MUST READ

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

Hacking

Pierluigi Paganini October 02, 2015
Experian’s data breach puts 15 million T-Mobile users at risk

Experian’s data breach puts 15 million T-Mobile users’ personal information at risk- The company already started the incident response procedure. T-Mobile has announced that data belonging to 15 million consumers may have compromised in a cyber attack that the company has suffered. The hackers targeted the Experian company which processes some of T-Mobile’s credit applications accessing customers personal data. “We have been notified […]

Pierluigi Paganini October 02, 2015
A billion Android devices vulnerable to Stagefright 2.0 bugs

A billion Android phones are vulnerable to Stagefright 2.0 flaws that could be exploited by attackers to execute malicious code on the targeted device. Do you remember the Stagefright vulnerability? In July 2015,  security experts from Zimperium discovered the Stagefright flaw in the popular Google Android OS which allows hackers to gain control of the system without raising […]

Pierluigi Paganini October 02, 2015
The mystery behind the Internet-of-Things vigilante malware

A new strain of malware identified by Symantec as the Vigilante malware, aka Wifatch, has infected tens of thousands of IoT devices across the world. Who is infecting thousands of IoT devices across the world, and why? A new strain of malware, identified by Symantec as Linux.Wifatch has infected tens of thousands of IoT devices across the […]

Pierluigi Paganini October 01, 2015
New Apple Gatekeeper bypass can allow running rouge applications

Patrick Wardle, director of research at Synack has already demonstrated another method, called Apple dylib hijacking, to bypass Apple GateKeeper. Since the introduction of the Apple Gatekeeper by MAC OSX, many researchers have focused their attention in trying to find flaws affecting it due to bypass Apple security and gain control of a device. Patrick […]

Pierluigi Paganini October 01, 2015
WinRAR zero-day open million users to hack

The security researcher Mohammad Reza Espargham a new zero-day flaw is threatening million of users of the latest version of WinRAR. Yesterday I reported the news of two critical vulnerabilities that affect the popular TrueCryptTrueCrypt application and the related risks for the users, today a new zero-day flaw is threatening million of users of the latest […]

Pierluigi Paganini October 01, 2015
US Air Force Wireless hacking in Flight

The US Air Force is using a modified  EC-130 Compass Call aircraft to demonstrate how to hack into enemy networks. Information warfare is overlapping traditional military domains, in order to conduct a fight in the air it is possible to used new hacking techniques as the US Air Force demonstrated. According to the Maj. Gen. […]

Pierluigi Paganini September 30, 2015
Does Mr. Robot’s use real Hacking Tools? Which are?

Check out the hacking tools used by Mr. Robot and see why the display of these tools is as realistic as possible. Mr. Robot has been the breakthrough of summer for series lovers, especially for those who are fans of technology and computing. One of the major advantages of Mr. Robot over other series has […]

Pierluigi Paganini September 30, 2015
Are you still using TrueCrypt? Beware of these 2 critical flaws!

The popular security expert James Forshaw has discovered two critical flaws in the driver that TrueCrypt installs on Windows systems. Bad news for Windows users who have decided to use TrueCrypt to encrypt their hard drives, the researcher James Forshaw, a member of Google’s Project Zero team, has discovered two serious vulnerabilities affecting the popular […]

Pierluigi Paganini September 29, 2015
Linux XOR DDoS Botnet delivers potent DDoS attacks

Experts at Akamai discovered the Linux XOR DDoS Botnet,  a malicious infrastructure used to run potent DDoS attacks against dozens of targets. Security researchers have discovered a Linux Botnet, dubbed XOR DDoS or Xor.DDoS botnet, that is targeting gaming and education websites with potent DDoS attacks with reached 150 gigabytes per second of malicious traffic. According […]

Pierluigi Paganini September 29, 2015
The Shopify commerce platform is open to RFD attacks

The researcher David Sopas at WebSegura discovered a Reflected Filename Download vulnerability in the popularmulti-channel commerce platform Shopify. Shopify is a multi-channel commerce platform that helps people sell online, in-store, and everywhere in between. The popular security researchers Davis Sopas at WebSegura has discovered a Reflected Filename Download vulnerability in the Shopify service. Sopas already sent a security report to Shopify explaining […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Malware / September 26, 2025

Hackers exploit Fortra GoAnywhere flaw before public alert

Hacking / September 26, 2025

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Hacking / September 26, 2025

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

Malware / September 26, 2025

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

Hacking / September 25, 2025