MUST READ

Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming

 | 

OpenLoop Health confirms January 2026 Data breach affecting 716,000

 | 

Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations

 | 

Instructure settles with hackers following massive student data theft

 | 

Critical Fortinet vulnerabilities fixed in FortiSandbox and FortiAuthenticator

 | 

Hackers accessed BWH Hotels reservation system for months

 | 

The world's most "Dangerous" AI, Anthropic’s Mythos, found only one flaw in curl

 | 

Attackers exploit cPanel CVE-2026-41940 to deploy Filemanager Backdoor

 | 

WannaCry, the ransomware attack that changed the history of cybersecurity

 | 

Android banking Trojan TrickMo evolves using TON network for C2

 | 

Identity security firm SailPoint discloses GitHub repository breach

 | 

Google warns artificial intelligence is accelerating cyberattacks and zero-day exploits

 | 

Crimenetwork returns after takedown, dismantled again by German authorities

 | 

U.S. CISA adds a flaw in BerriAI LiteLLM to its Known Exploited Vulnerabilities catalog

 | 

Instagram removed end-to-end encryption for DMs. What should users do?

 | 

New cPanel vulnerabilities could allow file access and remote code execution

 | 

Official JDownloader site served malware to Windows and Linux users between May 6 and May 7

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 96

 | 

Quasar Linux RAT (QLNX): A Fileless Linux Implant Built for Stealth and Persistence

 | 

Braintrust security incident raises concerns over AI supply chain risks

 | 

LINE VIPER

Pierluigi Paganini April 25, 2026
CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network

CISA said a federal Cisco Firepower ASA device was infected with the FIRESTARTER backdoor in Sept 2025, and it survived security patches. CISA revealed that a U.S. federal civilian agency’s Cisco Firepower device running ASA software was compromised in September 2025 by the FIRESTARTER backdoor. The malware reportedly persisted even after security patches were applied, […]

Pierluigi Paganini September 26, 2025
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel malware families, RayInitiator and LINE VIPER. These malware mark a major evolution from earlier campaigns, […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft Patch Tuesday for May 2026 fix 138 bugs, some of them are alarming

Uncategorized / May 13, 2026

OpenLoop Health confirms January 2026 Data breach affecting 716,000

Uncategorized / May 13, 2026

Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations

Security / May 13, 2026

Instructure settles with hackers following massive student data theft

Cyber Crime / May 13, 2026

Critical Fortinet vulnerabilities fixed in FortiSandbox and FortiAuthenticator

Security / May 13, 2026