Antonio Piazzolla, Autore presso il blog della sicurezza informatica

ProxyCommand: The Little String That Opens a Port for Exploits

Antonio Piazzolla 13/10/2025

Yesterday, a vulnerability in OpenSSH, CVE-2025-61984, was published that potentially allows command execution on the client when ProxyCommand is used with usernames containing control characters

SoopSocks: The PyPI Package That Looked Like a Proxy But Was a Backdoor to Windows

Antonio Piazzolla 04/10/2025

The story of SoopSocks is one we, unfortunately, know well: a PyPI package that promises utility — a SOCKS5 proxy — but in reality introduces

LockBit 5.0 — the cross-platform ransomware that targets hypervisors

Antonio Piazzolla 30/09/2025

In September 2025, a new incarnation of the notorious LockBit ransomware emerged, dubbed LockBit 5.0. It’s not just an “update”: it’s an operational adaptation designed

Fake Microsoft Teams installer! One-time certificates and a backdoor in the download

Antonio Piazzolla 29/09/2025

In recent days, a malvertising campaign targeting business users trying to download Microsoft Teams has been discovered. At first glance, the attack seems trivial: a

New AD DS Vulnerability (CVE-2025-21293) Could Hand Hackers the Keys to the Entire Corporate Network

Antonio Piazzolla 12/09/2025

Microsoft recently published a security advisory regarding a new vulnerability affecting Active Directory Domain Services (AD DS). The flaw, identified as CVE-2025-21293, is classified as

Palo Alto Networks Also Compromised via Salesforce and Drift

Antonio Piazzolla 02/09/2025

In early September 2025, Palo Alto Networks confirmed it had been the victim of a data breach. The compromise did not affect its core products

Video Surveillance Under Attack: A Hikvision Bug Allows Admin Access Without a Login