MUST READ

CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure

 | 

Internet censorship index reveals Russia’s lead and widespread content blocking

 | 

All supported cPanel versions hit by critical auth bug, now patched

 | 

U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog

 | 

ShinyHunters exploit Anodot incident to target Vimeo

 | 

CVE-2026-3854 GitHub flaw enables remote code execution

 | 

Signal Phishing Campaign Targets German Officials in Suspected Russian Operation

 | 

Microsoft fixes Entra ID flaw enabling privilege escalation

 | 

New Android spyware Morpheus linked to Italian surveillance firm

 | 

NCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort links

 | 

Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records

 | 

Chinese spy posed as researcher in spear-phishing campaign targeting NASA to steal defense software

 | 

LINKEDIN BROWSERGATE

 | 

Firefox bug CVE-2026-6770 enabled cross-site tracking and Tor fingerprinting

 | 

Fast16: Pre-Stuxnet malware that targeted precision engineering software

 | 

Italy moves to extradite Chinese national to the U.S. over hacking charges

 | 

U.S. utility giant Itron discloses a security breach

 | 

Critical CrowdStrike LogScale bug could have allowed file access, but no exploitation was observed

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 94

 | 

Trigona ransomware adopts custom tool to steal data and evade detection

 | 

Pierluigi Paganini

Pierluigi Paganini March 17, 2020
Ursnif campaign targets Italy with a new infection Chain

Malware researchers from Cybaze-Yoroi ZLab have uncovered a new Ursnif campaign that is targeting Italy with a new infection chain. Introduction Ursnif is one of the most and widespread common threats today delivered through malspam campaigns. It appeared on the threat landscape about 13 years ago and gained its popularity since 2014 when its source […]

Pierluigi Paganini March 17, 2020
The parabola of a prolific cyber-criminal known as Dton

Check Point researchers detailed the activity of a prolific cyber-criminal known as ‘Dton’ that earned at least $100,000 US from his operations. Over the past few months, experts at Check Point have monitored the activity of a prolific cyber-criminal known as ‘Dton’. The man is active at least since 2013 and already earned at least […]

Pierluigi Paganini March 17, 2020
Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Coronavirus-themed attacks continue to increase, experts observed new Coronavirus ransomware that acts as a cover for Kpot Infostealer. Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. In this campaign, crooks are exploiting the interest […]

Pierluigi Paganini March 16, 2020
Aerial Direct, the O2’s largest UK partner suffered a data breach

Hackers have stolen O2 customers’ data from a database run by Aerial Direct, one of the largest UK partners of the telecommunications services provider. Hackers have stolen the data of O2 customers from a database operated by Aerial Direct, which is O2’s largest direct business partner in the UK and has more than 130,000 customers. […]

Pierluigi Paganini March 16, 2020
Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates. Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates. The CVE-2020-0688 flaw resides in the Exchange Control Panel (ECP) component, the root cause of the problem is that Exchange servers […]

Pierluigi Paganini March 16, 2020
A cyberattack hits the US Department of Health and Human Services

While the Coronavirus is spreading in the U.S., a mysterious cyberattack hit the Department of Health and Human Services on Saturday. According to Bloomberg, that cited three people familiar with the matter, a cyberattack hit the U.S. Department of Health and Human Services on Saturday night. People cited by Bloomberg confirmed that the cyber attack […]

Pierluigi Paganini March 16, 2020
MonitorMinor, the outstanding stalkerware can track Gmail, WhatsApp, Instagram, and Facebook

Security experts spotted a new stalkerware, dubbed MonitorMinor, that can track Gmail, WhatsApp, Instagram, and Facebook user activity. Security experts from Kaspersky Lab spotted a new stalkerware, dubbed MonitorMinor (Monitor.AndroidOS.MonitorMinor.c), that can track Gmail, WhatsApp, Instagram, and Facebook user activity. Stalkerware is commercial monitoring software or spyware that is used for stalking, it is usually […]

Pierluigi Paganini March 16, 2020
Open Exchange Rates discloses a security breach

Last week, Open Exchange Rates disclosed a data breach that exposed the personal information and hashed passwords for customers of its API service. Last week, the currency data provider Open Exchange Rates has disclosed a data breach that exposed the personal information and salted and hashed passwords for customers of its API service. Open Exchange […]

Pierluigi Paganini March 15, 2020
Massive cyber attack hit the town hall of Marseille ahead local election

While the Coronavirus is spreading worldwide, a massive cyber attack hit the town hall of Marseille and the metropolis. Ahead of the 2020 municipal elections in Marseille that will take place on 15 and March 22, a ‘massive and widespread’ cyber attack hit the city of Marseille as well as the metropolis Aix-Marseille-Provence The 2020 municipal elections in […]

Pierluigi Paganini March 15, 2020
BlackWater, a malware that uses Cloudflare Workers for C2 Communication

Crooks continue to abuse the interest in Coronavirus outbreak, now experts found a new backdoor called BlackWater that pretends to provide information about COVID-19. Experts found a new backdoor malware called BlackWater that pretends to provide information about the COVID-19 outbreak while abusing Cloudflare Workers as an interface to the C2 server. Cloudflare Workers provide a serverless execution […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure

Hacking / April 29, 2026

Internet censorship index reveals Russia’s lead and widespread content blocking

Security / April 29, 2026

All supported cPanel versions hit by critical auth bug, now patched

Security / April 29, 2026

U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog

Security / April 29, 2026

ShinyHunters exploit Anodot incident to target Vimeo

Security / April 29, 2026