Pierluigi

RondoDox Botnet targets 56 flaws across 30+ device types worldwide

AndyC 11 October 2025

RondoDox Botnet targets 56 flaws across 30+ device types worldwide Pierluigi Paganini October 10, 2025 RondoDox botnet exploits 56 known...

ClayRat campaign uses Telegram and phishing sites to distribute Android spyware

AndyC 10 October 2025

ClayRat campaign uses Telegram and phishing sites to distribute Android spyware Pierluigi Paganini October 09, 2025 ClayRat Android spyware targets...

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

AndyC 10 October 2025

CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts Pierluigi Paganini October 09, 2025 Threat actors are exploiting a critical...

Discord denies massive breach, confirms limited exposure of 70K ID photos

AndyC 10 October 2025

Discord denies massive breach, confirms limited exposure of 70K ID photos Pierluigi Paganini October 09, 2025 Discord won’t pay threat...

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi

AndyC 9 October 2025

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi Pierluigi Paganini October 08, 2025 Qilin ransomware claimed...

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

AndyC 9 October 2025

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape Pierluigi Paganini October 08, 2025 DragonForce, LockBit,...

Salesforce data breach: what you need to know

DraftKings thwarts credential stuffing attack, but urges password reset and MFA

AndyC 9 October 2025

DraftKings thwarts credential stuffing attack, but urges password reset and MFA Pierluigi Paganini October 08, 2025 DraftKings warns of credential...

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

AndyC 9 October 2025

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution Pierluigi Paganini October 08, 2025 Redis warns of CVE-2025-49844, a Lua...

GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns

AndyC 8 October 2025

GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns Pierluigi Paganini October 07, 2025 Storm-1175 exploits GoAnywhere MFT flaw...

CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025

AndyC 8 October 2025

CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025 Pierluigi Paganini October 07, 2025 CrowdStrike links...

Discord discloses third-party breach affecting customer support data

AndyC 7 October 2025

Discord discloses third-party breach affecting customer support data Pierluigi Paganini October 06, 2025 Discord reported a data breach at a...

Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers

AndyC 7 October 2025

Oracle patches critical E-Business Suite flaw exploited by Cl0p hackers Pierluigi Paganini October 06, 2025 Oracle fixed a critical flaw...

LinkedIn sues ProAPIs for K/Month LinkedIn data scraping scheme

LinkedIn sues ProAPIs for $15K/Month LinkedIn data scraping scheme

AndyC 7 October 2025

LinkedIn sues ProAPIs for $15K/Month LinkedIn data scraping scheme Pierluigi Paganini October 06, 2025 LinkedIn sued ProAPIs and its CEO...

Zimbra users targeted in zero-day exploit using iCalendar attachments

AndyC 7 October 2025

Zimbra users targeted in zero-day exploit using iCalendar attachments Pierluigi Paganini October 06, 2025 Threat actors exploited a Zimbra zero-day...