hacking

12 Million exposed .env files reveal widespread security failures

AndyC 28 February 2026

12 Million exposed .env files reveal widespread security failures Pierluigi Paganini February 27, 2026 Mysterium VPN found 12M IPs exposing...

ManoMano data breach impacted 38 Million customer accounts

AndyC 28 February 2026

ManoMano data breach impacted 38 Million customer accounts Pierluigi Paganini February 27, 2026 European DIY platform ManoMano suffered a data...

Trend Micro fixes two critical flaws in Apex One

AndyC 27 February 2026

Trend Micro fixes two critical flaws in Apex One Pierluigi Paganini February 26, 2026 Trend Micro fixed two critical Apex...

UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor

AndyC 27 February 2026

UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor Pierluigi Paganini February 26, 2026 UAT-10027 campaign is targeting...

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog

AndyC 27 February 2026

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 26, 2026 U.S. Cybersecurity and...

ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories

AndyC 27 February 2026

Ravie LakshmananFeb 26, 2026Cybersecurity / Hacking News Nothing here looks dramatic at first glance. That’s the point. Many of this...

Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control

AndyC 27 February 2026

Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control Pierluigi Paganini February 26, 2026 Cisco SD-WAN vulnerability...

Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries

AndyC 27 February 2026

Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries Pierluigi Paganini February 26, 2026 Google...

Untrusted repositories turn Claude code into an attack vector

AndyC 26 February 2026

Untrusted repositories turn Claude code into an attack vector Pierluigi Paganini February 25, 2026 Flaws in Anthropic’s Claude Code could...

Critical Zyxel router flaw exposed devices to remote attacks

AndyC 26 February 2026

Critical Zyxel router flaw exposed devices to remote attacks Pierluigi Paganini February 25, 2026 Zyxel fixed a critical flaw in...

Former U.S. Defense contractor executive sentenced for selling zero-day exploits to Russian broker Operation Zero

AndyC 26 February 2026

Former U.S. Defense contractor executive sentenced for selling zero-day exploits to Russian broker Operation Zero Pierluigi Paganini February 25, 2026...

U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog

AndyC 26 February 2026

U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 25,...

Lazarus APT group deployed Medusa Ransomware against Middle East target

AndyC 26 February 2026

Lazarus APT group deployed Medusa Ransomware against Middle East target Pierluigi Paganini February 25, 2026 North Korea’s Lazarus Group used...

SolarWinds patches four critical Serv-U flaws enabling root access

AndyC 25 February 2026

SolarWinds patches four critical Serv-U flaws enabling root access Pierluigi Paganini February 24, 2026 SolarWinds addressed four critical Serv-U vulnerabilities...

VMware Aria Operations flaws could enable remote attacks

AndyC 25 February 2026

VMware Aria Operations flaws could enable remote attacks Pierluigi Paganini February 24, 2026 Broadcom patched multiple VMware Aria Operations flaws,...

hacking

12 Million exposed .env files reveal widespread security failures

ManoMano data breach impacted 38 Million customer accounts

Trend Micro fixes two critical flaws in Apex One

UAT-10027 campaign hits U.S. education and healthcare with stealthy Dohdoor backdoor

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog

ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories

Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control

Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries

Untrusted repositories turn Claude code into an attack vector

Critical Zyxel router flaw exposed devices to remote attacks

Former U.S. Defense contractor executive sentenced for selling zero-day exploits to Russian broker Operation Zero

U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog

SolarWinds patches four critical Serv-U flaws enabling root access

VMware Aria Operations flaws could enable remote attacks

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

As breakout time accelerates, prevention-first cybersecurity takes center stage

Digital assets after death: Managing risks to your loved one’s digital estate

This month in security with Tony Anscombe – March 2026 edition

RSAC 2026 wrap-up – Week in security with Tony Anscombe

Donate Bitcoin to this address

Donate Ethereum to this address

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed