MUST READ

Fintech firm Figure disclosed data breach after employee phishing attack

 | 

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

 | 

Suspected Russian hackers deploy CANFAIL malware against Ukraine

 | 

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

 | 

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

 | 

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

 | 

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

 | 

Odido confirms massive breach; 6.2 Million customers impacted

 | 

ApolloMD data breach impacts 626,540 people

 | 

LummaStealer activity spikes post-law enforcement disruption

 | 

Apple fixed first actively exploited zero-day in 2026

 | 

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

 | 

Volvo Group hit in massive Conduent data breach

 | 

Reynolds ransomware uses BYOVD to disable security before encryption

 | 

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

 | 

U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

 | 

ZeroDayRAT spyware grants attackers total access to mobile devices

 | 

Senegal shuts National ID office after ransomware attack

 | 

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

 | 

Pierluigi Paganini

Pierluigi Paganini April 27, 2020
Group-IB helps to detain operators of scam-service issuing fake passes to move around Moscow amid COVID-19 virus lockdown

Group-IB helped Russian Police in detaining the operators of a fraudulent online service, selling fake digital passes to move around Moscow amid COVID-19 lockdown. Group-IB, an international cybersecurity company, and the Moscow Department of Information Technology have helped Moscow police in identifying and detaining the operators of a fraudulent online service, selling fake digital passes […]

Pierluigi Paganini April 27, 2020
Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

The Israeli authorities are alerting organizations in the water industry following a series of cyberattacks that hit water facilities in the country. The Israeli government has issued an alert to organizations in the water sector following a series of cyberattacks that targeted the water facilities. Israel’s National Cyber Directorate announced to have received reports of […]

Pierluigi Paganini April 27, 2020
Hacking Microsoft Teams accounts with a GIF image

Experts discovered how to take over Microsoft Teams accounts by just sending recipients a regular GIF, it works for both desktop and web Teams versions. Microsoft has addressed a vulnerability in Teams workplace video chat and collaboration platform that could have allowed attackers to take Team accounts by sending participants a malicious link to an […]

Pierluigi Paganini April 27, 2020
Previously undetected VictoryGate Botnet already infected 35,000 devices

Experts managed to sinkhole several C2 servers of the VictoryGate botnet that already infected over 35,000 devices and propagates via infected USB devices. The VictoryGate botnet is active since at least May 2019, the botnet is more active in Latin America the most. More than 90% of the infected devices are located in Peru. Experts from […]

Pierluigi Paganini April 26, 2020
Hackers exploit SQL injection zero-day issue in Sophos firewall

Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild. Cybersecurity firm Sophos has released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild. Sophos was informed […]

Pierluigi Paganini April 26, 2020
Security Affairs newsletter Round 261

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Are Maze operators behind the attack on the IT services giant Cognizant? Coronavirus-themed attacks April 12 – April 18, 2020 Cyberattack reports quadrupled […]

Pierluigi Paganini April 25, 2020
Bad actor sells Huiying Medical Technology’s source code for AI-assisted COVID-19 detection

Experts from Cyble identified a threat actor attempting to sell Huiying Medical Technology’s source code for AI-assisted COVID-19 detection and experimental data. Researchers from the data breach notification firm Cyble have identified a credible bad actor that goes online with moniker ‘THE0TIME’ claiming to have gained access to Huiying Medical Technology’s COVID-19 detection’s technology. “As part of […]

Pierluigi Paganini April 25, 2020
Facebook vs NSO Group lawsuit: 1,400+ users were targeted with Pegasus spyware

The legal dispute between Facebook and NSO group continues even after the Israeli surveillance firm filed a motion to dismiss the case earlier this month. Facebook advocates have challenged a plea from spyware maker NSO Group to dismiss the legal dispute over the hacking accusations, arguing it has immunity from prosecution. Now both companies are […]

Pierluigi Paganini April 25, 2020
Experts found Symlink race issues in 28 antivirus products

Security experts from RACK911 Labs discovered “symlink race” vulnerabilities in 28 of the most popular antivirus products. Security researchers from RACK911 Labs disclose the discovery of “symlink race” issues in 28 of the most popular antivirus products. The flaws affect 28 products running on major OSs, including Linux, Mac, and Windows. “A symlink race is a kind […]

Pierluigi Paganini April 24, 2020
Nintendo confirms that hackers might have hijacked 160,000 user accounts

Nintendo has disconnected the NNID legacy login system from main Nintendo profiles after it has discovered a massive account hijacking campaign. The gaming giant Nintendo announced that hackers gained accessed at least 160,000 user accounts as part of an account hijacking campaign since early April. The company launched an investigation after it has received several […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Fintech firm Figure disclosed data breach after employee phishing attack

Data Breach / February 14, 2026

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

Breaking News / February 14, 2026

Suspected Russian hackers deploy CANFAIL malware against Ukraine

Hacking / February 14, 2026

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

Artificial Intelligence / February 13, 2026

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

Uncategorized / February 13, 2026