MUST READ

Fintech firm Figure disclosed data breach after employee phishing attack

 | 

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

 | 

Suspected Russian hackers deploy CANFAIL malware against Ukraine

 | 

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

 | 

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

 | 

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

 | 

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

 | 

Odido confirms massive breach; 6.2 Million customers impacted

 | 

ApolloMD data breach impacts 626,540 people

 | 

LummaStealer activity spikes post-law enforcement disruption

 | 

Apple fixed first actively exploited zero-day in 2026

 | 

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

 | 

Volvo Group hit in massive Conduent data breach

 | 

Reynolds ransomware uses BYOVD to disable security before encryption

 | 

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

 | 

U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

 | 

ZeroDayRAT spyware grants attackers total access to mobile devices

 | 

Senegal shuts National ID office after ransomware attack

 | 

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

 | 

Pierluigi Paganini

Pierluigi Paganini March 22, 2022
Serpent backdoor targets French entities with high-evasive attack chain

A new email campaign aimed at French entities leverages the Chocolatey Windows package manager to deliver the Serpent backdoor. Proofpoint researchers uncovered a targeted attack leveraging an open-source package installer Chocolatey to deliver a backdoor tracked as Serpent. The campaign targeted French entities in the construction, real estate, and government industries. Experts believe the attacks were […]

Pierluigi Paganini March 21, 2022
Lapsus$ gang claims to have hacked Microsoft source code repositories

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. Over the last months, the gang compromised other prominent companies such as NVIDIA, Samsung, Ubisoft, Mercado […]

Pierluigi Paganini March 21, 2022
Italy’s data privacy watchdog investigates how Kaspersky manages Italian users’ data

Italy’s data privacy watchdog launched an investigation into the “potential risks” associated with the use of Russian antivirus software Kaspersky. Italy’s data privacy watchdog has launched an investigation into potential risks associated with the use of the Kaspersky antivirus. The Italian authority aims at verifying how the Russian company processes the data of Italian users […]

Pierluigi Paganini March 21, 2022
Hacker leaked a new version of Conti ransomware source code on Twitter

A Ukrainian security researcher has leaked more source code from the Conti ransomware operation to protest the gang’s position on the conflict. Hacker leaked a new version of the Conti ransomware source code on Twitter as retaliation of the gang’s support to Russia The attack against the Conti ransomware and the data leak is retaliation […]

Pierluigi Paganini March 20, 2022
Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the previous weeks: March 18 – China-linked threat actors are targeting the government of Ukraine Google’s TAG team revealed that China-linked APT groups are targeting Ukraine […]

Pierluigi Paganini March 20, 2022
Security Affairs newsletter Round 358 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. EU and US agencies warn that Russia could attack satellite communications networks Avoslocker ransomware […]

Pierluigi Paganini March 20, 2022
EU and US agencies warn that Russia could attack satellite communications networks

FBI, CISA, and the European Union Aviation Safety Agency (EASA) warn of possible threats to international satellite communication (SATCOM) networks. Satellite communication (SATCOM) networks are critical infrastructure for modern society, US and EU agencies warn of possible threats to them. Victor Zhora, Chief Digital Transformation Officer at the State Service of Special Communication and Information […]

Pierluigi Paganini March 19, 2022
Crooks claims to have stolen 4TB of data from TransUnion South Africa

TransUnion South Africa discloses a data breach, threat actors who stolen sensitive data, demanded a ransom payment not to release stolen data. TransUnion South Africa announced that threat actors compromised a company server based in South Africa using stolen credentials. Threat actors have stolen company data and demanded a ransom payment not to release stolen […]

Pierluigi Paganini March 19, 2022
Exotic Lily initial access broker works with Conti gang

Google’s Threat Analysis Group (TAG) uncovered a new initial access broker, named Exotic Lily, that is closely affiliated with the Conti ransomware gang. Google’s Threat Analysis Group (TAG) researchers linked a new initial access broker, named Exotic Lily, to the Conti ransomware operation. Initial access brokers play an essential role in the cybercrime ecosystem, they provide access to previously […]

Pierluigi Paganini March 19, 2022
Emsisoft releases free decryptor for the victims of the Diavol ransomware

Cybersecurity firm Emsisoft released a free decryptor that allows the victims of the Diavol ransomware to recover their files without paying a ransom. Cybersecurity firm Emsisoft has released a free decryption tool to help Diavol ransomware victims recover their files without paying a ransom. In January, the FBI officially linked the Diavol ransomware operation to the infamous TrickBot […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Fintech firm Figure disclosed data breach after employee phishing attack

Data Breach / February 14, 2026

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

Breaking News / February 14, 2026

Suspected Russian hackers deploy CANFAIL malware against Ukraine

Hacking / February 14, 2026

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

Artificial Intelligence / February 13, 2026

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

Uncategorized / February 13, 2026