MUST READ

Fintech firm Figure disclosed data breach after employee phishing attack

 | 

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

 | 

Suspected Russian hackers deploy CANFAIL malware against Ukraine

 | 

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

 | 

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

 | 

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

 | 

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

 | 

Odido confirms massive breach; 6.2 Million customers impacted

 | 

ApolloMD data breach impacts 626,540 people

 | 

LummaStealer activity spikes post-law enforcement disruption

 | 

Apple fixed first actively exploited zero-day in 2026

 | 

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

 | 

Volvo Group hit in massive Conduent data breach

 | 

Reynolds ransomware uses BYOVD to disable security before encryption

 | 

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

 | 

U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

 | 

ZeroDayRAT spyware grants attackers total access to mobile devices

 | 

Senegal shuts National ID office after ransomware attack

 | 

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

 | 

Pierluigi Paganini

Pierluigi Paganini June 14, 2020
Coronavirus-themed attacks May 31 – June 13, 2020

This post includes the details of the Coronavirus-themed attacks launched from May 31 to June 13, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected between May 31 and June 13, 2020. June 4, 2020 […]

Pierluigi Paganini June 14, 2020
Security Affairs newsletter Round 268

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. British Army launches a new Cyber Regiment Covid-19 Themed attacks Infographic Indian video on demand giant ZEE5 has been hacked A flaw in India Digilocker couldve been exploited to bypass […]

Pierluigi Paganini June 13, 2020
Lamphone: spying on conversations by watching a light bulb in the room

Lamphone – Researchers demonstrated how to spy on secret conversations in a room from a nearby remote location just by measuring the amount of light emitted by a light bulb. A team of academics from Israeli Ben-Gurion University of the Negev and the Weizmann Institute of Science demonstrated how to spy on secret conversations in […]

Pierluigi Paganini June 13, 2020
D-Link releases a security firmware update that only fixes 3 out 6 issues in DIR-865L home routers

D-Link has released a firmware update to address three security flaws impacting the DIR-865L home router model, but left some issue unpatched D-Link has recently released a firmware update to address three out of six security flaws impacting the DIR-865L wireless home router. Below the list of vulnerabilities affecting the D-Link home routers: CVE-2020-13782: Improper […]

Pierluigi Paganini June 13, 2020
COVID-19 themed attacks increase in Brazil, India, and UK

Threat actors continue to use COVID-19 lures, Google is reporting an increase in Coronavirus-themed phishing attempts in Brazil, India, and the UK. While Coronavirus spreads on a global scale, threat actors continues to use COVID-19 lures, in April Google announced that the Gmail malware scanners have blocked around 18 million phishing and malware emails using […]

Pierluigi Paganini June 12, 2020
Austria’s largest ISP A1 Telekom discloses security breach

A1 Telekom, the leading fixed and mobile network operator in Austria, has admitted to have suffered a security breach, following the revelation of a whistleblower. A1 Telekom Austria is the leading fixed and mobile network operator in Austria, with 5.4 million mobile and 2.3 million fixed-line customers. The company has admitted having suffered a security […]

Pierluigi Paganini June 11, 2020
Microsoft discovers cryptomining campaign targeting Kubeflow tool for Kubernetes clusters

Microsoft’s Azure Security Center (ASC) is warning of a hacking campaign that targets Kubeflow, a machine learning toolkit for Kubernetes. Hackers are targeting Kubeflow servers with administration panel exposed online, Microsoft warns. The tech giant has released a report today detailing a novel series of attacks against Kubeflow, a toolkit for deploying machine learning (ML) […]

Pierluigi Paganini June 11, 2020
Cisco discloses technical details for Firefox code execution flaw

Cisco Talos experts released technical details on a recently addressed vulnerability in Firefox that could be exploited for code execution. Security experts from Cisco Talos have released technical details on a recently addressed vulnerability in Firefox, tracked as CVE-2020-12405, that could be exploited by attackers for remote code execution. The issue is a use-after-free in SharedWorkerService […]

Pierluigi Paganini June 11, 2020
SMBleed could allow a remote attacker to leak kernel memory

Microsoft addressed a Server Message Block (SMB) protocol issue, named SMBleed, that could allow an attacker to leak kernel memory remotely, without authentication. Recently released Microsoft June 2020 Patch Tuesday updates also address a vulnerability in the Server Message Block (SMB) protocol dubbed SMBleed (CVE-2020-1206) that could allow an attacker to leak kernel memory remotely, without […]

Pierluigi Paganini June 10, 2020
A high-severity flaw affects VMware Workstation, Fusion and vSphere products.

VMware has addressed a high-severity information disclosure vulnerability affecting its Workstation, Fusion and vSphere virtualization products. VMware has addressed a high-severity information disclosure vulnerability, tracked as CVE-2020-3960, that affects its Workstation, Fusion and vSphere virtualization products. The CVE-2020-3960 flaw was discovered by Cfir Cohen, a researcher from Google’s cloud security team. ESXi, Workstation and Fusion […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Fintech firm Figure disclosed data breach after employee phishing attack

Data Breach / February 14, 2026

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

Breaking News / February 14, 2026

Suspected Russian hackers deploy CANFAIL malware against Ukraine

Hacking / February 14, 2026

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

Artificial Intelligence / February 13, 2026

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

Uncategorized / February 13, 2026