MUST READ

FBI probing intrusion into a system managing sensitive surveillance information

 | 

Iran-linked hackers target IP cameras across Israel and Gulf states for military intelligence

 | 

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

 | 

Cisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flaws

 | 

Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer

 | 

Iran-nexus APT Dust Specter targets Iraq officials with new malware

 | 

U.S. CISA adds Apple, Rockwell, and Hikvision  flaws to its Known Exploited Vulnerabilities catalog

 | 

Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow

 | 

Phobos Ransomware admin faces up to 20 years after guilty plea

 | 

Russian APT targets Ukraine with BadPaw and MeowMeow malware

 | 

Operation Leak: FBI and Europol dismantle LeakBase Cybercrime forum

 | 

Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1

 | 

Cisco fixes maximum-severity Secure FMC bugs threatening firewall security

 | 

Automate or orchestrate? Implementing a streamlined remediation program to shorten MTTR

 | 

LastPass warns of spoofed alerts aimed at stealing master passwords

 | 

From phishing to Google Drive C2: Silver Dragon expands APT41 playbook

 | 

U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog

 | 

Data breach at University of Hawaiʻi Cancer Center impacts 1.2 Million individuals

 | 

Facebook is experiencing a global outage

 | 

Ariomex, Iran-based crypto exchange, suffers data leak

 | 

Pierluigi Paganini

Pierluigi Paganini November 28, 2021
0patch releases unofficial patches for CVE-2021-24084 Windows 10 zero-day

0patch released free unofficial patches for Windows local privilege escalation zero-day (CVE-2021-24084) in Windows 10, version 1809 and later. 0patch released free unofficial patches for Windows local privilege escalation zero-day (CVE-2021-24084) in Windows 10, version 1809 and later. The issue doesn’t impact Windows Servers because the vulnerable functionality in not implemented in these OSs. The […]

Pierluigi Paganini November 28, 2021
Security Affairs newsletter Round 342

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Italy’s Antitrust Agency fines Apple and Google for aggressive practices of data acquisition HAEICHI-II: […]

Pierluigi Paganini November 27, 2021
Italy’s Antitrust Agency fines Apple and Google for aggressive practices of data acquisition

Italy’s antitrust regulator, Autorità Garante della Concorrenza e del Mercato (AGCM), has fined Apple and Google €10 million each their “aggressive” data practices. Italy’s antitrust regulator, Autorità Garante della Concorrenza e del Mercato (AGCM), has fined Apple and Google €10 million each their “aggressive” data practices and the lack of transparency on the use of […]

Pierluigi Paganini November 27, 2021
HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. Interpol has coordinated an international operation, code-named Operation HAEICHI-II, that led to the arrest of 1,003 individuals linked to various cyber-crimes such as romance scams, investment frauds, online money laundering, and illegal online gambling. The INTERPOL published […]

Pierluigi Paganini November 27, 2021
IKEA hit by a cyber attack that uses stolen internal reply-chain emails

Threat actors are targeting IKEA employees in an internal phishing campaign leveraging stolen reply-chain emails. According to BleepingComputer, threat actors are targeting IKEA employees in phishing attacks using stolen reply-chain emails. Once compromised the mail servers, threat actors use the access to reply to the company’s internal emails in reply-chain attacks. Sending the messages from […]

Pierluigi Paganini November 26, 2021
Marine services provider Swire Pacific Offshore (SPO) hit by Clop ransomware

Marine services provider Swire Pacific Offshore (SPO) has suffered a Clop ransomware attack that resulted in the theft of company data. Clop ransomware hit Marine services provider Swire Pacific Offshore (SPO) and stole company data, but did not affected global operations. “Swire Pacific Offshore (SPO) has discovered that it was the target of a cyberattack […]

Pierluigi Paganini November 26, 2021
Threat actors target crypto and NFT communities with Babadeda crypter

Morphisec researchers spread cryptocurrency malware dubbed Babadeda in attacks aimed at crypto and NFT communities. Morphisec researchers spotted a new crypto-malware strain, tracked as Babadeda, targeting cryptocurrency, non-fungible token (NFT), and DeFi passionates through Discord channels. Threat actors are attempting to exploit the booming market for NFTs and crypto games. Babadeda is able to bypass antivirus solutions. […]

Pierluigi Paganini November 26, 2021
APT C-23 group targets Middle East with an enhanced Android spyware variant

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e. AndroidUpdate,, Telegram). The […]

Pierluigi Paganini November 25, 2021
New Linux CronRAT hides in cron jobs to evade detection in Magecart attacks

Security researchers discovered a new Linux RAT, tracked as CronRAT, that hides in scheduled cron jobs to avoid detection. Security researchers from Sansec have discovered a new Linux remote access trojan (RAT), tracked as CronRAT, that hides in the Linux task scheduling system (cron) on February 31st. Threat actors hides the malware in the task names, […]

Pierluigi Paganini November 25, 2021
Iranian threat actors exploit MS MSHTML bug to steal Google and Instagram credentials

An Iranian threat actor is stealing Google and Instagram credentials of Farsi-speaking targets by exploiting a Microsoft MSHTML bug. Researchers from SafeBreach Labs have identified a new Iranian threat actor that is exploiting a Microsoft MSHTML Remote Code Execution (RCE) vulnerability in attacks targeting Farsi-speaking victims. The exploit is used to install a PowerShell stealer, […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

FBI probing intrusion into a system managing sensitive surveillance information

Hacking / March 07, 2026

Iran-linked hackers target IP cameras across Israel and Gulf states for military intelligence

Cyber warfare / March 07, 2026

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

APT / March 06, 2026

Cisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flaws

Security / March 06, 2026

Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer

Malware / March 06, 2026