MUST READ

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

Security News

Pierluigi Paganini September 29, 2021
Experts observed for the first time FinFisher infections involving usage of a UEFI bootkit

Experts spotted a new variant of the FinFisher surveillance spyware that is able to hijack and replace the Windows UEFI bootloader to infect Windows machines. Malware researchers at Kaspersky have spotted a new improvement of the infamous commercial FinSpy surveillance spyware (also known as Wingbird), it can now hijack and replace the Windows UEFI (Unified […]

Pierluigi Paganini September 28, 2021
Trend Micro fixes a critical flaw in ServerProtec Solution, patch it now!

Trend Micro has addressed a critical authentication bypass vulnerability, tracked as CVE-2021-36745, affecting the ServerProtect solution. Trend Micro has released security patches to address a critical authentication bypass vulnerability, tracked as CVE-2021-36745, that affects the Trend Micro ServerProtect product. Trend Micro Server Protect offers comprehensive real-time protection for enterprise infrastructure, preventing them from being targeted by viruses, […]

Pierluigi Paganini September 28, 2021
A complete PoC exploit for CVE-2021-22005 in VMware vCenter is available online

An exploit for the recently disclosed CVE-2021-22005 vulnerability in VMware vCenter was publicly released, threat actors are already using it. A working exploit for the CVE-2021-22005 vulnerability in VMware vCenter is publicly available, and attackers are already attempting to use it in the wild. VMware recently addressed the critical arbitrary file upload vulnerability CVE-2021-22005, it […]

Pierluigi Paganini September 28, 2021
Russia-linked Nobelium APT group uses custom backdoor to target Windows domains

Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. Microsoft Threat Intelligence Center (MSTIC) researchers have discovered a new custom malware, dubbed FoggyWeb used by the Nobelium APT group to deploy additional payloads and steal sensitive info from Active Directory Federation Services (AD FS) servers. […]

Pierluigi Paganini September 28, 2021
ERMAC, a new banking Trojan that borrows the code from Cerberus malware

ERMAC is a new Android banking Trojan that can steal financial data from 378 banking and wallet apps. Researchers from Threatfabric found in July a new Android banking trojan dubbed ERMAC that is almost fully based on the popular banking trojan Cerberus. The source code of Cerberus was released in September 2020 on underground hacking […]

Pierluigi Paganini September 28, 2021
New BloodyStealer malware is targeting the gaming sector

Researchers spotted a new malware, dubbed BloodyStealer, that could allow stealing accounts for multiple gaming platforms. Researchers from Kaspersky have spotted a new malware dubbed BloodyStealer that is being used by threat actors to steal accounts for multiple gaming platforms, including Steam, Epic Games Store, GOG Galaxy, EA Origin, and more. The infostealer is available […]

Pierluigi Paganini September 27, 2021
Expert found RCE flaw in Visual Studio Code Remote Development Extension

Researchers from the Italian cybersecurity firm Shielder found a remote code execution vulnerability in Visual Studio Code Remote Development Extension. Visual Studio Code Remote Development allows users to adopt a container, remote machine, or the Windows Subsystem for Linux (WSL) as a full-featured development environment. Users can: Develop on the same operating system you deploy to or use […]

Pierluigi Paganini September 27, 2021
Jupyter infostealer continues to evolve and is distributed via MSI installers

Cybersecurity researchers spotted a new version of the Jupyter infostealer which is distributed via MSI installers. Cybersecurity researchers from Morphisec have spotted a new version of the Jupyter infostealer that continues to be highly evasive. In November 2020, researchers at Morphisec have spotted Russian-speaking threat actors that have been using a piece of .NET infostealer, […]

Pierluigi Paganini September 27, 2021
Telegram is becoming the paradise of cyber criminals

Telegram is becoming an essential platform for cybercriminal activities, crooks use it but and sell any kind of stolen data and hacking tools. Many experts believe that the popular Telegram app is an efficient alternative to dark web marketplaces, its channels are used by hacking communities and cybercriminals to buy and sell stolen data, accesses […]

Pierluigi Paganini September 27, 2021
German Federal Office for Information Security (BSI) investigates Chinese mobile phones

German Federal Office for Information Security is launching an investigation into the cybersecurity of certain Chinese mobile phones. German Federal Office for Information Security (BSI) is launching an investigation into the cybersecurity of mobile phones of certain Chinese manufacturers. The investigation was requested by both the SPD politician Jens Zimmermann and the CDU digital politician […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Malware / September 26, 2025

Hackers exploit Fortra GoAnywhere flaw before public alert

Hacking / September 26, 2025

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Hacking / September 26, 2025

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

Malware / September 26, 2025

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

Hacking / September 25, 2025