTs targeting EU organizations

A joint report published by ENISA and CERT-EU warns of Chinese APTs targeting businesses and government organizations in the European Union. The European Union Agency for Cybersecurity (ENISA) and CERT-EU warn of multiple China-linked threat actors targeting businesses and government organizations in the EU. The joint report focus on cyber activities conducted by multiple Chinese […]

Pierluigi Paganini July 28, 2022
ENISA provides data related to major telecom security incidents in 2021

ENISA published a report that includes anonymised and aggregated information about major telecom security incidents in 2021. ENISA published a report that provides anonymized and aggregated information about major telecom security incidents in 2021. Every European telecom operator that suffers a security incident, notifies its national authorities which share a summary of these reports to […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

DraftKings thwarts credential stuffing attack, but urges password reset and MFA

Security / October 08, 2025

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

Security / October 08, 2025

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

Hacking / October 07, 2025

GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns

Hacking / October 07, 2025

CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025

Cyber Crime / October 07, 2025