MUST READ

VoidLink shows how one developer used AI to build a powerful Linux malware

 | 

PDFSIDER Malware - Exploitation of DLL Side-Loading for AV and EDR Evasion

 | 

Access broker caught: Jordanian pleads guilty to hacking 50 companies

 | 

Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems

 | 

Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions

 | 

UK NCSC warns of Russia-linked hacktivists DDoS attacks

 | 

Ransomware attack on Ingram Micro impacts 42,000 individuals

 | 

StealC malware control panel flaw leaks details on active attacker

 | 

Hacker pleads guilty to hacking Supreme Court, AmeriCorps, and VA Systems

 | 

Hacktivists hijacked Iran ’s state TV to air anti-regime messages and an appeal to protest from Reza Pahlavi

 | 

GootLoader uses malformed ZIP files to bypass security controls

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 80

 | 

Security Affairs newsletter Round 559 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Ukraine–Germany operation targets Black Basta, Russian leader wanted

 | 

China-linked APT UAT-8837 targets North American critical infrastructure

 | 

Data breach at Canada’s Investment Watchdog Canadian Investment Regulatory Organization impacts 750,000 people

 | 

China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug

 | 

Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover

 | 

A ransomware attack disrupted operations at South Korean conglomerate Kyowon

 | 

Central Maine Healthcare data breach impacted over 145,000 patients

 | 

Gogs

Pierluigi Paganini January 12, 2026
U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Gogs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Gogs path traversal vulnerability, tracked as CVE-2025-8110 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. Gogs (Go Git Service) is a lightweight, open-source, self-hosted Git service written […]

Pierluigi Paganini December 11, 2025
Critical Gogs zero-day under attack, 700 servers hacked

Hackers exploited an unpatched Gogs zero-day, allowing remote code execution and compromising around 700 Internet-facing servers. Gogs is a self-hosted Git service, similar to GitHub, GitLab, or Bitbucket, but designed to be lightweight and easy to deploy. It allows individuals or organizations to host their own Git repositories on their servers, offering features like version […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

VoidLink shows how one developer used AI to build a powerful Linux malware

Malware / January 21, 2026

PDFSIDER Malware - Exploitation of DLL Side-Loading for AV and EDR Evasion

Malware / January 20, 2026

Access broker caught: Jordanian pleads guilty to hacking 50 companies

Cyber Crime / January 20, 2026

Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems

Hacking / January 20, 2026

Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions

Cyber Crime / January 20, 2026