Paganini

Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION

AndyC 17 November 2025

Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini November 16, 2025 A new round of...

Read More

Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack

Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack

AndyC 17 November 2025

Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack Pierluigi Paganini November 16, 2025 China-linked actors used Anthropic’s AI to...

Read More

Multiple Vulnerabilities in GoSign Desktop lead to Remote Code Execution

Multiple Vulnerabilities in GoSign Desktop lead to Remote Code Execution

AndyC 16 November 2025

Multiple Vulnerabilities in GoSign Desktop lead to Remote Code Execution Pierluigi Paganini November 15, 2025 Researchers found a critical vulnerability...

Read More

Millions of sites at risk from Imunify360 critical flaw exploit

Millions of sites at risk from Imunify360 critical flaw exploit

AndyC 15 November 2025

Millions of sites at risk from Imunify360 critical flaw exploit Pierluigi Paganini November 14, 2025 A vulnerability affecting Imunify360 lets...

Read More

Security Blogs

Critical FortiWeb flaw under attack, allowing complete compromise

AndyC 15 November 2025

Critical FortiWeb flaw under attack, allowing complete compromise Pierluigi Paganini November 14, 2025 A Fortinet FortiWeb auth-bypass flaw is being...

Read More

Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs

Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs

AndyC 15 November 2025

Germany’s BSI issues guidelines to counter evasion attacks targeting LLMs Pierluigi Paganini November 14, 2025 Germany’s BSI warns of rising...

Read More

Chrome extension “Safery” steals Ethereum wallet seed phrases

Chrome extension “Safery” steals Ethereum wallet seed phrases

AndyC 14 November 2025

Chrome extension “Safery” steals Ethereum wallet seed phrases Pierluigi Paganini November 13, 2025 Malicious Chrome extension “Safery: Ethereum Wallet” steals...

Read More

Security Blogs

Google sues cybercriminal group Smishing Triad

AndyC 13 November 2025

Google sues cybercriminal group Smishing Triad Pierluigi Paganini November 12, 2025 Google sues China-based group using “Lighthouse” phishing kit in...

Read More

Leading AI companies accidentally leak their passwords and digital keys on GitHub – what you need to know

Australia’s spy chief warns of China-linked threats to critical infrastructure

AndyC 13 November 2025

Australia’s spy chief warns of China-linked threats to critical infrastructure Pierluigi Paganini November 12, 2025 Australia’s spy chief warns China-linked...

Read More

.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

AndyC 13 November 2025

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK Pierluigi Paganini November 12, 2025 “Bitcoin Queen” Zhimin Qian...

Read More

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

AndyC 12 November 2025

SAP fixed a maximum severity flaw in SQL Anywhere Monitor Pierluigi Paganini November 11, 2025 SAP fixed 19 security issues,...

Read More

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

AndyC 12 November 2025

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS Pierluigi Paganini November 11, 2025 Researchers found Fantasy Hub,...

Read More

Critical Triofox bug exploited to run malicious payloads via AV configuration

Critical Triofox bug exploited to run malicious payloads via AV configuration

AndyC 12 November 2025

Critical Triofox bug exploited to run malicious payloads via AV configuration Pierluigi Paganini November 11, 2025 Hackers exploited Triofox flaw...

Read More

GlassWorm malware has resurfaced on the Open VSX registry

GlassWorm malware has resurfaced on the Open VSX registry

AndyC 11 November 2025

GlassWorm malware has resurfaced on the Open VSX registry Pierluigi Paganini November 10, 2025 GlassWorm malware resurfaces in Open VSX...

Read More

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

AndyC 11 November 2025

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting Pierluigi Paganini November 10, 2025 With a 4M cybersecurity worker...

Read More

Credential stuffing: What it is and how to protect yourself

Credential stuffing: What it is and how to protect yourself

AndyC 9 January 2026

Digital Security Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts Christian Ali Bravo 08...

Read More

This month in security with Tony Anscombe – December 2025 edition

This month in security with Tony Anscombe – December 2025 edition

AndyC 30 December 2025

As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this...

Read More

A brush with online fraud: What are brushing scams and how do I stay safe?

A brush with online fraud: What are brushing scams and how do I stay safe?

AndyC 24 December 2025

Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to...

Read More

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

AndyC 23 December 2025

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of...

Read More

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

AndyC 19 December 2025

In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new...

Read More

ESET Threat Report H2 2025

ESET Threat Report H2 2025

AndyC 17 December 2025

ESET Research A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research...

Read More

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

AndyC 14 January 2026

2026 PCI SSC Training Schedule Announced

2026 PCI SSC Training Schedule Announced

AndyC 14 January 2026

Dutch court convicts hacker who exploited port networks for drug trafficking

Dutch court convicts hacker who exploited port networks for drug trafficking

AndyC 14 January 2026

Magazine Insights

Session-Based Authentication vs Token-Based Authentication: Key Differences Explained

AndyC 14 January 2026

Slack launches revamped Slackbot AI assistant

RBAC vs ReBAC: Comparing Role-Based & Relationship-Based Access Control

AndyC 14 January 2026