MUST READ

Red Hat GitLab breach exposes data of 21,000 Nissan customers

 | 

Critical n8n flaw could enable arbitrary code execution

 | 

Why Third-Party Access Remains the Weak Link in Supply Chain Security

 | 

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

 | 

Romanian Waters confirms cyberattack, critical water operations unaffected

 | 

Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.

 | 

Infy Returns: Iran-linked hacking group shows renewed activity

 | 

University of Sydney discloses a data breach impacting 27,000 people

 | 

Waymo suspends service after power outage hit San Francisco

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76

 | 

Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ATM Jackpotting ring busted: 54 indicted by DoJ

 | 

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

 | 

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

 | 

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

Pierluigi Paganini

Pierluigi Paganini October 22, 2018
Saudi Future Investment Initiative website defaced by the hackers

Hackers defaced Future Investment Initiative (FII) website for a Saudi investment summit just a day before the three-day conference begins. An unknown group of hackers has defaced the website of the Future Investment Initiative (FII) website, a Saudi investment summit, just a day before the three-day conference begins. Below the Tweet of Nahayat Tizhoosh (@NahayatT), a producer with […]

Pierluigi Paganini October 22, 2018
NATO military command center should be fully operational in 2023

The NATO military command center should be fully operational in 2023, every member states will contribute with its cyber capabilities to the military hub. The new NATO military command center should be fully operational in 2023, among its tasks the defense of the critical infrastructure of member states and the ability to carry out cyber attacks […]

Pierluigi Paganini October 22, 2018
FreeRTOS flaws expose millions of IoT devices to cyber attacks

Researchers found that one of the most popular Internet of Things real-time operating system, FreeRTOS, is affected by serious vulnerabilities. Researchers at Zimperium’s zLabs team have found that one of the most popular Internet of Things real-time operating system, FreeRTOS, is affected by serious vulnerabilities. The researcher Ori Karliner and his team analyzed some of the […]

Pierluigi Paganini October 22, 2018
Israel Defense Forces were searching systems to spy on private social media messages

The Israel Defense Forces has bid to obtain spying systems that will allow monitoring of the private messages of social media users. Monitoring of social media platforms is a crucial activity for intelligence agencies, almost any government is working to gather intelligence for these systems. According to the Haaretz, the Israel Defense Forces has bid to […]

Pierluigi Paganini October 22, 2018
MPlayer and VLC media player affected by critical flaw CVE-2018-4013

Cisco Talos expert discovered a code execution vulnerability (CVE-2018-4013) that has been identified in Live Networks LIVE555 streaming media RTSPServer. Lilith Wyatt, a security researcher at Cisco Talos, has discovered a critical remote code execution vulnerability  (CVE-2018-4013) in the LIVE555 media streaming library that is used by popular media players, including VLC and MPlayer. LIVE555 […]

Pierluigi Paganini October 21, 2018
Hackers breached into system that interacts with HealthCare.gov

Centers for Medicare and Medicaid Services announced hackers breached into a computer system that interacts with HealthCare.gov. Hackers breached into a computer system that interacts with HealthCare.gov, according to Centers for Medicare and Medicaid Services, attackers accessed to the sensitive personal data of some 75,000 people. After experts discovered the intrusion, the system was shut down and […]

Pierluigi Paganini October 21, 2018
Security Affairs newsletter Round 185 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·      Ex-NASA contractor pleaded guilty for cyberstalking crimes […]

Pierluigi Paganini October 21, 2018
WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security researchers from WizCase have discovered several vulnerabilities in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS. NAS devices have become the storage device of choice for many small and medium businesses (SMB). They are inexpensive, easy to operate, and you can add additional storage if you’re running low on space. But is it secure enough […]

Pierluigi Paganini October 20, 2018
Syrian victims of the GandCrab ransomware can decrypt their files for free

The developers of the GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. The authors of the infamous GandCrab ransomware have released the decryption keys for all Syrian victims in an underground cybercrime forum. The crooks decided to release the decryption keys after a Syrian Twitter user published a harrowing message asking […]

Pierluigi Paganini October 20, 2018
Thousands of applications affected by a zero-day issue in jQuery File Upload plugin

A security researcher discovered a zero-day vulnerability, tracked as CVE-2018-9206, that affects older versions of the jQuery File Upload plugin since 2010. Attackers can exploit the vulnerability to carry out several malicious activities, including defacement, exfiltration, and malware infection. The flaw was reported by the Akamai researcher Larry Cashdollar, he explained that many other packages that include […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Red Hat GitLab breach exposes data of 21,000 Nissan customers

Data Breach / December 23, 2025

Critical n8n flaw could enable arbitrary code execution

Hacking / December 23, 2025

Why Third-Party Access Remains the Weak Link in Supply Chain Security

Security / December 23, 2025

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

Security / December 23, 2025

Romanian Waters confirms cyberattack, critical water operations unaffected

Cyber Crime / December 22, 2025