MUST READ

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

Hacking

Pierluigi Paganini July 29, 2017
Chinese researchers from Tencent hacked a Tesla model once again

A team of security researchers from Chinese firm Tencent has once again demonstrated how to remotely hack a Tesla Model vehicle. Security researchers from Chinese firm Tencent have once again demonstrated how to remotely hack a Tesla Model vehicle. Once the experts reported the flaws to the car makers it promptly patched them. In a […]

Pierluigi Paganini July 28, 2017
Critical Vulnerabilities discovered in Radiation Monitoring Devices (RDMs) used at Power Plants and Airports

Experts discovered flaws in widely deployed Radiation Monitoring Devices (RDMs) that could be triggered to raise false alarms and worse. This week at Black Hat in Las Vegas, researchers at information security firm IO Active, disclosed their findings on radiation monitoring devices from Ludum, Mirion, and Digi that were found to contain multiple unpatched vulnerabilities. […]

Pierluigi Paganini July 28, 2017
BLACK HAT USA – Hackers turn car washing machines in a mortal trap

BLACK HAT USA – Experts show how hackers can cause physical damage to vehicles and injure drivers by remotely hacking a connected car washing machines. What about hacking into Internet-connected car wash machines? It is a scarring scenario, hackers from anywhere in the world could transform car washing machines into death traps. In a talk at […]

Pierluigi Paganini July 27, 2017
DEF CON Talk Will Expose The Latest SMB Vulnerability SMBLoris

Security researchers at RiskSense have identified a 20-year-old Windows SMB vulnerability they are calling SMBloris, a DEF CON Talk Will Expose it. Server Message Block (SMB) has been a foundational piece of Microsoft Windows’ networking all the way back to the LAN Manager days, facilitating “shared access to files, printers and serial ports.” It is […]

Pierluigi Paganini July 27, 2017
Experts found critical flaws in Diebold Opteva ATM that allow to vend notes from the machine

Experts at the US firm IOActive have discovered a critical physical and authentication bypass vulnerability in the Diebold Opteva ATM. The researchers have found two vulnerabilities in the Diebold Opteva ATM machines with the AFD platform that could be chained to allow an unauthorized user to vend notes from the device. “IOActive has discovered two vulnerabilities in Opteva […]

Pierluigi Paganini July 26, 2017
UniCredit bank breach – Data of 400,000 loan applicants exposed due to the hack of a partner

UniCredit bank breach – Data of 400,000 loan applicants exposed due to the hack of a partner. Italian media outlets downplay the risk, is it correct? The Italian bank UniCredit admitted a series of security breaches occurred in the last year, personal data of 400,000 loan applicants have been exposed. The Italian bank confirmed that […]

Pierluigi Paganini July 26, 2017
Chinese Police dismantled the behind the Fireball adware campaign that infected more than 250 Million PCs

Chinese authorities arrested eleven members of the gang behind the Fireball adware campaign that infected more than 250 Million PCs. Chinese police have identified and arrested individuals suspected to be the operators behind the massive adware campaign that infected more than 250 Million computers across the world earlier this year. In June, researchers at security firm Check Point discovered the […]

Pierluigi Paganini July 26, 2017
New CowerSnail Windows Backdoor linked to SHELLBIND SambaCry Linux Malware

Malware researchers at Kaspersky Lab have found a new Windows Backdoor dubbed CowerSnail linked to the recently discovered SHELLBIND SambaCry Linux malware. Security experts at Kaspersky Lab have spotted a new Windows Backdoor dubbed CowerSnail linked to the recently discovered SHELLBIND SambaCry Linux malware. SHELLBIND has infected most network-attached storage (NAS) appliances, it exploits the Samba vulnerability (also known as SambaCry and EternalRed) to upload a shared […]

Pierluigi Paganini July 25, 2017
Veritaseum – Hacker Steals $8.4 Million in Ethereum, for the second time during the ICO

Veritaseum – An unknown hacker has stolen nearly $8.4 Million worth of Ethereum cryptocurrency, for the second time during the ICO. A clamorous cyber heist makes the headlines, an unknown hacker has stolen nearly $8.4 Million worth of Ethereum cryptocurrency, the hack hit Veritaseum Initial Coin Offering (ICO). This is the fourth Ethereum cyber heist this […]

Pierluigi Paganini July 25, 2017
Fruitfly macOS and OS X backdoor remained undetected for years

A new mysterious strain of macOS and OS X malware dubbed Fruitfly went undetected by malware researchers and security software for at least five years. Fruitfly is a backdoor that could be used by attackers to gain full control over the infected systems by implementing many spying features. Fruitfly has the ability to capture screenshots, keystrokes, […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Malware / September 26, 2025

Hackers exploit Fortra GoAnywhere flaw before public alert

Hacking / September 26, 2025

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Hacking / September 26, 2025

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

Malware / September 26, 2025

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

Hacking / September 25, 2025