China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager
China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager Pierluigi Paganini December 19, 2025...
Zero Day
Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day
Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day Pierluigi Paganini December 10, 2025 Microsoft Patch...
Oracle EBS zero-day used by Clop to breach Barts Health NHS
Oracle EBS zero-day used by Clop to breach Barts Health NHS Pierluigi Paganini December 08, 2025 Clop ransomware stole data...
Google Issues Emergency Update for 2B Chrome Users
Image: Solen Feyissa / Unsplash If your Chrome browser isn’t updated, you may be exposed to an actively exploited zero-day...
Critical FortiWeb flaw under attack, allowing complete compromise
Critical FortiWeb flaw under attack, allowing complete compromise Pierluigi Paganini November 14, 2025 A Fortinet FortiWeb auth-bypass flaw is being...
LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks
LANDFALL spyware exploited Samsung zero-day CVE-2025-21042 in Middle East attacks Pierluigi Paganini November 07, 2025 A now-patched Samsung Galaxy flaw,...
CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack
CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack Pierluigi Paganini October 11, 2025 Threat actors are exploiting a zero-day,...
Broadcom patches VMware Zero-Day actively exploited by UNC5174
Broadcom patches VMware Zero-Day actively exploited by UNC5174 Pierluigi Paganini September 30, 2025 Broadcom patched six VMware flaws, including CVE-2025-41244,...
CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025
CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025 Pierluigi Paganini September 18, 2025 Google addressed...
APT group exploited Output Messenger Zero-Day to target Kurdish military operating in Iraq
APT group exploited Output Messenger Zero-Day to target Kurdish military operating in Iraq Pierluigi Paganini May 13, 2025 A Türkiye-linked...
SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code
SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code Pierluigi Paganini May 09, 2025 SonicWall addressed...
Play ransomware affiliate leveraged zero-day to deploy malware
Play ransomware affiliate leveraged zero-day to deploy malware Pierluigi Paganini May 07, 2025 The Play ransomware gang exploited a high-severity Windows...
Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324
Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324 Pierluigi Paganini May 06, 2025 Threat actors...
Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024
Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024 Pierluigi Paganini April 29, 2025 Google tracked...
Exploitation of potential SAP NetWeaver zero-day by initial access intermediary
Alleged exploitation of SAP NetWeaver zero-day by an initial access broker Pierluigi Paganini April 25, 2025 An unidentified vulnerability within...
