MUST READ

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

 | 

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

 | 

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

 | 

SonicWall warns of actively exploited flaw in SMA 100 AMC

 | 

GNV ferry Fantastic under cyberattack probe amid remote hijack fears

 | 

Askul data breach exposed over 700,000 records after ransomware attack

 | 

Russian state hackers targeted Western critical infrastructure for years, Amazon says

 | 

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

 | 

A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations

 | 

Hackers are exploiting critical Fortinet flaws days after patch release

 | 

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

 | 

French Interior Minister says hackers breached its email servers

 | 

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

 | 

Security Affairs

Pierluigi Paganini March 16, 2020
Aerial Direct, the O2’s largest UK partner suffered a data breach

Hackers have stolen O2 customers’ data from a database run by Aerial Direct, one of the largest UK partners of the telecommunications services provider. Hackers have stolen the data of O2 customers from a database operated by Aerial Direct, which is O2’s largest direct business partner in the UK and has more than 130,000 customers. […]

Pierluigi Paganini March 16, 2020
Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates. Organizations are delaying in patching Microsoft Exchange Server flaw (CVE-2020-0688) that Microsoft fixed with February 2020 Patch Day updates. The CVE-2020-0688 flaw resides in the Exchange Control Panel (ECP) component, the root cause of the problem is that Exchange servers […]

Pierluigi Paganini March 16, 2020
MonitorMinor, the outstanding stalkerware can track Gmail, WhatsApp, Instagram, and Facebook

Security experts spotted a new stalkerware, dubbed MonitorMinor, that can track Gmail, WhatsApp, Instagram, and Facebook user activity. Security experts from Kaspersky Lab spotted a new stalkerware, dubbed MonitorMinor (Monitor.AndroidOS.MonitorMinor.c), that can track Gmail, WhatsApp, Instagram, and Facebook user activity. Stalkerware is commercial monitoring software or spyware that is used for stalking, it is usually […]

Pierluigi Paganini March 16, 2020
Open Exchange Rates discloses a security breach

Last week, Open Exchange Rates disclosed a data breach that exposed the personal information and hashed passwords for customers of its API service. Last week, the currency data provider Open Exchange Rates has disclosed a data breach that exposed the personal information and salted and hashed passwords for customers of its API service. Open Exchange […]

Pierluigi Paganini March 15, 2020
Noooo, now Ancient Tortoise BEC scammers are launching Coronavirus-Themed attacks

A cybercrime gang focused on Business Email Compromise (BEC) has started using coronavirus-themed scam emails in its attacks. While the Coronavirus is spreading worldwide cybercriminals and nation-state actors are launching COVID19-themed attacks on a global scale. Most of the attacks aimed at spreading malware to control victims’ computers and stealing sensitive data, but now a […]

Pierluigi Paganini March 15, 2020
Massive cyber attack hit the town hall of Marseille ahead local election

While the Coronavirus is spreading worldwide, a massive cyber attack hit the town hall of Marseille and the metropolis. Ahead of the 2020 municipal elections in Marseille that will take place on 15 and March 22, a ‘massive and widespread’ cyber attack hit the city of Marseille as well as the metropolis Aix-Marseille-Provence The 2020 municipal elections in […]

Pierluigi Paganini March 15, 2020
BlackWater, a malware that uses Cloudflare Workers for C2 Communication

Crooks continue to abuse the interest in Coronavirus outbreak, now experts found a new backdoor called BlackWater that pretends to provide information about COVID-19. Experts found a new backdoor malware called BlackWater that pretends to provide information about the COVID-19 outbreak while abusing Cloudflare Workers as an interface to the C2 server. Cloudflare Workers provide a serverless execution […]

Pierluigi Paganini March 14, 2020
Slack bugs allowed take over victims’ accounts

Slack addressed a critical flaw within 24 hours from its disclosure, the issue allowed attackers to carry out automate account takeover. The researcher Evan Custodio discovered a critical vulnerability in Slack that could have allowed attackers to launch automate account takeover. Slack addressed the vulnerability within 24 hours it was reported by the researcher, the […]

Pierluigi Paganini March 14, 2020
One of the major COVID-19 testing laboratories in Czech hit by cyberattack

A cyber attack hit one of the major COVID-19 testing laboratories in Czech, the Brno University Hospital in the city of Brno. While the Coronavirus (COVID-19) is spreading on a global scale, crooks and nation-state actors are launching Coronavirus-themed attacks against targets worldwide. The healthcare systems of any country are under pressure, for this reason, […]

Pierluigi Paganini March 13, 2020
European police arrested tens of members of two SIM Hijacking Gangs

European authorities dismantled two cybercrime organizations responsible for stealing millions through SIM hijacking. European authorities managed to dismantle the operations of two cybercrime gangs responsible for stealing millions through SIM hijacking. In SIM hijacking attacks (aka SIM swapping attacks) crooks are able to port the phone number of the victims to a new SIM card […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

Hacking / December 20, 2025

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

Hacking / December 20, 2025

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

Cyber Crime / December 19, 2025

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

Security / December 19, 2025

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

APT / December 19, 2025