MUST READ

A malicious VS code extension just breached GitHub 's internal repositories

 | 

DirtyDecrypt: PoC Released for yet another Linux flaw

 | 

Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash

 | 

Drupal is rolling out an emergency security update on May 20. You cannot miss it

 | 

Microsoft dismantled malware-signing network Fox Tempest

 | 

Poland shifts away from Signal following cyberattacks on officials’ accounts

 | 

Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects

 | 

Shai-Hulud worm copycats emerge after source code leak

 | 

Grafana confirms GitHub token breach cybercrime group claims the attack

 | 

ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed

 | 

Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq

 | 

Chaotic Eclipse discloses MiniPlasma zero-day, suggesting a missing or undone 2020 Windows security fix

 | 

Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 97

 | 

Security Affairs newsletter Round 577 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Attackers exploit Funnel Builder bug to inject e-skimmers into e-stores

 | 

Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total

 | 

U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog

 | 

OpenAI hit by supply chain attack linked to malicious TanStack packages

 | 

Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K

 | 

supply chain attack

Pierluigi Paganini August 23, 2018
Operation Red Signature – South Korean Firms victims of a supply chain attack

Supply Chain Attack Hits South Korean Firms Security researchers from Trend Micro have uncovered a supply chain attack, tracked as Operation Red Signature, against organizations in South Korea. The Operation Red Signature aimed at delivering a remote access Trojan (RAT) used by attackers to steal sensitive information from the victims. Threat actors compromised update server of a remote support […]

Pierluigi Paganini October 21, 2017
Proton malware spreading through supply-chain attack, victims should wipe their Macs

The dreaded Proton malware was spreading through a new supply-chain attack that involved the Elmedia apps, victims should wipe their Macs Bad news for Mac users, a new malware is threatening them of a complete system wipe and reinstall. Crooks are distributing the malware in legitimate applications, the popular Elmedia Player and download manager Folx developed by […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

A malicious VS code extension just breached GitHub 's internal repositories

Cyber Crime / May 20, 2026

DirtyDecrypt: PoC Released for yet another Linux flaw

Uncategorized / May 20, 2026

Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash

Hacking / May 20, 2026

Drupal is rolling out an emergency security update on May 20. You cannot miss it

Security / May 19, 2026

Microsoft dismantled malware-signing network Fox Tempest

Cyber Crime / May 19, 2026