Security Affairs

ID: 4591e57d-d939-5a9c-95b6-1894657d6f54

STIX ID: identity--4591e57d-d939-5a9c-95b6-1894657d6f54

Feed Type: rss

Earliest post: 2024-05-19

Latest post: 2026-05-29

Cybersecurity news, threat analysis, malware research, and breaking coverage from independent expert Pierluigi Paganini — covering cybercrime, APTs, breaches, policy, hacking, and security trends.

Exclude posts that do not describe a security incident

Classification

Min Pub Date

01/01/2020

Max Pub Date

05/29/2026

Title	Date Published ↓	Describes Incident	Author	Visible
DIL Observatory: when the World Escalates, the Underground Responds	2026-05-29	True	Pierluigi Paganini	True
Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.	2026-05-29	True	Pierluigi Paganini	True
BTMOB RAT Gives Criminals a Point-and-Click Kit to Take Over Your Android Phone	2026-05-29	True	Pierluigi Paganini	True
Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers	2026-05-28	True	Pierluigi Paganini	True
CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks	2026-05-28	True	Pierluigi Paganini	True
Resecurity Supports Microsoft DCU in Disrupting Fox Tempest ’s Cybercriminal Code-Signing Ecosystem	2026-05-28	True	Pierluigi Paganini	True
U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog	2026-05-28	True	Pierluigi Paganini	True
A Fake UK Visa Site Left 100,000 Passports Wide Open	2026-05-28	True	Pierluigi Paganini	True
U.S. CISA adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog	2026-05-28	True	Pierluigi Paganini	True
19.6 Billion Files Are Sitting Open on the Internet. No Password Required	2026-05-28	True	Pierluigi Paganini	True
Romanian Hacker Gets Nearly 5 Years in US Prison Over Network Intrusion	2026-05-27	True	Pierluigi Paganini	True
The LA Metro Attack Wasn’t Hacktivism. It Was a State Operation With a Costume On.	2026-05-27	True	Pierluigi Paganini	True
How cybersecurity firms took down Glassworm botnet in one shot	2026-05-27	True	Pierluigi Paganini	True
Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.	2026-05-27	True	Pierluigi Paganini	True
The Hidden Ransomware Economy Running on Exposed Databases	2026-05-26	True	Pierluigi Paganini	True
Malware Found in Laravel-Lang Composer Packages After Git Tag Poisoning Attack	2026-05-26	True	Pierluigi Paganini	True
Nimbus Manticore Expanded Attacks With AI-Assisted Malware and Fake Zoom Installers	2026-05-26	True	Pierluigi Paganini	True
Lazarus APT unveils fileless remote access Trojan designed to evade detection	2026-05-26	True	Pierluigi Paganini	True
Third-Party Cyberattack Impacts Patient Information at The Oncology Institute	2026-05-26	True	Pierluigi Paganini	True
Ghost CMS flaw abused to push ClickFix attacks on hundreds of sites	2026-05-25	True	Pierluigi Paganini	True
340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks	2026-05-25	True	Pierluigi Paganini	True
Zero-Click WhatsApp Account Takeover Hits iPhone Users Running iOS 16. No Linked Devices, No Warning	2026-05-25	True	Pierluigi Paganini	True
Dutch authorities dismantle hosting network allegedly used for cyberattacks and disinformation	2026-05-25	True	Pierluigi Paganini	True
FBI director Kash Patel’s brand website taken offline after malware reports	2026-05-25	True	Pierluigi Paganini	True
Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION	2026-05-24	True	Pierluigi Paganini	True
Anthropic’s Project Glasswing: 10,000+ Vulnerabilities Found in One Month, and the Patching Problem Has Never Been More Obvious	2026-05-24	True	Pierluigi Paganini	True
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog	2026-05-24	True	Pierluigi Paganini	True
CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack	2026-05-23	True	Pierluigi Paganini	True
Why pure extortion is replacing traditional ransomware	2026-05-23	True	Pierluigi Paganini	True
Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets	2026-05-23	True	Pierluigi Paganini	True
Authorities arrest 23-year-old accused of running the Kimwolf botnet	2026-05-22	True	Pierluigi Paganini	True
U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog	2026-05-22	True	Pierluigi Paganini	True
One Telecom Provider Hosted Most of the Middle East ’s Active C2 Infrastructure	2026-05-22	True	Pierluigi Paganini	True
U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog	2026-05-21	True	Pierluigi Paganini	True
Global law enforcement operation takes First VPN offline	2026-05-21	True	Pierluigi Paganini	True
Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix	2026-05-21	True	Pierluigi Paganini	True
Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload	2026-05-21	True	Pierluigi Paganini	True
PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch	2026-05-20	True	Pierluigi Paganini	True
Microsoft issues YellowKey mitigation, no patch yet	2026-05-20	True	Pierluigi Paganini	True
Carding site B1ack’s Stash dumps 4.6 Million stolen cards for free	2026-05-20	True	Pierluigi Paganini	True
A malicious VS code extension just breached GitHub ‘s internal repositories	2026-05-20	True	Pierluigi Paganini	True
DirtyDecrypt: PoC Released for yet another Linux flaw	2026-05-20	True	Pierluigi Paganini	True
Alleged Huawei zero-day blamed for the 2025 Luxembourg telecom crash	2026-05-20	True	Pierluigi Paganini	True
Drupal is rolling out an emergency security update on May 20. You cannot miss it	2026-05-19	True	Pierluigi Paganini	True
Microsoft dismantled malware-signing network Fox Tempest	2026-05-19	True	Pierluigi Paganini	True
Poland shifts away from Signal following cyberattacks on officials’ accounts	2026-05-19	True	Pierluigi Paganini	True
Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects	2026-05-19	True	Pierluigi Paganini	True
Shai-Hulud worm copycats emerge after source code leak	2026-05-19	True	Pierluigi Paganini	True
Grafana confirms GitHub token breach cybercrime group claims the attack	2026-05-18	True	Pierluigi Paganini	True
ShinyHunters hack 7-Eleven: franchisee data and Salesforce records exposed	2026-05-18	True	Pierluigi Paganini	True