MUST READ

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

 | 

SonicWall warns of actively exploited flaw in SMA 100 AMC

 | 

GNV ferry Fantastic under cyberattack probe amid remote hijack fears

 | 

Askul data breach exposed over 700,000 records after ransomware attack

 | 

Russian state hackers targeted Western critical infrastructure for years, Amazon says

 | 

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

 | 

A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations

 | 

Hackers are exploiting critical Fortinet flaws days after patch release

 | 

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

 | 

French Interior Minister says hackers breached its email servers

 | 

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

 | 

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

 | 

CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use

 | 

Pierluigi Paganini

Pierluigi Paganini August 22, 2022
Group-IB CEO will remain in jail – complaint denied

On August 18, a Russian judge decided that Ilya Sachkov, founder and CEO of the Russian-led Group-IB, will remain in jail. Ilya Sachkov, founder and CEO of the Russian-led Group-IB will remain in jail following the judge’s decision on August 18th after his defense team filed a complaint according to TASS (Russian Media Agency). Starting […]

Pierluigi Paganini August 22, 2022
Escanor Malware delivered in Weaponized Microsoft Office Documents

Researchers spotted a new RAT (Remote Administration Tool) advertised in Dark Web and Telegram called Escanor Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 500 worldwide, identified a new RAT (Remote Administration Tool) advertised in Dark Web and Telegram called Escanor. The threat actors offer Android-based and PC-based versions of RAT, along with HVNC module […]

Pierluigi Paganini August 22, 2022
Donot Team cyberespionage group updates its Windows malware framework

The Donot Team threat actor, aka APT-C-35, has added new capabilities to its Jaca Windows malware framework. The Donot Team has been active since 2016, it focuses on government and military organizations, ministries of foreign affairs, and embassies in India, Pakistan, Sri Lanka, Bangladesh, and other South Asian countries. In October 2021, a report released by Amnesty International revealed that the Donot […]

Pierluigi Paganini August 21, 2022
Fake DDoS protection pages on compromised WordPress sites lead to malware infections

Threat actors compromise WordPress sites to display fake Cloudflare DDoS protection pages to distribute malware. DDoS Protection pages are associated with browser checks performed by WAF/CDN services which verify if the site visitor is a human or a bot. Recently security experts from Sucuri, spotted JavaScript injections targeting WordPress sites to display fake DDoS Protection pages […]

Pierluigi Paganini August 21, 2022
Threat actors are stealing funds from General Bytes Bitcoin ATM

Threat actors have exploited a zero-day vulnerability in the General Bytes Bitcoin ATM servers to steal BTC from multiple customers. Threat actors have exploited a zero-day flaw in General Bytes Bitcoin ATM servers that allowed them to hijack transactions associated with deposits and withdrawal of funds. GENERAL BYTES is the world’s largest Bitcoin, Blockchain, and […]

Pierluigi Paganini August 21, 2022
White hat hackers broadcasted talks and hacker movies through a decommissioned satellite

Hackers took control of a decommissioned satellite and broadcasted hacking conference talks and hacker movies.  During the latest edition of the DEF CON hacking conference held in Las Vegas, the group of white hat hackers Shadytel demonstrated how to take control of a satellite in geostationary orbit. The group used a satellite called Anik F1R, which […]

Pierluigi Paganini August 20, 2022
Security Affairs newsletter Round 380

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. CISA added 7 new flaws to its Known Exploited Vulnerabilities Catalog TA558 cybercrime group targets hospitality […]

Pierluigi Paganini August 19, 2022
Russia-linked Cozy Bear uses evasive techniques to target Microsoft 365 users

Russia-linked APT group Cozy Bear continues to target Microsoft 365 accounts in NATO countries for cyberespionage purposes. Mandiant researchers reported that the Russia-linked Cozy Bear cyberespionage group (aka APT29, CozyDuke, and Nobelium), has targeted Microsoft 365 accounts in espionage campaigns. The experts pointed out that APT29 devised new advanced tactics, techniques, and procedures to evade detection. […]

Pierluigi Paganini August 19, 2022
CISA added SAP flaw to its Known Exploited Vulnerabilities Catalog

US CISA added a critical SAP flaw to its Known Exploited Vulnerabilities Catalog after its details were disclosed at the Black Hat and Def Con conferences. The US Cybersecurity and Infrastructure Security Agency (CISA) added a critical SAP vulnerability, tracked as CVE-2022-22536, to its Known Exploited Vulnerabilities Catalog a few days after researchers shared details […]

Pierluigi Paganini August 19, 2022
A flaw in Amazon Ring could expose user’s camera recordings

Amazon addressed a high-severity flaw in its Ring app for Android that could have exposed sensitive information and camera recordings. In May, Amazon fixed a high-severity vulnerability in its Ring app for Android that could have allowed a malicious app installed on a user’s device to access sensitive information and camera recordings. The Ring app […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

Cyber Crime / December 19, 2025

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

Security / December 19, 2025

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

APT / December 19, 2025

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

Security / December 18, 2025

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

Cyber Crime / December 18, 2025