Pierluigi Paganini
May 11, 2025
Google will pay the U.S. state of Texas $1.4B to settle lawsuits over unauthorized location tracking and facial recognition data retention. Google will pay nearly $1.4 billion to the state of Texas to settle two lawsuits over tracking users’ locations and storing biometric data without consent. The $1.375 billion settlement far exceeds previous fines over […]
Pierluigi Paganini
May 10, 2025
A data breach at Ascension, caused by a former partner’s compromise, exposed the health information of over 430,000 patients. Ascension is one of the largest private healthcare systems in the United States, ranking second in the United States by the number of hospitals as of 2019. At the end of April, the company notified patients that their personal and health information […]
Pierluigi Paganini
May 10, 2025
Law enforcement dismantled a 20-year botnet behind Anyproxy and 5socks cybercriminals services and arrested four suspects. Authorities dismantled a 20-year-old botnet tied to Anyproxy and 5socks as part of an international operation codenamed “Operation Moonlander”; four men, including three Russians, were indicted for running the illegal proxy networks. The U.S. Justice Department charged Russian nationals, […]
Pierluigi Paganini
May 09, 2025
A cyberattack briefly disrupted South African Airways’ website, app, and systems, but core flight operations remained unaffected. South African Airways (SAA) is the national flag carrier of South Africa, the airline is wholly owned by the South African government and has subsidiaries including SAA Technical and Air Chefs. A cyberattack hit South African Airways, briefly […]
Pierluigi Paganini
May 09, 2025
Since early 2025, Russia-linked ColdRiver has used LostKeys malware to steal files in espionage attacks on Western governments and organizations. Google’s Threat Intelligence Group discovered LOSTKEYS, a new malware used by Russia-linked APT COLDRIVER, in recent attacks to steal files and gather system info. The ColdRiver APT (aka “Seaborgium“, “Callisto”, “Star Blizzard”, “TA446”) is a Russian cyberespionage group […]
Pierluigi Paganini
May 09, 2025
SonicWall addressed three SMA 100 flaws, including a potential zero-day, that could allow remote code execution if chained. SonicWall patches three SMA 100 vulnerabilities (CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821), including a potential zero-day, that could be chained by a remote attacker to execute arbitrary code. The first flaw, tracked as CVE-2025-32819 (CVSS score of 8.8), is […]
Pierluigi Paganini
May 08, 2025
Lockbit ransomware group has been compromised, attackers stole and leaked data contained in the backend infrastructure of their dark web site. Hackers compromised the dark web leak site of the LockBit ransomware gang and defaced it, posting a message and a link to the dump of the MySQL database of its backend affiliate panel. “Don’t […]
Pierluigi Paganini
May 08, 2025
Cisco addressed a flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files. Cisco released software updates to address a vulnerability, tracked as CVE-2025-20188 (CVSS score 10), in IOS XE Wireless Controller. An unauthenticated, remote attacker can exploit the flaw to load arbitrary files to a vulnerable system. […]
Pierluigi Paganini
May 08, 2025
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds GoVision device flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)Â added Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: According to Binding Operational Directive […]
Pierluigi Paganini
May 08, 2025
Polish police arrested 4 people behind DDoS-for-hire platforms used in global attacks, offering takedowns for as little as €10 via six stresser services. Polish authorities arrested 4 people linked to 6 DDoS-for-hire platforms, Cfxapi, Cfxsecurity, neostress, jetstress, quickdown, and zapcut, used to launch attacks worldwide for as little as €10. The platforms were used to […]
Uncategorized / November 10, 2025
Hacking / November 10, 2025
Hacking / November 09, 2025
