MUST READ

ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers

 | 

Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys

 | 

Botnet of 17 Million Devices Dismantled in the Netherlands

 | 

Meet GREYVIBE, the Russia-Linked Hacking Group Using AI to Target Ukraine and Still Making Rookie Mistakes

 | 

DIL Observatory: when the World Escalates, the Underground Responds

 | 

Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.

 | 

BTMOB RAT Gives Criminals a Point-and-Click Kit to Take Over Your Android Phone

 | 

Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers

 | 

CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks

 | 

Resecurity Supports Microsoft DCU in Disrupting Fox Tempest ’s Cybercriminal Code-Signing Ecosystem

 | 

U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog

 | 

A Fake UK Visa Site Left 100,000 Passports Wide Open

 | 

U.S. CISA adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog

 | 

19.6 Billion Files Are Sitting Open on the Internet. No Password Required

 | 

Romanian Hacker Gets Nearly 5 Years in US Prison Over Network Intrusion

 | 

The LA Metro Attack Wasn't Hacktivism. It Was a State Operation With a Costume On.

 | 

How cybersecurity firms took down Glassworm botnet in one shot

 | 

Dutch Government just said no to an American firm buying the keys to their digital State

 | 

Microsoft SharePoint Has a New RCE Flaw. If You Haven't Patched Yet, Go Do That.

 | 

The Hidden Ransomware Economy Running on Exposed Databases

 | 

IT Information Security

Pierluigi Paganini September 04, 2021
SEC warns of investment scams related to Hurricane Ida

The US Securities and Exchange Commission warns investors of potential investment scams that leverages Hurricane Ida as a bait. The US Securities and Exchange Commission (SEC)’s Office of Investor Education and Advocacy is warning investors of potential investment scams related to Hurricane Ida. Scammers will likely target individuals and organizations that are eligible to receive large payouts from insurance […]

Pierluigi Paganini September 04, 2021
Apple will delay the rollout of new child pornography protection tools

Apple will delay the introduction of its new child pornography protection tools due to a heated debate raised by privacy advocates. Apple announced this week that it will delay the rollout of its new child pornography protection tools after many experts and privacy advocated claimed it poses a threat to user privacy. The tools were […]

Pierluigi Paganini September 04, 2021
FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

FIN7 cybercrime gang used weaponized Windows 11 Alpha-themed Word documents to drop malicious payloads, including a JavaScript backdoor. Anomali Threat Research experts have monitored recent spear-phishing attacks conducted by financially motivated threat actor FIN7. The messages used weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript backdoor, […]

Pierluigi Paganini September 04, 2021
Source code for the Babuk is available on a hacking forum

The complete source code for the Babuk ransomware is available for sale on a Russian-speaking hacking forum. A threat actor has leaked the source code for the Babuk ransomware on a Russian-speaking hacking forum. The Babuk Locker operators halted their operations at the end of April after the attack against the Washington, DC police department. Experts believe that […]

Pierluigi Paganini September 03, 2021
USCYBERCOM and CISA warn organizations to fix CVE-2021-26084 Confluence flaw

USCYBERCOM is urging organizations to patch a critical CVE-2021-26084 flaw in Atlassian Confluence Server and Data Center, ahead of the Labor Day weekend.  US Cyber Command (USCYBERCOM) has issued an alert to warn US organizations to address Atlassian Confluence CVE-2021-26084 vulnerability immediately, ahead of the Labor Day weekend. Government experts are aware of the ongoing […]

Pierluigi Paganini September 03, 2021
Conti ransomware gang targets Microsoft Exchange servers with ProxyShell exploits

The Conti ransomware operators are targeting Microsoft Exchange servers leveraging recently disclosed ProxyShell vulnerability exploits. The Conti ransomware gang is targeting Microsoft Exchange servers leveraging exploits with recently disclosed ProxyShell vulnerabilities. ProxyShell is the name of three vulnerabilities that could be chained by an unauthenticated remote attacker to gain code execution on Microsoft Exchange servers. […]

Pierluigi Paganini September 03, 2021
PRIVATELOG, a new malware that leverages Common Log File System (CLFS) to avoid detection

Mandiant researchers spotted a new malware family, dubbed PRIVATELOG, that relies on the Common Log File System (CLFS) to evade detection solutions. FireEye’s Mandiant cybersecurity researchers spotted a new malware family, named PRIVATELOG, that relies on the Common Log File System (CLFS) to hide a second-stage payload in registry transaction files to avoid detection. Common […]

Pierluigi Paganini September 03, 2021
Attacks against SolarWinds Serv-U SW were possible due to the lack of ASLR mitigation

SolarWinds did not enable anti-exploit mitigation available since 2006 allowing threat actors to target SolarWinds Serv-U FTP software in July attacks. Software vendor SolarWinds did not enable ASLR anti-exploit mitigation that was available since the launch of Windows Vista in 2006, allowing the attackers to launch targeted attacks in July. Microsoft, which investigated the incidents, […]

Pierluigi Paganini September 02, 2021
New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices

Security flaws in commercial Bluetooth stacks dubbed BrakTooth can be exploited by threat actors to execute arbitrary code and crash the devices via DoS attacks. A set of 16 security flaws in commercial Bluetooth stacks, collectively tracked as BrakTooth, can be exploited by threat actors to execute arbitrary code and crash the devices via DoS […]

Pierluigi Paganini September 02, 2021
Attackers are attempting to exploit recently patched Atlassian Confluence CVE-2021-26084 RCE

Threat actors are actively exploiting a recently patched vulnerability in Atlassian’s Confluence enterprise collaboration product. Threat actors were spotted exploiting the CVE-2021-26084 vulnerability in Atlassian’s Confluence enterprise collaboration product a few days after it was patched by the vendor. Last week, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects the Confluence enterprise […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers

Uncategorized / May 30, 2026

Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys

Security / May 30, 2026

Botnet of 17 Million Devices Dismantled in the Netherlands

Malware / May 30, 2026

Meet GREYVIBE, the Russia-Linked Hacking Group Using AI to Target Ukraine and Still Making Rookie Mistakes

APT / May 29, 2026

DIL Observatory: when the World Escalates, the Underground Responds

Security / May 29, 2026