MUST READ

Squidbleed: 29-Year-Old Squid Bug Leaks User Credentials

 | 

WhatsApp Malware Campaign Hijacks Trust, Installs Legitimate Admin Tools

 | 

Texas Parks & Wildlife (TPWD) Data Breach impacts 3 Million People

 | 

Anthropic's Mythos AI broke into almost all NSA classified systems in hours

 | 

FortiBleed: The Most Detailed Breakdown Yet of an Active Russian Credential-Harvesting Operation

 | 

4,300+ Outdated Routers Hijacked in Stealthy Spy Infrastructure by AryStinger malware

 | 

usbliter8 Brings Unpatchable BootROM Exploit to Apple A12 and A13 Devices

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 102

 | 

Security Affairs newsletter Round 582 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Inside GentleKiller: The EDR-Killer Powering The Gentlemen

 | 

FortiBleed Exposes Global Credential-Spraying Operation

 | 

CISA Warns of Active Exploitation Following FortiBleed Leak

 | 

14,971 WordPress Sites Cleaned in Global SocGholish Takedown

 | 

U.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday

 | 

Peter Thiel 's Secret Society Leak Creates a Perfect Target List for Espionage, Influence Operations, and Blackmail

 | 

24 Billion Stolen Credentials Exposed in Massive Data Leak

 | 

Cisco fixed a critical ISE vulnerability that lets attackers to gain root access

 | 

F5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code Execution

 | 

Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development

 | 

FortiBleed Exposes Admin Passwords for 75,000 Fortinet Firewalls

 | 

GEMINI

Pierluigi Paganini June 05, 2026
Fake Context Alignment: The Attack That Made Gemini Obey Strangers Through Your Notifications

SafeBreach tricked Gemini into obeying attackers via WhatsApp notifications, using hidden foreign-language text to bypass Google’s defenses and control smart home devices. SafeBreach Labs researcher Or Yair spent months trying to break Google’s Gemini voice assistant after Google patched the vulnerabilities he found in his previous research. The new attack class he developed, named Fake […]

Pierluigi Paganini December 11, 2025
GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

Google fixed GeminiJack, a zero-click Gemini Enterprise flaw that could leak corporate data via crafted emails, invites, or documents, Noma Security says. Google addressed a Gemini Enterprise flaw dubbed GeminiJack, which can be exploited in zero-click attacks triggered via crafted emails, invites, or documents. The vulnerability could have exposed sensitive corporate data, according to Noma […]

Pierluigi Paganini December 16, 2022
Data of 5.7M Gemini users available for sale on hacking forums

Gemini crypto exchange warns users of an ongoing phishing campaign after a third-party vendor suffered a security breach. Gemini crypto exchange is warning of phishing campaigns targeting its users after a threat actor obtained their data by breaching a third-party vendor. The company pointed out that its systems were not impacted. “Some Gemini customers have […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Squidbleed: 29-Year-Old Squid Bug Leaks User Credentials

Hacking / June 23, 2026

WhatsApp Malware Campaign Hijacks Trust, Installs Legitimate Admin Tools

Malware / June 22, 2026

Texas Parks & Wildlife (TPWD) Data Breach impacts 3 Million People

Data Breach / June 22, 2026

Anthropic's Mythos AI broke into almost all NSA classified systems in hours

Artificial Intelligence / June 22, 2026

FortiBleed: The Most Detailed Breakdown Yet of an Active Russian Credential-Harvesting Operation

Hacking / June 22, 2026