IT Information Security

Pierluigi Paganini June 21, 2026
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 102

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter OptinMonster supply chain attack hits 1.2 million sites   Public and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Research    Rokarolla : Android Banker with Complete Device […]

Pierluigi Paganini June 21, 2026
Security Affairs newsletter Round 582 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Inside GentleKiller: The EDR-Killer Powering The Gentlemen FortiBleed Exposes Global Credential-Spraying Operation CISA Warns of Active […]

Pierluigi Paganini June 20, 2026
Inside GentleKiller: The EDR-Killer Powering The Gentlemen

The Gentlemen equips affiliates with a centralized EDR-killer suite, rapidly weaponizing BYOVD exploits to disable security tools before ransomware attacks. ESET published a detailed breakdown of The Gentlemen‘s technical infrastructure on June 18, the result of months of incident-level investigation corroborated by the group’s own internal data leak from May 2026. Since emerging in late […]

Pierluigi Paganini June 20, 2026
FortiBleed Exposes Global Credential-Spraying Operation

FortiBleed exposed a massive campaign that made billions of login attempts against Fortinet VPNs, compromising organizations worldwide. FortiBleed wasn’t a targeted hack. It was a factory. A multi-operator crew ran an industrial-scale attack against Fortinet FortiGate SSL VPN devices worldwide, and security researcher Volodymyr “Bob” Diachenko of SecurityDiscovery.com caught them only because they left their […]

Pierluigi Paganini June 20, 2026
CISA Warns of Active Exploitation Following FortiBleed Leak

FortiBleed exposed credentials for 74,000 Fortinet devices, with attackers actively exploiting the leak to target systems worldwide. On June 18, CISA issued an emergency alert after reports surfaced that credentials for approximately 74,000 Fortinet firewalls and VPN gateways had been leaked in what researchers are calling FortiBleed. The agency confirmed that threat actors were actively […]

Pierluigi Paganini June 19, 2026
14,971 WordPress Sites Cleaned in Global SocGholish Takedown

Operation EndGame disrupted SocGholish, taking down 106 servers and cleaning 14,971 WordPress sites used to spread fake-update malware. On June 18, 2026, law enforcement agencies from the Netherlands, Canada, the United States, and Germany, coordinated through Europol, executed a joint action week against SocGholish, one of the most persistent and widely deployed malware distribution networks […]

Pierluigi Paganini June 19, 2026
U.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Splunk Enterprise flaw, tracked as CVE-2026-20253 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. The flaw CVE-2026-20253 is an improper authentication vulnerability in the PostgreSQL sidecar service of […]

Pierluigi Paganini June 19, 2026
Peter Thiel ‘s Secret Society Leak Creates a Perfect Target List for Espionage, Influence Operations, and Blackmail

A simple website flaw exposed members, political profiles, login tokens, and dating data from Peter Thiel ‘s secretive Dialog network. Dialog, a private invitation-only organization cofounded in 2006 by billionaire tech investor Peter Thiel, has spent two decades refusing to disclose its membership. That position became harder to maintain last week when Swiss hacktivist maia […]

Pierluigi Paganini June 19, 2026
24 Billion Stolen Credentials Exposed in Massive Data Leak

24 Billion Records Left Open Online: Passwords, Emails, and Everything Else Exposed database with 24 Billion records revealed stolen credentials from infostealers, Telegram channels, and breach collections, risking account takeovers. Cybernews researchers found an exposed Elasticsearch cluster on June 12th containing 24 billion records and more than 8.3 terabytes of data. They triple-checked the numbers. […]

Pierluigi Paganini June 18, 2026
Tor-Based Clipper Malware Targets Wallet Seed Phrases

USB .lnk malware steals crypto via clipboard hijack, replaces wallet addresses, steals seed phrases, and screenshots. Microsoft Threat Intelligence has been tracking a clipboard-stealing malware (Clipper) campaign since February 2026 that targets cryptocurrency wallets. A clipper is a type of malicious software that monitors and manipulates your clipboard, the temporary memory where data is stored […]