Agostino Pellegrino - October 15th, 2025
A sophisticated attack campaign dubbed “Operation Zero Disk” has recently been detected, where threat actors are actively exploiting a critical vulnerability in the Cisco Simple Network Management Protocol (SNMP) to...
Agostino Pellegrino - October 14th, 2025
Ivanti has published 13 vulnerabilities in its Endpoint Manager (EPM) software , including two high-severity flaws that could allow remote code execution and privilege escalation . Despite the lack of...
Agostino Pellegrino - October 14th, 2025
McAfee researchers have reported new activity by the Astaroth banking trojan , which has started using GitHub as a persistent channel for distributing configuration data. This approach allows attackers to...
Agostino Pellegrino - October 10th, 2025
Two critical vulnerabilities in the 7-Zip archiver allowed remote code execution when processing ZIP files. The flaws affect how the program handles symbolic links within archives, allowing directory traversal and...
Agostino Pellegrino - October 10th, 2025
Last week, Oracle warned customers of a critical zero-day vulnerability in its E-Business Suite (CVE-2025-61882), which allows remote execution of arbitrary code without authentication. It has now been revealed that...
Agostino Pellegrino - October 7th, 2025
A 13-year-old critical flaw, known as RediShell , in Redis allows remote code execution (RCE) , giving attackers the ability to gain full control of the underlying host system. The...
Agostino Pellegrino - October 5th, 2025
Oracle has published a security advisory regarding a critical vulnerability identified as CVE-2025-61882 in the Oracle E-Business Suite . The flaw can be exploited remotely without authentication , potentially allowing...
Agostino Pellegrino - October 1st, 2025
A team of researchers has developed a simple hardware tool that challenges the fundamental principles of trusted computing in modern cloud environments. Using a device costing less than $50, they...
Agostino Pellegrino - September 30th, 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in the popular Sudo utility, used on Linux and Unix-like systems, to its catalog of currently exploitable...
Agostino Pellegrino - September 29th, 2025
Some spyware producer is probably doing gymnastics... tearing their hair out. But it's the usual charade: someone finds, someone cashes in, someone integrates, and then the researcher on duty comes...
