MUST READ

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

 | 

SonicWall warns of actively exploited flaw in SMA 100 AMC

 | 

GNV ferry Fantastic under cyberattack probe amid remote hijack fears

 | 

Askul data breach exposed over 700,000 records after ransomware attack

 | 

Russian state hackers targeted Western critical infrastructure for years, Amazon says

 | 

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

 | 

A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations

 | 

Hackers are exploiting critical Fortinet flaws days after patch release

 | 

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

 | 

French Interior Minister says hackers breached its email servers

 | 

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

 | 

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

 | 

CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use

 | 

Pierluigi Paganini

Pierluigi Paganini May 09, 2019
Information Services Giant Wolters Kluwer hit by ransomware attack

Global information services company Wolters Kluwer took offline has taken offline many of its applications and platforms in response to a ransomware attack. Another ransomware attack made hit a big company, this time the victim is the Global information services giant Wolters Kluwer that took offline some of the affected systems after the incident. Wolters […]

Pierluigi Paganini May 09, 2019
Vulnerability in UC Browser Apps exposes to phishing attacks

Security researcher discovered a browser address bar spoofing flaw that affects popular Chinese UC Browser and UC Browser Mini apps for Android. Security researcher and bug hunter Arif Khan has discovered a browser address bar spoofing vulnerability that affects popular Chinese UC Browser and UC Browser Mini apps for Android. The vulnerability affects latest version of the UC Browser 12.11.2.1184  and UC Browser Mini […]

Pierluigi Paganini May 09, 2019
Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware

Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper. SANS expert Renato Marinho uncovered an ongoing malicious campaign that is targeting vulnerable Apache Jenkins installs to deliver a Monero cryptominer dubbed Kerberods. According to the SANS Institute’s Internet Storm Center, attackers are exploiting the […]

Pierluigi Paganini May 08, 2019
Google May 2019 Patches address 4 RCE flaws in Android

Android May 2019 Patches address critical vulnerabilities in the Google operating system, including 4 remote code execution flaws. Google released May 2019 patches address 8 critical flaws in Google operating system, including 4 remote code execution vulnerabilities.  Google is not aware of attacks in the wild exploiting these flaws. According to the advisory released by […]

Pierluigi Paganini May 08, 2019
Yomi Hunter Joined the VirusTotal Sandbox Program!

We are pleased to announce that Yomi the Malware Hunter has successfully completed the on-boarding in the VirusTotal MultiSandbox Program! Official VirusTotal Announce: https://blog.virustotal.com/2019/05/virustotal-multisandbox-yoroi-yomi.html Yoroi can now contribute to the fight against malware threats sharing its analysis with Chronicle Security, the Alphabet’s subsidiary author of the notorious VirusTotal Threat Intelligence platform: one of the most widely used community platforms all around the […]

Pierluigi Paganini May 08, 2019
International Police operation seized DeepDotWeb and arrested its administrators

Police seized the DeepDotWeb website and arrested its operators for their business in facilitating the access to darkweb marketplaces and vendors. DeepDotWeb was a website for facilitating access to dark web sites and marketplaces. The site was seized and the arrests were made as part of an international operation involving the FBI, Europol, and Federal […]

Pierluigi Paganini May 08, 2019
Most of the servers at City of Baltimore shut down after ransomware attack

For the second time in a year, systems of the city of Baltimore has been hit by a ransomware attack, forcing officials to shut down a majority of them. The city of Baltimore shut down most of its servers in response to a ransomware attack that hit its network. Baltimore Mayor Bernard C. Jack Young […]

Pierluigi Paganini May 08, 2019
Hackers Steal $41 Million worth of Bitcoin from Binance Exchange

Hackers steal $41 Million worth of Bitcoin from Binance, one of the world’s largest cryptocurrency exchange The hack of another cryptocurrency exchange made the headlines, hackers steal $41 Million worth of Bitcoin (over 7,000 bitcoins) from Binance. Binance is one of the world’s largest cryptocurrency exchanges, its founder and CEO Changpeng Zhao confirmed that the […]

Pierluigi Paganini May 08, 2019
LulZSec and Anonymous Ita hackers published sensitive data from 30,000 Roman lawyers

A group of hackers has stolen and published online sensitive data of 30,000 Roman lawyers, including the Mayor of Rome. The announcement was made on Twitter by Lulzsec and Anonymous Ita. The story is very simple, LulZSec, the collective of hackers recently hit the Italian Ministry of the Environment, has collected a huge amount of […]

Pierluigi Paganini May 08, 2019
Cisco addresses a critical flaw in Elastic Services Controller

Cisco released security updates to address a critical vulnerability in its virtualized function automation tool Elastic Services Controller (ESC). Cisco has released security updates to address a critical vulnerability affecting its virtualized function automation tool, Cisco Elastic Services Controller (ESC). The flaw could be exploited by a remote attacker could be exploited by an unauthenticated, […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

Cyber Crime / December 19, 2025

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

Security / December 19, 2025

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

APT / December 19, 2025

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

Security / December 18, 2025

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

Cyber Crime / December 18, 2025