MUST READ

Microsoft warns of RAT delivered through trojanized gaming utilities

 | 

Aeternum botnet hides commands in Polygon smart contracts

 | 

iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification

 | 

Juniper issues emergency patch for critical PTX router RCE

 | 

How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently

 | 

12 Million exposed .env files reveal widespread security failures

 | 

ManoMano data breach impacted 38 Million customer accounts

 | 

Trend Micro fixes two critical flaws in Apex One

 | 

UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor

 | 

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog

 | 

Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control

 | 

Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries

 | 

Untrusted repositories turn Claude code into an attack vector

 | 

ShinyHunters cyberattack on CarGurus impacts 12.4 Million users

 | 

U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog

 | 

Lazarus APT group deployed Medusa Ransomware against Middle East target

 | 

SolarWinds patches four critical Serv-U flaws enabling root access

 | 

VMware Aria Operations flaws could enable remote attacks

 | 

Arkanix Stealer: AI-assisted info-stealer shuts down after brief campaign

 | 

Operation MacroMaze: APT28 exploits webhooks for covert data exfiltration

 | 

npm

Pierluigi Paganini December 16, 2019
Experts found binary planting and arbitrary file overwrite flaws in NPM

NPM, the biggest package manager for JavaScript libraries, has addressed a vulnerability that could be exploited to execute “binary planting” attacks. NPM maintainers have addressed a vulnerability that could allow a package publisher to modify and/or gain access to arbitrary files on a user’s system when the package is installed, so-called “binary planting” attacks. The vulnerability […]

Pierluigi Paganini July 15, 2019
The npm installer for PureScript package has been compromised

It has happened again, another JavaScript package in the npm registry has been compromised, it is the installer for PureScript. The installer for PureScript package in the npm registry has tampered forcing project maintainers to purge the malicious code. Last week many developers reported several problems with the installer and PureScript contributor Harry Garrood found malicious code in its […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft warns of RAT delivered through trojanized gaming utilities

Uncategorized / February 28, 2026

Aeternum botnet hides commands in Polygon smart contracts

Mobile / February 27, 2026

iPhone and iPad are the first consumer devices cleared for NATO ‘RESTRICTED’ classification

Security / February 27, 2026

Juniper issues emergency patch for critical PTX router RCE

Security / February 27, 2026

How AI Aids Incident Response: Why Humans Alone Cannot Do IR Efficiently

Artificial Intelligence / February 27, 2026