MUST READ

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

 | 

United Natural Foods Expects $400M revenue impact from June cyber attack

 | 

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

 | 

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

 | 

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

 | 

Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard network

 | 

Former US Army member confesses to Telecom hack and extortion conspiracy

 | 

CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025

 | 

DDoS peaks hit new highs: Cloudflare mitigated massive 7.3 Tbps assault

 | 

U.S. CISA adds Wing FTP Server flaw to its Known Exploited Vulnerabilities catalog

 | 

Android Malware Konfety evolves with ZIP manipulation and dynamic loading

 | 

Belk hit by May cyberattack: DragonForce stole 150GB of data

 | 

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

 | 

FBI seized multiple piracy sites distributing pirated video games

 | 

An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

 | 

Interlock ransomware group deploys new PHP-based RAT via FileFix

 | 

Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

 | 

Experts uncover critical flaws in Kigen eSIM technology affecting billions

 | 

Spain awarded €12.3 million in contracts to Huawei

 | 

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

 | 

Palo Alto Networks

Pierluigi Paganini June 14, 2025
Palo Alto Networks fixed multiple privilege escalation flaws

Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions. Palo Alto Networks fixed seven privilege escalation vulnerabilities and integrated the latest Chrome security patches into its products. Palo Alto applied 11 Chrome fixes and patched CVE-2025-4233, a cache vulnerability impacting the Prisma Access Browser. The most severe vulnerability, tracked […]

Pierluigi Paganini April 11, 2025
Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks

Experts warn of brute-force login attempts on PAN-OS GlobalProtect gateways following increased scanning activity on its devices. Palo Alto Networks reports brute-force login attempts on PAN-OS GlobalProtect gateways. The security firm pointed out that no known vulnerability has been exploited, but monitoring and analysis continue. “Our teams are observing evidence of activity consistent with password-related […]

Pierluigi Paganini April 02, 2025
Spike in Palo Alto Networks scanner activity suggests imminent cyber threats

Hackers are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted attacks. Researchers at the threat intelligence firm GreyNoise warn of hackers that are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted attacks, warns threat intelligence firm GreyNoise. GreyNoise reports that over 24,000 unique IP addresses […]

Pierluigi Paganini February 20, 2025
Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474, to compromise PAN-OS firewalls. The vulnerability CVE-2025-0111 is a file read issue in PAN-OS, an […]

Pierluigi Paganini December 27, 2024
Palo Alto Networks fixed a high-severity PAN-OS flaw

Palo Alto Networks addressed a high-severity PAN-OS flaw that could trigger denial-of-service (DoS) on vulnerable devices. Palo Alto Networks addressed a high-severity flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), in PAN-OS software that could cause a denial-of-service (DoS) condition. An unauthenticated attacker can exploit this vulnerability to reboot the firewall by sending a malicious packet […]

Pierluigi Paganini November 22, 2024
More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. Thousands of Palo Alto Networks firewalls have reportedly been compromised in attacks exploiting recently patched zero-day vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in PAN-OS. CVE-2024-0012 is a vulnerability in Palo Alto Networks PAN-OS that allows unauthenticated attackers with network access to the management […]

Pierluigi Paganini November 19, 2024
U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Below are the descriptions of the above vulnerabilities: CVE-2024-1212 is a Progress Kemp LoadMaster […]

Pierluigi Paganini November 16, 2024
Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability (CVSSv4.0 Base Score: 9.3) in PAN-OS. The cybersecurity company had no […]

Pierluigi Paganini November 08, 2024
Palo Alto Networks warns of potential RCE in PAN-OS management interface

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS. The cybersecurity company has no further details on […]

Pierluigi Paganini July 12, 2024
Palo Alto Networks fixed a critical bug in the Expedition tool

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. Palo Alto Networks released security updates to address five security flaws impacting its products, the most severe issue, tracked as CVE-2024-5910 (CVSS score: 9.3), is a missing authentication for a critical function in Palo Alto Networks Expedition that can lead to an admin […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

Data Breach / July 17, 2025

United Natural Foods Expects $400M revenue impact from June cyber attack

Security / July 17, 2025

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

Security / July 17, 2025

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

Hacking / July 17, 2025

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

Cyber Crime / July 16, 2025