Pierluigi Paganini
August 05, 2025
Microsoft offers up to $5M for Zero Day Quest 2026 bug hacking contest; top researchers join live hacking event after fall 2025 submissions. Microsoft is bringing back its live hacking contest, Zero Day Quest, in spring 2026, and this time, it’s offering up to $5 million in rewards. The competition will spotlight researchers who uncover serious […]
Pierluigi Paganini
August 05, 2025
Cisco disclosed CRM data breach via vishing attack; basic user info was exposed, but no sensitive data or systems were compromised Cisco has confirmed a data breach involving a third-party CRM system, exposing basic profile details (e.g. names, emails, and phone numbers) of users who registered on Cisco.com. The breach was discovered on July 24 […]
Pierluigi Paganini
August 05, 2025
These are in plain sight without a Breach. No ransomware. No compromise. Just misconfigured systems, overpermissioned users, silent access. When we think of a breach, we imagine firewalls failing, malware spreading, or hackers stealing credentials. But 2025 has made something else clear: you don’t need a breach to suffer breach-level damage. Sometimes, data leaks without […]
Pierluigi Paganini
August 05, 2025
SonicWall probes possible new zero-day after spike in Akira ransomware attacks on Gen 7 firewalls with SSLVPN enabled. SonicWall is investigating a potential new zero-day after a surge in Akira ransomware attacks targeting Gen 7 firewalls with SSLVPN enabled. The company is working to determine if the incidents stem from an existing flaw or a […]
Pierluigi Paganini
August 05, 2025
New flaws in NVIDIA’s Triton Server let remote attackers take over systems via RCE, posing major risks to AI infrastructure. Newly revealed security flaws in NVIDIA’s Triton Inference Server for Windows and Linux could let remote, unauthenticated attackers fully take over vulnerable servers. According to Wiz Research team, chaining these vulnerabilities enables remote code execution […]
Pierluigi Paganini
August 04, 2025
The cybercrime D4rk4rmy added the Monte-Carlo SociĂ©tĂ© des Bains de Mer to the list of victims on its Tor dark web leak site. The cybercrime group D4rk4rmy claimed the hack of Monte-Carlo SociĂ©tĂ© des Bains de Mer (SBM). The company is Monaco’s premier luxury hospitality group, established in 1863. It operates iconic properties like the […]
Pierluigi Paganini
August 04, 2025
A January 2025 breach at Northwest Radiologists exposed data of 350,000 Washington State residents, the company confirmed. A data breach at Northwest Radiologists in January 2025 has exposed the personal information of 350,000 residents of Washington State, the company has confirmed. The security breach occurred on January 25, 2025 and caused “network disruption” at the […]
Pierluigi Paganini
August 04, 2025
Lovense fixed bugs exposing emails and allowing account takeovers. Company CEO may take legal action after the flaws were publicly disclosed. Lovense, a manufacturer of internet-connected sex toys, fixed two vulnerabilities that exposed users’ emails and allowed remote account takeovers. A researcher known as BobDaHacker recently disclosed the flaws after Lovense claimed it would take […]
Pierluigi Paganini
August 04, 2025
State-backed group CL-STA-0969 hit Southeast Asian telecoms in 2024, targeting critical infrastructure, says Palo Alto Networks’ Unit 42. Palo Alto Networks reported that a nation-state actor, tracked as CL-STA-0969, targeted telecom firms in Southeast Asia, with attacks on critical infrastructure from February to November 2024. Threat actor CL-STA-0969 overlaps with the China-linked cyber espionage group […]
Pierluigi Paganini
August 03, 2025
Akira ransomware targets fully patched SonicWall VPNs in suspected zero-day attacks, with multiple intrusions seen in late July 2025. Arctic Wolf Labs researchers reported that Akira ransomware is exploiting SonicWall SSL VPNs in a likely zero-day attack, targeting even fully patched devices. Arctic Wolf Labs observed multiple intrusions via VPN access in late July 2025. […]
