Security Affairs
U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 51

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Ransomware Gangs Collapse as Qilin Seizes Control  Dissecting a Python Ransomware distributed through GitHub repositories  SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play   Uncovering a Tor-Enabled Docker Exploit  […]

Security Affairs malware newsletter 2

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Ransomware Gangs Collapse as Qilin Seizes Control 

Dissecting a Python Ransomware distributed through GitHub repositories 

SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play  

Uncovering a Tor-Enabled Docker Exploit 

Threat Actors Modify and Re-Create Commercial Software to Steal Users’ Information 

Resurgence of the Prometei Botnet  

ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware 

GIFTEDCROOK’s Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations

Hive0154 aka Mustang Panda shifts focus on Tibetan community to deploy Pubload backdoor     

OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure

SadFuture: Mapping XDSpy latest evolution 

FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks

UAC-0001 (APT28) Cyber Attacks on Government Agencies Using BEARDSHELL and COVENANT

DeepSeek Deception: Sainbox RAT & Hidden Rootkit Delivery

Cryptominers’ Anatomy: Shutting Down Mining Botnets 

Another Wave: North Korean Contagious Interview Campaign Drops 35 New Malicious npm Packages  

Analysis of the latest attack activities of APT-C-06 (DarkHotel) using BYOVD technology 

Taiwan Strait hotspot bait! Wangci organization combines 0day and ClickOnce technology to carry out espionage activities

Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign

Enhancing Malware Detection via RGB Assembly Visualization and Hybrid Deep Learning Models

Analyzing PDFs like Binaries: Adversarially Robust PDF Malware Analysis via Intermediate Representation and Language Model

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)