MUST READ

Iran-linked group Handala hacked FBI Director Kash Patel’s personal email account

 | 

U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog

 | 

The European Commission confirmed a cyberattack affecting part of its cloud systems

 | 

New AITM phishing wave hijacks TikTok Business accounts

 | 

CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw

 | 

U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog

 | 

China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks

 | 

U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog

 | 

Coruna exploit reveals evolution of Triangulation iOS exploitation framework

 | 

Researchers uncover WebRTC skimmer bypassing traditional defenses

 | 

Russian authorities arrest alleged LeakBase admin behind stolen data marketplace

 | 

Russian national convicted for running botnet used in attacks on U.S. firms

 | 

Patch now: TP-Link Archer NX routers vulnerable to firmware takeover

 | 

Recent Navia data breach impacts HackerOne employee data

 | 

FCC targets foreign router imports amid rising cybersecurity concerns

 | 

Cybercrime group Lapsus$ claims the hack of pharma giant AstraZeneca

 | 

Malicious LiteLLM versions linked to TeamPCP supply chain attack

 | 

Data breach at Dutch Ministry of Finance impacts staff following cyberattack

 | 

QualDerm Partners December 2025 data breach impacts over 3 Million people

 | 

Citrix NetScaler critical flaw could leak data, update now

 | 

RondoDox botnet

Pierluigi Paganini March 17, 2026
RondoDox botnet expands arsenal targeting 174 flaws, and hits 15,000 daily exploit attempts

RondoDox botnet targets 174 flaws, reaching 15,000 daily exploit attempts in a more focused and strategic campaign. RondoDox botnet is ramping up attacks, targeting 174 vulnerabilities with up to 15,000 daily exploitation attempts in a more focused and strategic campaign, Bitsight reported. “We gathered all these exploit attempts (identifiable by indicators like the User-Agent and […]

Pierluigi Paganini November 17, 2025
RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025

RondoDox botnet exploits unpatched XWiki flaw CVE-2025-24893 to gain RCE and infect more servers, despite fixes released in February 2025. RondoDox is targeting unpatched XWiki servers via critical RCE flaw CVE-2025-24893 (CVSS score of 9.8), pulling more devices into its botnet despite patches released in Feb 2025. The XWiki Platform is a generic wiki framework […]

Pierluigi Paganini October 10, 2025
RondoDox Botnet targets 56 flaws across 30+ device types worldwide

RondoDox botnet exploits 56 known flaws in over 30 device types, including DVRs, CCTV systems, and servers, active globally since June. Trend Micro researchers reported that the RondoDox botnet exploits 56 known flaws in over 30 device types, including DVRs, NVRs, CCTV systems, and web servers, active globally since June. Experts noted that the latest […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Iran-linked group Handala hacked FBI Director Kash Patel’s personal email account

Intelligence / March 28, 2026

U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog

Uncategorized / March 28, 2026

The European Commission confirmed a cyberattack affecting part of its cloud systems

Data Breach / March 27, 2026

New AITM phishing wave hijacks TikTok Business accounts

Security / March 27, 2026

CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw

Security / March 27, 2026