MUST READ

StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years

 | 

SSU and FBI Uncover Russian Cyber Espionage Operation Against Officials and Military Personnel

 | 

KDDI Data Breach Impacts up to 14.2 Million Email Accounts at Six ISPs

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 103

 | 

Security Affairs newsletter Round 583 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

New FBI Alert: Russian Intelligence Uses Signal Recovery Keys to Access Messages

 | 

Hospitality Sector Hit by Phishing Campaign Using Fake Guest Complaint Emails

 | 

DirtyClone: Fourth Linux Kernel Flaw in Six Weeks Escalates to Root

 | 

Chinese APT CL-STA-1062 Expands Attacks on Southeast Asian Critical Infrastructure With Custom Malware

 | 

Activist Phone Hacked With Cellebrite After Russia Contract Cancellation

 | 

U.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog

 | 

Third-Party Breach at Polymarket Leads to $2.94M Crypto Theft

 | 

macOS.Gaslight: North Korea-Linked Malware That Tries to Gaslight the Analyst

 | 

Tata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and Tesla

 | 

Curl Fixes a 25-Year-Old Bug in Its Largest CVE Release Yet

 | 

Inside Mistic, the New Stealth Backdoor in Ransomware Intrusions

 | 

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure

 | 

Nathan Austad Pleads Guilty in DraftKings Hacking Scheme, Gets 18 Months

 | 

Europol Disrupts StealC and Amadey Malware Infrastructure in Operation Endgame

 | 

Why Frontier AI makes prioritization the most important part of your CTEM program

 | 

Joomla

Pierluigi Paganini December 28, 2015
CVE-2015-8562 – 16,000 Daily Attacks on vulnerable Joomla servers

Experts at Symantec discovered that hackers quickly take advantage of CVE-2015-8562 remote code execution to compromise Joomla servers. Joomla recently patched the CVE-2015-8562 vulnerability that could be exploited by attackers for remote code execution. According to the security expert Daniel Cid from Sucuri, hundreds of attacks are now taking place. “What is very concerning is that this […]

Pierluigi Paganini December 16, 2015
Joomla under attack due to a zero-day. Patch your CMS now!

The websites based on the popular Joomla CMS need to be updated as soon as possible due to a critical remote code execution vulnerability. The websites based on the popular Joomla CMS need to be updated as soon as possible, Joomla has just released a security patch to fix a critical eight-year-old remote code execution vulnerability. […]

Pierluigi Paganini November 06, 2015
Financial Reporting Council of Nigeria site used for phishing scam

According to Netcraft, the website of Financial Reporting Council of Nigeria is used to serve a webmail phishing site from the legitim site of the agency. The website of the Financial Reporting Council of Nigeria was used by cyber criminals in a phishing scam. According to the experts at Netcraft, the website of Financial Reporting Council of […]

Pierluigi Paganini October 28, 2015
Joomla SQL Injection Vulnerability exploited in the wild

Security experts at Sucuri reported a number of attacks exploiting a critical SQL injection flaw recently disclosed in the Joomla Content Management System. A few days ago, security experts disclosed a critical SQL injection vulnerability in the Joomla Content Management System (CVE-2015-7858), but as expected, threat actors in the wild are exploiting it in attacks against websites […]

Pierluigi Paganini July 22, 2015
Joomla Helpdesk Pro flaws leave systems vulnerable to several attacks

The Outpost24 team has identified several vulnerabilities that affect Joomla HelpDesk Pro extension, the flaws can lead to remote code execution on servers. Kasper Bertelsen, a security researcher at Outpost24 has discovered a number of vulnerabilities in the Joomla Helpdesk Pro extension which can lead to remote code execution on servers. The Helpdesk Pro Joomla extension is developed […]

Pierluigi Paganini February 27, 2015
Joomla Reflection DDoS attacks exploit a Google Maps Plugin flaws

Akamai firm discovered numerous attacks exploiting a known vulnerability in a Google Maps plugin to run Joomla Reflection DDoS attacks against enterprises. Experts from Akamai Technologies’ Prolexic Security Engineering and Response Team (PLXsert) have discovered a vulnerability allows attackers to turn Joomla servers using the Google Maps plugin into a DDoS hacking tool. The worrying aspect […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years

Malware / June 29, 2026

SSU and FBI Uncover Russian Cyber Espionage Operation Against Officials and Military Personnel

Intelligence / June 29, 2026

KDDI Data Breach Impacts up to 14.2 Million Email Accounts at Six ISPs

Data Breach / June 28, 2026

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 103

Malware / June 28, 2026

Security Affairs newsletter Round 583 by Pierluigi Paganini – INTERNATIONAL EDITION

Security / June 28, 2026