hacking news

5 ideas to help bridge the genAI skills gap

Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884

AndyC 15 October 2025

Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884 Pierluigi Paganini October 14, 2025 Oracle issued...

Read More

Customer payment data stolen in Unity Technologies’s SpeedTree website compromise

Customer payment data stolen in Unity Technologies’s SpeedTree website compromise

AndyC 14 October 2025

Customer payment data stolen in Unity Technologies’s SpeedTree website compromise Pierluigi Paganini October 13, 2025 Malicious code on Unity Technologies’s...

Read More

Astaroth Trojan abuses GitHub to host configs and evade takedowns

Astaroth Trojan abuses GitHub to host configs and evade takedowns

AndyC 14 October 2025

Astaroth Trojan abuses GitHub to host configs and evade takedowns Pierluigi Paganini October 13, 2025 The Astaroth banking Trojan uses...

Read More

Google, Mandiant expose malware and zero-day behind Oracle EBS extortion

Google, Mandiant expose malware and zero-day behind Oracle EBS extortion

AndyC 14 October 2025

Google, Mandiant expose malware and zero-day behind Oracle EBS extortion Pierluigi Paganini October 13, 2025 Google and Mandiant link Oracle...

Read More

Clop Ransomware group claims the hack of Harvard University

Clop Ransomware group claims the hack of Harvard University

AndyC 13 October 2025

Clop Ransomware group claims the hack of Harvard University Pierluigi Paganini October 12, 2025 The notorious Clop Ransomware group claims...

Read More

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66

Security Affairs newsletter Round 545 by Pierluigi Paganini – INTERNATIONAL EDITION

AndyC 13 October 2025

Security Affairs newsletter Round 545 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini October 12, 2025 A new round of...

Read More

CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack

CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack

AndyC 12 October 2025

CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack Pierluigi Paganini October 11, 2025 Threat actors are exploiting a zero-day,...

Read More

Cybercrime ring GXC Team dismantled in Spain, 25-year-old leader detained

Cybercrime ring GXC Team dismantled in Spain, 25-year-old leader detained

AndyC 12 October 2025

Cybercrime ring GXC Team dismantled in Spain, 25-year-old leader detained Pierluigi Paganini October 11, 2025 Spain’s Guardia Civil dismantled the...

Read More

Attackers exploit valid logins in SonicWall SSL VPN compromise

Attackers exploit valid logins in SonicWall SSL VPN compromise

AndyC 12 October 2025

Attackers exploit valid logins in SonicWall SSL VPN compromise Pierluigi Paganini October 11, 2025 Huntress warns of widespread SonicWall SSL...

Read More

Security Blogs

Juniper patched nine critical flaws in Junos Space

AndyC 11 October 2025

Juniper patched nine critical flaws in Junos Space Pierluigi Paganini October 10, 2025 Juniper fixed nearly 220 flaws in Junos...

Read More

Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors

Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors

AndyC 11 October 2025

Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors Pierluigi Paganini October 10, 2025 Russia-linked actors use AI to...

Read More

U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog

AndyC 11 October 2025

U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini October 10, 2025 U.S. Cybersecurity and Infrastructure Security...

Read More

RondoDox Botnet targets 56 flaws across 30+ device types worldwide

RondoDox Botnet targets 56 flaws across 30+ device types worldwide

AndyC 11 October 2025

RondoDox Botnet targets 56 flaws across 30+ device types worldwide Pierluigi Paganini October 10, 2025 RondoDox botnet exploits 56 known...

Read More

ClayRat campaign uses Telegram and phishing sites to distribute Android spyware

ClayRat campaign uses Telegram and phishing sites to distribute Android spyware

AndyC 10 October 2025

ClayRat campaign uses Telegram and phishing sites to distribute Android spyware Pierluigi Paganini October 09, 2025 ClayRat Android spyware targets...

Read More

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

AndyC 10 October 2025

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts Pierluigi Paganini October 09, 2025 Threat actors are exploiting a critical...

Read More

Credential stuffing: What it is and how to protect yourself

Credential stuffing: What it is and how to protect yourself

AndyC 9 January 2026

Digital Security Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts Christian Ali Bravo 08...

Read More

This month in security with Tony Anscombe – December 2025 edition

This month in security with Tony Anscombe – December 2025 edition

AndyC 30 December 2025

As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this...

Read More

A brush with online fraud: What are brushing scams and how do I stay safe?

A brush with online fraud: What are brushing scams and how do I stay safe?

AndyC 24 December 2025

Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to...

Read More

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

AndyC 23 December 2025

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of...

Read More

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

AndyC 19 December 2025

In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new...

Read More

ESET Threat Report H2 2025

ESET Threat Report H2 2025

AndyC 17 December 2025

ESET Research A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research...

Read More

Prompt Frameworks for AI Results: A Practical Guide for Leaders and Product Teams

Beyond “Is Your SOC AI Ready?” Plan the Journey!

AndyC 10 January 2026

Magazine Insights

Randall Munroe’s XKCD ‘Apples’

AndyC 10 January 2026

Trend Micro fixed a remote code execution in Apex Central

Trend Micro fixed a remote code execution in Apex Central

AndyC 10 January 2026

Prompt Frameworks for AI Results: A Practical Guide for Leaders and Product Teams

Radware Discloses ZombieAgent Technique to Compromise AI Agents

AndyC 10 January 2026

The New Weak Link in Compliance Isn’t Code – It’s Communication

Use of XMRig Cryptominer by Threat Actors Expanding: Expel

AndyC 10 January 2026