MUST READ

Fintech firm Figure disclosed data breach after employee phishing attack

 | 

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

 | 

Suspected Russian hackers deploy CANFAIL malware against Ukraine

 | 

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

 | 

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

 | 

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

 | 

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

 | 

Odido confirms massive breach; 6.2 Million customers impacted

 | 

ApolloMD data breach impacts 626,540 people

 | 

LummaStealer activity spikes post-law enforcement disruption

 | 

Apple fixed first actively exploited zero-day in 2026

 | 

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

 | 

Volvo Group hit in massive Conduent data breach

 | 

Reynolds ransomware uses BYOVD to disable security before encryption

 | 

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

 | 

U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

 | 

ZeroDayRAT spyware grants attackers total access to mobile devices

 | 

Senegal shuts National ID office after ransomware attack

 | 

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

 | 

Pierluigi Paganini

Pierluigi Paganini May 05, 2020
CAM4 adult cam site leaked 11B database records including emails, private chats

The popular adult live streaming website CAM4 exposed over 7TB of personally identifiable information (PII) of members and users. The popular adult live streaming website CAM4 exposed over 10.88 billion database records containing a total of 7TB of personally identifiable information (PII) of its members and users. The data leak is the result of the accidental exposure […]

Pierluigi Paganini May 05, 2020
GoDaddy discloses a data breach, web hosting account credentials exposed

GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. Headquartered in Scottsdale, Arizona, the Internet domain registrar and web hosting company claims to have over […]

Pierluigi Paganini May 05, 2020
Kaiji, a new Linux malware targets IoT devices in the wild

Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. Last week, the popular security researcher MalwareMustDie and the experts at Intezer Labs spotted a new piece of malware dubbed Kaiji, that is targeting IoT devices via SSH brute-force attacks. The malicious code was designed to target […]

Pierluigi Paganini May 04, 2020
Nation-state actors are targeting UK universities to steal info on COVID-19 research

The UK’s National Cyber Security Centre (NCSC) is warning of cyber attacks against UK universities and scientific institutes involved in COVID-19 research.  The UK’s National Cyber Security Centre (NCSC) warned of targeted attacks against UK universities and scientific facilities that are involved in the COVID-19 research.  The NCSC reported that nation-state actors are carrying out cyber […]

Pierluigi Paganini May 04, 2020
DHS CISA alert provides recommendations on securing Office 365 installs

The US DHS CISA agency issued a new alert that includes recommendations on how organizations should properly secure Microsoft Office 365 installs. The current COVID-19 pandemic is pushing organizations to adopt a growing number of cloud-based services, for this reason, the DHS CISA published a new alert that provides recommendations to secure Office 365 deployments. […]

Pierluigi Paganini May 04, 2020
Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. Experts warn of hacking campaign that is targeting organization using the Salt platform for the management of their infrastructure, the last victim is the Ghost blogging platform. The attackers […]

Pierluigi Paganini May 04, 2020
LineageOS servers hacked, attackers exploited unpatched Salt issues

On Saturday, at around 8 pm (US Pacific coast), hackers have breached the LineageOS servers by exploiting an unpatched vulnerability. On Saturday, at around 8 pm (US Pacific coast), hackers have breached the LineageOS servers by exploiting an unpatched vulnerability. LineageOS is a free and open-source operating system for smartphones, tablet computers, and set-top boxes, […]

Pierluigi Paganini May 03, 2020
India’s Jio Coronavirus symptom checker exposed test results

A security glitch in the self-test coronavirus symptom checker developed by India’s Jio cell network exposed test results. While Coronavirus was spreading worldwide, India’s largest cell network Jio, a subsidiary of Reliance, has developed a coronavirus self-test symptom checker, days before the Indian government imposed a local lockdown to prevent the outbreak. The app was […]

Pierluigi Paganini May 03, 2020
Cyber Threats Observatory Gets Improvements

Today I am so happy to announce a big improvement in the cyber threats observatory (available for here). The main improvement sees the introduction of clustering stereotypes for each tracked malware family in three different behaviors: Domains, Files and Processes. Every malware does specific actions on domains, files and processes realms by meaning that every sample contacts several domain names, spawns specific processes and […]

Pierluigi Paganini May 03, 2020
TOKOPEDIA e-commerce hacked, 91 Million accounts available on the darkweb

A hacker has leaked the details of 15 million users registered on Tokopedia, an Indonesian technology company specializing in e-commerce. Tokopedia is an Indonesian technology company specializing in e-commerce, it currently operates Indonesia’s largest online store. The company has over 4200 employees and accounts for over 90 million active users every month. The hacker claims to have […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Fintech firm Figure disclosed data breach after employee phishing attack

Data Breach / February 14, 2026

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

Breaking News / February 14, 2026

Suspected Russian hackers deploy CANFAIL malware against Ukraine

Hacking / February 14, 2026

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

Artificial Intelligence / February 13, 2026

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

Uncategorized / February 13, 2026