SonicWall flags SSLVPN flaw allowing firewall crashes
SonicWall flags SSLVPN flaw allowing firewall crashes Pierluigi Paganini November 23, 2025 SonicWall warns of a high-severity buffer overflow flaw in SonicOS SSLVPN (CVE-2025-40601) that…
Category: Securityaffairs
How APT24 scaled its cyberespionage through supply chain attacks
BadAudio malware: how APT24 scaled its cyberespionage through supply chain attacks Pierluigi Paganini November 22, 2025 APT24 used supply chain attacks and varied techniques to…
U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds an Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini November 22, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA)…
CrowdStrike denies breach after insider sent internal screenshots to hackers
CrowdStrike denies breach after insider sent internal screenshots to hackers Pierluigi Paganini November 21, 2025 CrowdStrike says an insider shared internal screenshots with hackers but…
SolarWinds addressed three critical flaws in Serv-U
SolarWinds addressed three critical flaws in Serv-U Pierluigi Paganini November 21, 2025 SolarWinds patched three critical vulnerabilities in its Serv-U file transfer solution that could…
Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack
Massive data leak hits Italian railway operator Ferrovie dello Stato via Almaviva hack Pierluigi Paganini November 21, 2025 Ferrovie dello Stato Italiane (FS) data leaked after…
Salesforce alerts users to potential data exposure via Gainsight OAuth apps
Salesforce alerts users to potential data exposure via Gainsight OAuth apps Pierluigi Paganini November 21, 2025 Salesforce warns that unusual activity in Gainsight-linked OAuth apps…
Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles
Researchers devised a new enumeration technique that exposed 3.5B WhatsApp profiles Pierluigi Paganini November 20, 2025 Researchers disclosed a WhatsApp flaw that exposed 3.5B accounts.…
New Android banking trojan targets WhatsApp, Telegram, and Signal
Sturnus: New Android banking trojan targets WhatsApp, Telegram, and Signal Pierluigi Paganini November 20, 2025 The Android trojan Sturnus targets communications from secure messaging apps…
Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops
Coordinated sanctions hit Russian bulletproof hosting providers enabling top ransomware Ops Pierluigi Paganini November 20, 2025 US, Australia and UK sanctioned 2 Russian bulletproof hosting…
Iran-linked actor uses cyber operations to support physical attacks
Cyber-enabled kinetic targeting: Iran-linked actor uses cyber operations to support physical attacks Pierluigi Paganini November 20, 2025 Iran-linked actors mapped ship AIS data ahead of…
U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini November 19, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA)…