A serverless C2 framework that leverages Google Calendar APIs as a communication channel
MeetC2 – A serverless C2 framework that leverages Google Calendar APIs as a communication channel Pierluigi Paganini September 06, 2025 MeetC2 is a PoC C2…
Category: Securityaffairs
Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation
Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation Pierluigi Paganini September 05, 2025 Experts warn of an actively exploited vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), in…
U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini September 05, 2025 U.S. Cybersecurity and Infrastructure Security Agency…
SVG files used in hidden malware campaign impersonating Colombian authorities
SVG files used in hidden malware campaign impersonating Colombian authorities Pierluigi Paganini September 05, 2025 VirusTotal uncovered an undetected malware campaign using SVG files that…
France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules
France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules Pierluigi Paganini September 05, 2025 France’s data watchdog fined Google $379M (€325 million)…
$10M reward for Russia’s FSB officers accused of hacking US Critical infrastructure
$10M reward for Russia’s FSB officers accused of hacking US Critical infrastructure Pierluigi Paganini September 04, 2025 US offers $10M for Russian FSB officers Tyukov,…
Palo Alto Networks disclosed a data breach linked to Salesloft Drift incident
Palo Alto Networks disclosed a data breach linked to Salesloft Drift incident Pierluigi Paganini September 02, 2025 Palo Alto Networks hit by Drift-linked supply-chain attack,…
What You Need to Know
Severe Hikvision HikCentral product flaws: What You Need to Know Pierluigi Paganini September 04, 2025 Hikvision HikCentral flaw allows unauthenticated users to gain admin rights,…
U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini September 04, 2025 U.S. Cybersecurity and Infrastructure Security Agency…
Crooks turn HexStrike AI into a weapon for fresh vulnerabilities
Crooks turn HexStrike AI into a weapon for fresh vulnerabilities Pierluigi Paganini September 03, 2025 Threat actors abuse HexStrike AI, a new offensive security tool…
Google addressed two Android flaws actively exploited in targeted attacks
Google addressed two Android flaws actively exploited in targeted attacks Pierluigi Paganini September 03, 2025 Google addressed 120 Android vulnerabilities in September 2025, including two…
U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini September 03, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA)…