MUST READ

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

Hacking Team

Pierluigi Paganini May 20, 2016
Phineas Fisher hacked a bank to support anti-capitalists in the Rojava region

Phineas Fisher, the notorious Hacking Team hacker, stole $10,000 from a bank and donated the equivalent in Bitcoin to Kurdish anticapitalists in Rojava. Phineas Fisher (@GammaGroupPR), revealed on Reddit that he breached a bank and turned the stolen money to a Kurdish anti-capitalists that operate in the Rojava autonomous region. The region in located in the north of the […]

Pierluigi Paganini April 26, 2016
Dogspectus ransomware campaign relies on Leaked Hacking Team Exploits and Towelroot

Blue Coat spotted a new ransomware-based campaign serving the Dogspectus malware. Crooks combined a Hacking Team exploit and the Towelroot exploit. Security experts at Blue Coat have spotted a new campaign spreading an Android Ransomware dubbed Dogspectus. The malicious code hijacks mobile advertisements to scam gift cards, it locks the device in a state that allows only […]

Pierluigi Paganini April 07, 2016
Italian Government revoked Hacking Team ’s global export license

The government authority who oversees the export of “dual use” technologies revoked the Hacking Team ’s global export license. On July 2015, the Italian surveillance company Hacking Team suffered one of the worst data breaches in the history.  Unknown attackers have exfiltrated some 400Gbs of data, including internal emails, exploit source code and invoices. A few months […]

Pierluigi Paganini January 14, 2016
Silverlight exploit discovered by analyzing Hacking Team leaked emails

Microsoft patched a Silverlight zero-day discovered by analyzing internal emails stolen to Hacking Team about Silverlight exploit. Microsoft recently fixed a number of vulnerabilities with the MS16-006 critical bulletin, including a Silverlight flaw CVE-2016-0034 that could be exploited for remote code execution. The Silverlight flaw discovered by the experts at Kaspersky Lab as a result of an investigation on the Hacking Team arsenal disclosed in […]

Pierluigi Paganini October 31, 2015
The surveillance firm Hacking Team is back stronger than before

Motherboard has obtained a non-public email sent by the Hacking Team CEO to its customers that announce a new generation of hacking tools. Hacking Team is the popular surveillance company that suffered a serious data breach this year. More than 400 GB of its sensitive data were exfiltrated from the Italian company, including internal emails, zero-day exploits, surveillance […]

Pierluigi Paganini August 22, 2015
Thousands of WordPress sites host Neutrino Exploit Kit

Experts from security company Zscaler have uncovered a malware campaign which relies on thousands of hijacked WordPress sites hosting the Neutrino Exploit Kit. According to the experts at the Zscaler security firm, cybercriminals have compromised more than 2,600 WordPress websites over the past month and deployed malicious iframes on 4,200 distinct pages. The criminals exploited […]

Pierluigi Paganini August 21, 2015
Blue Termite APT group focuses on Japanese organizations

Security experts at Kaspersky Lab have analyzed the cyber attacks run by the Blue Termite APT, a hacking crew group focused on Japanese organizations. According to the experts at Kaspersky security firm, an ATP group dubbed Blue Termite has been active since at least November 2013 focusing its attacks on Japanese organizations. The Blue Termite APT […]

Pierluigi Paganini August 07, 2015
Hacking Team compromised non-jailbroken iOS devices

Security experts from FireEye demonstrated that Hacking Team leveraged iOS vulnerability to install fake messaging apps implementing a Masque Attack. Another news related with the leak of the Hacking Team‘s hack, this time it was discovered that Hacking Team was capable of compromising IOS devices, even if they weren’t jailbroken. To accomplish this, Hacking Team […]

Pierluigi Paganini July 24, 2015
Exploit acquisition program terminated by Netragard

Netragard has shut down its exploit acquisition program, as a result of the clamorous data breach that the Italian firm HackingTeam has suffered. In this article we will go through an issue with a company that buys and sells exploits (Netragard) and the steps it was forced to take since one of their clients was […]

Pierluigi Paganini July 21, 2015
Microsoft released out-of-band patch following Hacking Team hack

According to the security experts at FireEye, Microsoft releases out-of-band patch for all Windows version after Hacking Team hack. Microsoft released an out-of-band patch to fix a critical security issue in the Windows Adobe Type Manager Library that could be exploited by attackers to execute arbitrary code remotely on the targeted machine. The exploitation of […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Malware / September 26, 2025

Hackers exploit Fortra GoAnywhere flaw before public alert

Hacking / September 26, 2025

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Hacking / September 26, 2025

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

Malware / September 26, 2025

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

Hacking / September 25, 2025