Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 64

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Brewing Trouble — Dissecting a macOS Malware Campaign   Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled […]

Security Affairs malware newsletter 2

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

Brewing Trouble — Dissecting a macOS Malware Campaign  

Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware

Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware

The Chameleon’s Trap: Inside the Top 3 Exploit Thriving on 60% of Unpatched MS Office Systems         

YiBackdoor: A New Malware Family With Links to IcedID and Latrodectus  

Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys 

How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking

Mapping the Infrastructure and Malware Ecosystem of MuddyWater

Operation Rewrite: Chinese-Speaking Threat Actors Deploy BadIIS in a Wide Scale SEO Poisoning Campaign    

ShadowV2: An emerging DDoS for hire botnet 

Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors 

RedNovember Targets Government, Defense, and Technology Organizations

Malware Analysis Report RayInitiator & LINE VIPER  

XCSSET evolves again: Analyzing the latest updates to XCSSET’s inventory 

Bearlyfy: The Evolution of a New Ransomware Group and Its Connection to PhantomCore

Updated BO Team Grouping Tools

Deniability by Design: DNS-Driven Insights into a Malicious Ad Network     

Defending against Stegomalware in Deep Neural Networks with Permutation Symmetry

CyberSOCEval: Benchmarking LLMs Capabilities for Malware Analysis and Threat Intelligence Reasoning

DCmal-2025: A Novel Routing-Based DisConnectivity Malware—Development, Impact, and Countermeasures

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)