Uncategorized

Hacker claims theft of data from 700,000 Substack users; Company confirms breach

February 5, 2026 add comment
Substack confirmed a data breach after a hacker leaked data from nearly 700,000 users, including email addresses and phone numbers. Substack is an online platform for publishing email‑based newsletters... Read more »

U.S. CISA adds a flaw in Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog

January 22, 2026 add comment
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 80

January 18, 2026 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Gogs 0-Day Exploited in the Wild SHADOW#REACTOR –... Read more »

Central Maine Healthcare data breach impacted over 145,000 patients

January 15, 2026 add comment
A cyberattack on Central Maine Healthcare exposed the personal, medical, and insurance data of about 145,000 patients. Central Maine Healthcare notified patients affected by a data security incident. The... Read more »

Fortinet fixed two critical flaws in FortiFone and FortiSIEM

January 14, 2026 add comment
Fortinet fixed six security flaws, including two critical bugs in FortiFone and FortiSIEM that attackers could exploit without authentication. Fortinet released patches for six vulnerabilities, including two critical flaws... Read more »

Misconfigured email routing enables internal-spoofed phishing

January 7, 2026 add comment
Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured email routing and spoof protections to send phishing emails... Read more »

Thousands of ColdFusion exploit attempts spotted during Christmas holiday

January 3, 2026 add comment
GreyNoise observed thousands of attacks targeting about a dozen Adobe ColdFusion vulnerabilities during the Christmas 2025 holiday. GreyNoise reports a coordinated campaign exploiting about a dozen Adobe ColdFusion vulnerabilities,... Read more »

React2Shell under attack: RondoDox Botnet spreads miners and malware

January 1, 2026 add comment
RondoDox botnet exploits the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. CloudSEK researchers warn that the RondoDox botnet is exploiting the critical React2Shell flaw (CVE-2025-55182)... Read more »

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

December 7, 2025 add comment
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

December 5, 2025 add comment
Array Networks AG gateways have been under active exploitation since August 2025 due to a command injection flaw, JPCERT/CC warns. A command injection flaw in Array Networks AG Series... Read more »
Subscribe to our Newsletter