MUST READ

Data breach at Canada’s Investment Watchdog Canadian Investment Regulatory Organization impacts 750,000 people

 | 

China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug

 | 

Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover

 | 

A ransomware attack disrupted operations at South Korean conglomerate Kyowon

 | 

Central Maine Healthcare data breach impacted over 145,000 patients

 | 

Palo Alto Networks addressed a GlobalProtect flaw, PoC exists

 | 

Lumen disrupts AISURU and Kimwolf botnet by blocking over 550 C2 servers

 | 

China bans U.S. and Israeli cybersecurity software over security concerns

 | 

CERT-UA reports PLUGGYAPE cyberattacks on defense forces

 | 

Fortinet fixed two critical flaws in FortiFone and FortiSIEM

 | 

U.S. CISA adds a flaw in Microsoft Windows to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for January 2026 fixed actively exploited zero-day

 | 

AZ Monica hospital in Belgium shuts down servers after cyberattack

 | 

Threat actor claims the theft of full customer data from Spanish energy firm Endesa

 | 

Dutch court convicts hacker who exploited port networks for drug trafficking

 | 

U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog

 | 

Meta fixes Instagram password reset flaw, denies data breach

 | 

Europol and Spanish Police arrest 34 in crackdown on Black Axe criminal network

 | 

Credential-harvesting attacks by APT28 hit Turkish, European, and Central Asian organizations

 | 

The ideals of Aaron Swartz in an age of control

 | 

malware

Pierluigi Paganini September 12, 2023
Save the Children confirms it was hit by cyber attack

The international non-governmental organization (NGO) Save the Children International was recently hit with a cyberattack. The charity organization Save the Children International revealed that it was hit by a cyber attack. The company disclosed the security incident after the ransomware gang BianLian listed the organization on its Tor leak site. The BianLian extortion group claims […]

Pierluigi Paganini September 12, 2023
Iranian Charming Kitten APT targets various entities in Brazil, Israel, and the U.A.E. using a new backdoor

Iran-linked APT group Charming Kitten used a previously undocumented backdoor named Sponsor in attacks against entities in Brazil, Israel, and the U.A.E. ESET researchers observed a series of attacks, conducted by the Iran-linked APT group Charming Kitten (aka Ballistic Bobcat APT, APT35, Phosphorus, Newscaster, TA453, and Ajax Security Team), which are targeting various entities in Brazil, Israel, and the United Arab Emirates. The Charming […]

Pierluigi Paganini September 11, 2023
UK and US sanctioned 11 members of the Russia-based TrickBot gang

The U.K. and U.S. governments sanctioned 11 more individuals who were alleged members of the Russia-based TrickBot cybercrime gang. The United States, in coordination with the United Kingdom, sanctioned eleven more individuals who are members of the Russia-based Trickbot cybercrime group. The sanctions were provided by the U.S. Department of the Treasury’s Office of Foreign […]

Pierluigi Paganini September 11, 2023
New HijackLoader malware is rapidly growing in popularity in the cybercrime community

Zscaler ThreatLabz detailed a new malware loader, named HijackLoader, which has grown in popularity over the past few months HijackLoader is a loader that is gaining popularity among the cybercriminal community. The malware is not sophisticated, however, unlike other loaders, it has a modular structure that allows supporting code injection and execution. The HijackLoader is […]

Pierluigi Paganini September 11, 2023
Evil Telegram campaign: Trojanized Telegram apps found on Google Play

Evil Telegram: a Trojanized version of the Telegram app was spotted on the Google Play Store, Kaspersky researchers reported. Researchers from Kaspersky discovered several Telegram mods on the Google Play Store that contained spyware, the campaign was tracked as Evil Telegram. One of the apps was downloaded more than ten million times before it was […]

Pierluigi Paganini September 10, 2023
Rhysida Ransomware gang claims to have hacked three more US hospitals

Rhysida Ransomware group added three more US hospitals to the list of victims on its Tor leak site after the PROSPECT MEDICAL attack. Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization. In early August, a cyberattack disrupted […]

Pierluigi Paganini September 10, 2023
Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang […]

Pierluigi Paganini September 09, 2023
Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

The Ragnar Locker ransomware gang added Israel’s Mayanei Hayeshua hospital to the list of victims on its Tor leak site The Ragnar Locker ransomware gang claimed responsibility for an attack on Israel’s Mayanei Hayeshua hospital. The cybercrime group claims to have stolen 1 TB of data from the hospital and threatens to leak it. The […]

Pierluigi Paganini September 08, 2023
North Korea-linked threat actors target cybersecurity experts with a zero-day

North Korea-linked threat actors associated with North Korea exploited a zero-day flaw in attacks against cybersecurity experts. North Korea-linked threat actors were observed exploiting a zero-day vulnerability in an unnamed software to target cybersecurity researchers. The attacks that took place in the past weeks were detected by researchers at Google’s Threat Analysis Group (TAG). “Recently, […]

Pierluigi Paganini September 08, 2023
Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware

Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks Researchers at Citizen Lab reported that the actively exploited zero-day flaws (CVE-2023-41064 and CVE-2023-41061) fixed by Apple are being used to infect devices with NSO Group’s Pegasus spyware.  According to the researchers, the two vulnerabilities were chained […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Data breach at Canada’s Investment Watchdog Canadian Investment Regulatory Organization impacts 750,000 people

Data Breach / January 16, 2026

China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug

APT / January 16, 2026

Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover

Security / January 16, 2026

A ransomware attack disrupted operations at South Korean conglomerate Kyowon

Data Breach / January 15, 2026

Central Maine Healthcare data breach impacted over 145,000 patients

Uncategorized / January 15, 2026