MUST READ

Fintech firm Figure disclosed data breach after employee phishing attack

 | 

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

 | 

Suspected Russian hackers deploy CANFAIL malware against Ukraine

 | 

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

 | 

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

 | 

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

 | 

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

 | 

Odido confirms massive breach; 6.2 Million customers impacted

 | 

ApolloMD data breach impacts 626,540 people

 | 

LummaStealer activity spikes post-law enforcement disruption

 | 

Apple fixed first actively exploited zero-day in 2026

 | 

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

 | 

Volvo Group hit in massive Conduent data breach

 | 

Reynolds ransomware uses BYOVD to disable security before encryption

 | 

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

 | 

U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

 | 

ZeroDayRAT spyware grants attackers total access to mobile devices

 | 

Senegal shuts National ID office after ransomware attack

 | 

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

 | 

Pierluigi Paganini

Pierluigi Paganini February 22, 2020
Google removed nearly 600 apps from the Play Store for ad policy violation

Google announced to have removed nearly 600 Android apps in the official Play Store that were violating two ad-related policies. Google removed from the official Play Store nearly 600 Android apps that were violating two ad-related policies, it also banned the same apps from Google AdMob and Google Ad Manager. “As part of our ongoing […]

Pierluigi Paganini February 21, 2020
VMware addresses serious flaws in vRealize Operations for Horizon Adapter

VMware has addressed serious vulnerabilities in vRealize Operations for Horizon Adapter, including remote code execution and authentication bypass flaws. VMware vRealize Operations is a software product that provides operations management across physical, virtual and cloud environments, it supports environments based on vSphere, Hyper-V or Amazon Web Services. Horizon Adapter instances created on VMware vRealize Operations Manager […]

Pierluigi Paganini February 21, 2020
Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Exclusive: Pakistan and India to armaments. Researchers from Cybaze-Yoroi ZLab gathered intelligence on the return of Operation Transparent Tribe is back 4 years later Introduction The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. […]

Pierluigi Paganini February 21, 2020
DOD DISA US agency discloses a security breach

The Defense Information Systems Agency (DISA) US agency in charge of secure IT and communication for the White House has disclosed a data breach. The Defense Information Systems Agency (DISA), the DoD agency that is in charge of the security of IT and telecommunications for the White House and military troops has suffered a cyber […]

Pierluigi Paganini February 21, 2020
Dragos Report: Analysis of ICS flaws disclosed in 2019

More than 400 flaws affecting industrial control systems (ICS) were disclosed in 2019, more than 100 were zero-day vulnerabilities. According to a report published by Dragos, the experts analyzed 438 ICS vulnerabilities that were reported in 212 security advisories, 26% of advisories is related to zero-day flaws. The experts determined 116 unique types of flaws, […]

Pierluigi Paganini February 20, 2020
Croatia’s largest petrol station chain INA group hit by ransomware attack

Some operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain were disrupted by a cyber attack. A ransomware attack has disrupted operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain. INA, d.d. is a stock company with the Hungarian MOL Group and the Croatian Government as its biggest shareholders, […]

Pierluigi Paganini February 20, 2020
Adobe released out-of-band updates for After Effects and Media Encoder apps

Adobe released out-of-band security updates for After Effects and Media Encoder applications that address two new critical vulnerabilities. Adobe released out-of-band security updates for After Effects and Media Encoder applications that fix two new critical vulnerabilities (CVE-2020-3765, CVE-2020-3764). Adobe After Effects is a digital visual effects, motion graphics, and compositing application developed and used in […]

Pierluigi Paganini February 20, 2020
Personal details of 10.6M MGM Resorts guests leaked online

The personal information of 10.6 million guests who stayed at MGM Resorts hotels was stolen by hackers this summer and posted a hacking forum this week. ZDNet revealed in exclusive that the personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week. […]

Pierluigi Paganini February 20, 2020
Hackers are actively exploiting a Zero-Day in WordPress ThemeREX Plugin to create Admin Accounts

A new flaw was discovered in a WordPress plugin, this time experts found a zero-day vulnerability in the ThemeREX Addons to create admin accounts. Security experts from WordFence have discovered a zero-day vulnerability in the ThemeREX Addons that was actively exploited by hackers in the wild to create user accounts with admin permissions. According to […]

Pierluigi Paganini February 19, 2020
DRBControl cyber-espionage group targets gambling, betting companies

The DRBControl APT group has been targeting gambling and betting companies worldwide with malware that links to two China-linked APT groups. Security researchers from TrendMicro have uncovered a cyber espionage campaign carried out by an APT group tracked as DRBControl that employed a new family of malware. The attackers aimed at stealing databases and source […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Fintech firm Figure disclosed data breach after employee phishing attack

Data Breach / February 14, 2026

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

Breaking News / February 14, 2026

Suspected Russian hackers deploy CANFAIL malware against Ukraine

Hacking / February 14, 2026

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

Artificial Intelligence / February 13, 2026

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

Uncategorized / February 13, 2026