Articles by Antonio Piazzolla - Cybersecurity Insights and Analysis

ProxyCommand: The Little String That Opens a Port for Exploits

Yesterday, a vulnerability in OpenSSH, CVE-2025-61984, was published that potentially allows command execution on the client when ProxyCommand is used...

13/10/2025

SoopSocks: The PyPI Package That Looked Like a Proxy But Was a Backdoor to Windows

The story of SoopSocks is one we, unfortunately, know well: a PyPI package that promises utility — a SOCKS5 proxy — but in reality introduces a we...

04/10/2025

LockBit 5.0 — the cross-platform ransomware that targets hypervisors

In September 2025, a new incarnation of the notorious LockBit ransomware emerged, dubbed LockBit 5.0. It’s not just an “update”: it’s an opera...

30/09/2025

Fake Microsoft Teams installer! One-time certificates and a backdoor in the download

In recent days, a malvertising campaign targeting business users trying to download Microsoft Teams has been discovered. At first glance, the attack s...

29/09/2025

New AD DS Vulnerability (CVE-2025-21293) Could Hand Hackers the Keys to the Entire Corporate Network

Microsoft recently published a security advisory regarding a new vulnerability affecting Active Directory Domain Services (AD DS). The flaw, identifie...

12/09/2025

Palo Alto Networks Also Compromised via Salesforce and Drift

In early September 2025, Palo Alto Networks confirmed it had been the victim of a data breach. The compromise did not affect its core products or serv...

02/09/2025

Video Surveillance Under Attack: A Hikvision Bug Allows Admin Access Without a Login

At the end of August 2025, a high-impact vulnerability affecting HikCentral Professional, the Hikvision platform used to centrally manage video survei...

02/09/2025

Antonio Piazzolla

Ultimi articoli di Antonio Piazzolla