MUST READ

A massive breach exposed data of 17.5M Instagram users

 | 

North Korea–linked APT Kimsuky behind quishing attacks, FBI warns

 | 

Illinois Department of Human Services (IDHS) suffered a data breach that impacted 700K individuals

 | 

Trend Micro fixed a remote code execution in Apex Central

 | 

Iran cuts Internet nationwide amid deadly protest crackdown

 | 

China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware

 | 

Chinese-speaking hackers exploited ESXi zero-days long before disclosure

 | 

Astaroth banking Trojan spreads in Brazil via WhatsApp worm

 | 

U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog

 | 

China-linked groups intensify attacks on Taiwan’s critical infrastructure, NSB warns

 | 

Ni8mare flaw gives unauthenticated control of n8n instances

 | 

Misconfigured email routing enables internal-spoofed phishing

 | 

Veeam resolves CVSS 9.0 RCE flaw and other security issues

 | 

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

 | 

Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector

 | 

CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200

 | 

Google fixes critical Dolby Decoder bug in Android January update

 | 

Resecurity Went on the Cyber Offensive - When 'Shiny Objects' trick 'Shiny Hunters'

 | 

Russia-linked APT UAC-0184 uses Viber to spy on Ukrainian military in 2025

 | 

Kimwolf botnet leverages residential proxies to hijack 2M+ Android devices

 | 

information security news

Pierluigi Paganini January 18, 2024
Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

Google warns that the Russia-linked threat actor COLDRIVER expands its targeting and is developing a custom malware. The ColdRiver APT (aka “Seaborgium“, “Callisto”, “Star Blizzard”, “TA446”) is a Russian cyberespionage group that has been targeting government officials, military personnel, journalists and think tanks since at least 2015. In the past, the group’s activity involved persistent phishing […]

Pierluigi Paganini January 18, 2024
PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts

Experts found multiple flaws, collectively named PixieFail, in the network protocol stack of an open-source reference implementation of the UEFI. Quarkslab researchers discovered nine vulnerabilities, collectively tracked as e PixieFAIL, affecting the IPv6 network protocol stack of EDK II, TianoCore’s open source reference implementation of UEFI. Unified Extensible Firmware Interface (UEFI) is a specification that defines the […]

Pierluigi Paganini January 18, 2024
iShutdown lightweight method allows to discover spyware infections on iPhones

Researchers devised a “lightweight method,” called iShutdown, to determine whether Apple iOS devices have been infected with spyware. Cybersecurity researchers from Kaspersky have identified a “lightweight method,” called iShutdown, to identify the presence of spyware on Apple iOS devices. The method allow to discover stealthy and poweful surveillance software like NSO Group‘s Pegasus, Intellexa‘s Predator, QuaDream‘s Reign. The researchers focused on an […]

Pierluigi Paganini January 17, 2024
Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos

Switzerland believes that the attack claimed by pro-Russian group NoName that hit the government websites is retaliation for Zelensky’s presence at Davos. Switzerland believes that the cyberattack carried out by pro-Russia group NoName disrupted access to some government websites, following Ukrainian President Volodymyr Zelensky’s visit to Davos. “We took a look at Switzerland, where the World Economic […]

Pierluigi Paganini January 17, 2024
FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation

U.S. CISA and the FBI warned of AndroxGh0st malware used to create a botnet for victim identification and exploitation in target networks. US CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) to warn of AndroxGh0st malware. The malware is spreading to create a botnet for victim identification and exploitation in target networks. […]

Pierluigi Paganini January 16, 2024
Google fixed the first actively exploited Chrome zero-day of 2024

Google has addressed the first Chrome zero-day vulnerability of the year that is actively being exploited in the wild. Google has released security updates to address the first Chrome zero-day vulnerability of the year that is actively being exploited in the wild. The high-serverity vulnerability, tracked as CVE-2024-0519, is an out of bounds memory access […]

Pierluigi Paganini January 16, 2024
Atlassian fixed critical RCE in older Confluence versions

Atlassian warns of a critical remote code execution issue in Confluence Data Center and Confluence Server that impacts older versions. Atlassian warns of a critical remote code execution vulnerability, tracked as CVE-2023-22527 (CVSS score 10.0), in Confluence Data Center and Confluence Server that impacts older versions. The vulnerability is a template injection vulnerability that can […]

Pierluigi Paganini January 16, 2024
VMware fixed a critical flaw in Aria Automation. Patch it now!

VMware warns customers of a critical vulnerability impacting its Aria Automation multi-cloud infrastructure automation platform. VMware Aria Automation (formerly vRealize Automation) is a modern cloud automation platform that simplifies and streamlines the deployment, management, and governance of cloud infrastructure and applications. It provides a unified platform for automating tasks across multiple cloud environments, including VMware […]

Pierluigi Paganini January 16, 2024
Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Last week, software firm Ivanti reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. The flaw CVE-2023-46805 (CVSS score […]

Pierluigi Paganini January 16, 2024
Experts warn of a vulnerability affecting Bosch BCC100 Thermostat

Researchers warn of high-severity vulnerability affecting Bosch BCC100 thermostats. Researchers from Bitdefender discovered a high-severity vulnerability affecting Bosch BCC100 thermostats. The researchers discovered a vulnerability, tracked as CVE-2023-49722 (CVSS score: 8.3), that can be exploited by an attacker on the same network to replace the device firmware with a rogue version. The vulnerability was reported […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

A massive breach exposed data of 17.5M Instagram users

Data Breach / January 10, 2026

North Korea–linked APT Kimsuky behind quishing attacks, FBI warns

Intelligence / January 10, 2026

Illinois Department of Human Services (IDHS) suffered a data breach that impacted 700K individuals

Data Breach / January 10, 2026

Trend Micro fixed a remote code execution in Apex Central

Hacking / January 09, 2026

Iran cuts Internet nationwide amid deadly protest crackdown

Intelligence / January 09, 2026