MUST READ

Data breach at Canada’s Investment Watchdog Canadian Investment Regulatory Organization impacts 750,000 people

 | 

China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug

 | 

Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover

 | 

A ransomware attack disrupted operations at South Korean conglomerate Kyowon

 | 

Central Maine Healthcare data breach impacted over 145,000 patients

 | 

Palo Alto Networks addressed a GlobalProtect flaw, PoC exists

 | 

Lumen disrupts AISURU and Kimwolf botnet by blocking over 550 C2 servers

 | 

China bans U.S. and Israeli cybersecurity software over security concerns

 | 

CERT-UA reports PLUGGYAPE cyberattacks on defense forces

 | 

Fortinet fixed two critical flaws in FortiFone and FortiSIEM

 | 

U.S. CISA adds a flaw in Microsoft Windows to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for January 2026 fixed actively exploited zero-day

 | 

AZ Monica hospital in Belgium shuts down servers after cyberattack

 | 

Threat actor claims the theft of full customer data from Spanish energy firm Endesa

 | 

Dutch court convicts hacker who exploited port networks for drug trafficking

 | 

U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog

 | 

Meta fixes Instagram password reset flaw, denies data breach

 | 

Europol and Spanish Police arrest 34 in crackdown on Black Axe criminal network

 | 

Credential-harvesting attacks by APT28 hit Turkish, European, and Central Asian organizations

 | 

The ideals of Aaron Swartz in an age of control

 | 

information security news

Pierluigi Paganini August 18, 2024
Large-scale extortion campaign targets publicly accessible environment variable files (.env)

A large-scale extortion campaign compromised multiple organizations by exploiting publicly accessible environment variable files (.env). Palo Alto Unit 42 researchers uncovered a large-scale extortion campaign that successfully compromised and extorted multiple victim organizations by leveraging exposed environment variable files (.env files). The exposed files contained sensitive variables such as credentials belonging to various applications. This extortion […]

Pierluigi Paganini August 17, 2024
OpenAI dismantled an Iranian influence operation targeting the U.S. presidential election

OpenAI announced it had dismantled an Iranian influence operation that was producing content related to the U.S. Presidential election. OpenAI has dismantled an Iran-linked influence operation, tracked as identified as Storm-2035, that was generating content about the U.S. presidential election. The company blocked a cluster of ChatGPT accounts that were used to create AI-generated articles and […]

Pierluigi Paganini August 17, 2024
National Public Data confirms a data breach

Background check service National Public Data confirms a data breach that exploded millions of social security numbers and other sensitive information.  Background check service National Public Data confirms that a threat actor has breached its systems and had access to millions of social security numbers and other sensitive personal information.  According to a statement published […]

Pierluigi Paganini August 17, 2024
ValleyRAT malware is targeting Chinese-speaking users

FortiGuard Labs researchers uncovered an ongoing ValleyRAT malware campaign that is targeting Chinese-speaking users. ValleyRAT is a multi-stage malware that supports multiple techniques to monitor and control compromised devices. The malicious code is also used to deploy arbitrary plugins on the infected systems. A noteworthy characteristic of ValleyRAT malware is the heavy usage of shellcode […]

Pierluigi Paganini August 16, 2024
CISA adds SolarWinds Web Help Desk bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a SolarWinds Web Help Desk bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Web Help Desk deserialization of untrusted data vulnerability, tracked as CVE-2024-28986 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. This week SolarWinds fixed the […]

Pierluigi Paganini August 16, 2024
Russian national sentenced to 40 months for selling stolen data on the dark web

A Russian national was sentenced to over three years in prison for selling stolen information and credentials on a dark web marketplace. The 27-year-old Russian national Georgy Kavzharadze (also known as “George,” “TeRorPP,” “Torqovec,” and “PlutuSS”) has been sentenced to over three years in prison for selling financial information, login credentials, and other personal data on […]

Pierluigi Paganini August 16, 2024
Banshee Stealer, a new macOS malware with a monthly subscription price of $3,000

Russian cybercriminals are advertising a new macOS malware called Banshee Stealer with a monthly subscription price of $3,000. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claim it can steal a broad range of data from compromised systems, including browser […]

Pierluigi Paganini August 15, 2024
A group linked to RansomHub operation employs EDR-killing tool EDRKillShifter

A cybercrime group linked to the RansomHub ransomware was spotted using a new tool designed to kill EDR software. Sophos reports that a cybercrime group, likely linked to the RansomHub ransomware operation, has been observed using a new EDR-killing utility that can terminate endpoint detection and response software on compromised systems. The researchers called the […]

Pierluigi Paganini August 15, 2024
Google disrupted hacking campaigns carried out by Iran-linked APT42

Google disrupted a hacking campaign carried out by the Iran-linked APT group APT42 targeting the US presidential election. Google announced that it disrupted a hacking campaign carried out by Iran-linked group APT42 (Calanque, UNC788) that targeted the personal email accounts of individuals associated with the US elections. APT42 focuses on highly targeted spear-phishing and social […]

Pierluigi Paganini August 15, 2024
Black Basta ransomware gang linked to a SystemBC malware campaign

Experts linked an ongoing social engineering campaign, aimed at deploying the malware SystemBC, to the Black Basta ransomware group. Rapid7 researchers uncovered a new social engineering campaign distributing the SystemBC dropper to the Black Basta ransomware operation. On June 20, 2024, Rapid7 researchers detected multiple attacks consistent with an ongoing social engineering campaign being tracked […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Data breach at Canada’s Investment Watchdog Canadian Investment Regulatory Organization impacts 750,000 people

Data Breach / January 16, 2026

China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug

APT / January 16, 2026

Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover

Security / January 16, 2026

A ransomware attack disrupted operations at South Korean conglomerate Kyowon

Data Breach / January 15, 2026

Central Maine Healthcare data breach impacted over 145,000 patients

Uncategorized / January 15, 2026