hacking

MeetC2 – A serverless C2 framework that leverages Google Calendar APIs as a communication channel

MeetC2 – A serverless C2 framework that leverages Google Calendar APIs as a communication channel

AndyC 7 September 2025

MeetC2 – A serverless C2 framework that leverages Google Calendar APIs as a communication channel Pierluigi Paganini September 06, 2025...

Read More

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

AndyC 6 September 2025

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation Pierluigi Paganini September 05, 2025 Experts warn of an actively exploited vulnerability,...

Read More

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

AndyC 6 September 2025

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini September 05, 2025 U.S....

Read More

OpenAI launches jobs platform, pledges to train 10M Americans by 2030

SVG files used in hidden malware campaign impersonating Colombian authorities

AndyC 6 September 2025

SVG files used in hidden malware campaign impersonating Colombian authorities Pierluigi Paganini September 05, 2025 VirusTotal uncovered an undetected malware...

Read More

France’s CNIL fined Google 9M and Shein 5M for breaching cookie rules

France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules

AndyC 5 September 2025

France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules Pierluigi Paganini September 05, 2025 France’s data watchdog...

Read More

M reward for Russia’s FSB officers accused of hacking US Critical infrastructure

$10M reward for Russia’s FSB officers accused of hacking US Critical infrastructure

AndyC 5 September 2025

$10M reward for Russia’s FSB officers accused of hacking US Critical infrastructure Pierluigi Paganini September 04, 2025 US offers $10M...

Read More

Security Blogs

Severe Hikvision HikCentral product flaws: What You Need to Know

AndyC 5 September 2025

Severe Hikvision HikCentral product flaws: What You Need to Know Pierluigi Paganini September 04, 2025 Hikvision HikCentral flaw allows unauthenticated...

Read More

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

AndyC 5 September 2025

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini September 04, 2025 U.S....

Read More

Security Blogs

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities

AndyC 5 September 2025

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities Pierluigi Paganini September 03, 2025 Threat actors abuse HexStrike AI,...

Read More

Security Blogs

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities

AndyC 5 September 2025

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities Pierluigi Paganini September 03, 2025 Threat actors abuse HexStrike AI,...

Read More

Security Blogs

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities

AndyC 5 September 2025

Crooks turn HexStrike AI into a weapon for fresh vulnerabilities Pierluigi Paganini September 03, 2025 Threat actors abuse HexStrike AI,...

Read More

Google addressed two Android flaws actively exploited in targeted attacks

Google addressed two Android flaws actively exploited in targeted attacks

AndyC 5 September 2025

Google addressed two Android flaws actively exploited in targeted attacks Pierluigi Paganini September 03, 2025 Google addressed 120 Android vulnerabilities...

Read More

Google addressed two Android flaws actively exploited in targeted attacks

Google addressed two Android flaws actively exploited in targeted attacks

AndyC 5 September 2025

Google addressed two Android flaws actively exploited in targeted attacks Pierluigi Paganini September 03, 2025 Google addressed 120 Android vulnerabilities...

Read More

Google addressed two Android flaws actively exploited in targeted attacks

Google addressed two Android flaws actively exploited in targeted attacks

AndyC 5 September 2025

Google addressed two Android flaws actively exploited in targeted attacks Pierluigi Paganini September 03, 2025 Google addressed 120 Android vulnerabilities...

Read More

Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries

Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries

AndyC 5 September 2025

Sep 04, 2025Ravie LakshmananCybersecurity / Malware The Russian state-sponsored hacking group tracked as APT28 has been attributed to a new...

Read More

Credential stuffing: What it is and how to protect yourself

Credential stuffing: What it is and how to protect yourself

AndyC 9 January 2026

Digital Security Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts Christian Ali Bravo 08...

Read More

This month in security with Tony Anscombe – December 2025 edition

This month in security with Tony Anscombe – December 2025 edition

AndyC 30 December 2025

As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this...

Read More

A brush with online fraud: What are brushing scams and how do I stay safe?

A brush with online fraud: What are brushing scams and how do I stay safe?

AndyC 24 December 2025

Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to...

Read More

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

AndyC 23 December 2025

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of...

Read More

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

AndyC 19 December 2025

In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new...

Read More

ESET Threat Report H2 2025

ESET Threat Report H2 2025

AndyC 17 December 2025

ESET Research A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research...

Read More

Russia’s Crackdown on Probiv Data Leaks May Have Fed the Beast Instead

Email is Not Legacy. It’s Infrastructure.

AndyC 13 January 2026

AI backlash forces a reality check: humans are as important as ever

Apache Struts External Entity (XXE) Injection Vulnerability S2-069 (CVE-2025-68493)

AndyC 13 January 2026

Why feel reassured by advanced secrets management?

How smart are the latest NHIs in threat detection?

AndyC 13 January 2026

Why feel reassured by advanced secrets management?

Can Agentic AI meet future cybersecurity demands?

AndyC 13 January 2026

Why feel reassured by advanced secrets management?

U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog

AndyC 13 January 2026