MUST READ

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

 | 

Cisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flaws

 | 

Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer

 | 

Iran-nexus APT Dust Specter targets Iraq officials with new malware

 | 

U.S. CISA adds Apple, Rockwell, and Hikvision  flaws to its Known Exploited Vulnerabilities catalog

 | 

Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow

 | 

Phobos Ransomware admin faces up to 20 years after guilty plea

 | 

Russian APT targets Ukraine with BadPaw and MeowMeow malware

 | 

Operation Leak: FBI and Europol dismantle LeakBase Cybercrime forum

 | 

Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1

 | 

Cisco fixes maximum-severity Secure FMC bugs threatening firewall security

 | 

Automate or orchestrate? Implementing a streamlined remediation program to shorten MTTR

 | 

LastPass warns of spoofed alerts aimed at stealing master passwords

 | 

From phishing to Google Drive C2: Silver Dragon expands APT41 playbook

 | 

U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog

 | 

Data breach at University of Hawaiʻi Cancer Center impacts 1.2 Million individuals

 | 

Facebook is experiencing a global outage

 | 

Ariomex, Iran-based crypto exchange, suffers data leak

 | 

Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked

 | 

Phishing campaign exploits OAuth redirection to bypass defenses

 | 

SolarWinds Web Help Desk

Pierluigi Paganini February 09, 2026
Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

Huntress confirmed active SolarWinds Web Help Desk exploits, where attackers installed Zoho tools for persistence, and used Velociraptor for control. On February 7, 2026, Huntress investigated an active attack abusing SolarWinds Web Help Desk flaws. Attackers exploited unpatched versions to run code remotely, then quickly installed Zoho ManageEngine tools for persistent remote access and Cloudflare […]

Pierluigi Paganini January 29, 2026
SolarWinds addressed four critical Web Help Desk flaws

SolarWinds patched six Web Help Desk vulnerabilities, including four critical flaws exploitable without authentication for RCE or auth bypass. SolarWinds released security updates to address six Web Help Desk vulnerabilities, including four critical bugs that allow unauthenticated remote code execution or authentication bypass. The three critical flaws found by watchTowr, and specifically by researcher Piotr […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

APT / March 06, 2026

Cisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flaws

Security / March 06, 2026

Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer

Malware / March 06, 2026

Iran-nexus APT Dust Specter targets Iraq officials with new malware

APT / March 06, 2026

U.S. CISA adds Apple, Rockwell, and Hikvision  flaws to its Known Exploited Vulnerabilities catalog

Security / March 06, 2026