MUST READ

Ohio’s Union County suffers ransomware attack impacting 45,000 people

 | 

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

 | 

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

Hacking

Pierluigi Paganini September 04, 2017
Chinese cyber security law will allow China to use zero-day knowledge for its intelligence

According to the Chinese Cyber Security law, the information obtained by the CNNVD could be used in intelligence operations. The new Chinese cyber security law will allow the Government to analyze the source code and any intellectual property of foreign tech companies working in the country. The Chinese cyber security law was focused on the protection of Chinese users’ […]

Pierluigi Paganini September 03, 2017
Google removed almost 300 Android apps involved in DDoS attack

Google removed almost 300 Android apps from the official Play Store after expert at ESET reported they were abused for a DDoS attack. This week Google has removed at least 300 apps from the Official Play Store after learning that apps were being hijacked to power DDoS attacks. “We identified approximately 300 apps associated with […]

Pierluigi Paganini September 03, 2017
US Government website was hosting a JavaScript downloader delivering Cerber ransomware

Security experts discovered last week that a US government website was hosting a JavaScript downloader used to deliver the Cerber ransomware. The security researcher at NewSky Security Ankit Anubhav discovered last week that a US government website was hosting a malicious JavaScript downloader that was delivering the dreaded Cerber ransomware. #Javascript #malware using #powershell hosted […]

Pierluigi Paganini September 02, 2017
DragonOK APT is adopting new tactics, techniques and procedures

Researchers at Palo Alto Networks recently observed the DragonOK APT group adopting new tactics, techniques and procedures. China-linked cyber espionage group DragonOK is back, security experts from Palo Alto Networks have uncovered a new campaign leveraging the KHRAT remote access Trojan (RAT). The DragonOk group (also known as NetTraveler (TravNet), PlugX, Saker, Netbot, DarkStRat, and ZeroT i) was first spotted September […]

Pierluigi Paganini September 02, 2017
6 Million Celebrities Instagram High-Profiles Data available for sale on DoxaGram

Doxagram website claims to be selling the email addresses and phone numbers of 6M High-Profiles Instagram accounts ranging from POTUS to Taylor Swift. The story began with the hack of the Selena Gomez Instagram account, a hacker hijacked it and published three nude photos of Justin Bieber. A few days later, it was reported a vulnerability […]

Pierluigi Paganini September 01, 2017
A code execution flaw in LabVIEW will remain unpatched

Security researchers at Cisco Talos have discovered a code execution issue in LabVIEW software that will remain unpatched. Security researchers at Cisco Talos have discovered a code execution vulnerability in National Instruments LabVIEW system design and development platform. The LabVIEW engineering software is widely adopted for applications that require test, measurement, and control. The vulnerability tracked as CVE-2017-2779, could be […]

Pierluigi Paganini September 01, 2017
FDA recalls 465,000 pacemakers open to cyber attack

The United States Federal Drug Administration (FDA) is recalling 465,000 pacemakers that could be hacked by attackers. The Food and Drug Administration (FDA) is recalling roughly half a million pacemakers because they are vulnerable to hacking, million people in the United States urge to get their pacemakers updated. In May, researchers from security firm White […]

Pierluigi Paganini September 01, 2017
The OurMine hacker group defaced WikiLeaks website with a DNS redirect

On Thursday, the notorious Saudi Arabian OurMine hacker group has defaced the website of the Wikileaks organization, WikiLeaks.org. WikiLeaks it the last victim of the notorious OurMine hacker group, on Thursday the crew defaced the website of the organization,WikiLeaks.org. The site was defaced and visitors were redirected through a DNS poisoning attack to a page […]

Pierluigi Paganini September 01, 2017
Experts discovered easily exploitable flaws in Arris modems distributed by AT&T

Arris modems, routers, and gateways distributed by AT&T’s U-verse service are affected by easy to exploit vulnerabilities. The vulnerabilities have been reported by researchers at security consultancy Nomotion. The support interfaces are easily accessible over SSH and remote and local attackers could exploit hidden services to hack into the devices. Experts from Nomotion publicly disclosed […]

Pierluigi Paganini August 31, 2017
Hackers exploited an Instagram flaw access celebrity profile data

An Instagram flaw allowed hackers to access profile information for high-profile users, the incident was confirmed by the company. Instagram has recently suffered a possibly serious data breach with hackers gaining access to the phone numbers and email addresses for many “high-profile” users. Hackers recently accessed personal information of “high-profile” users, including phone numbers and email […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Ohio’s Union County suffers ransomware attack impacting 45,000 people

Uncategorized / September 27, 2025

ForcedLeak flaw in Salesforce Agentforce exposes CRM data via Prompt Injection

Hacking / September 27, 2025

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Malware / September 26, 2025

Hackers exploit Fortra GoAnywhere flaw before public alert

Hacking / September 26, 2025

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Hacking / September 26, 2025