Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 71

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter 9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads GlassWorm Returns: New Wave Strikes as We Expose Attacker Infrastructure Gootloader Returns: What Goodies Did They Bring? Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector […]

Security Affairs malware newsletter 2

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads

GlassWorm Returns: New Wave Strikes as We Expose Attacker Infrastructure

Gootloader Returns: What Goodies Did They Bring?

Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C   

Malicious NPM Package Found Targeting GitHub By Typosquatting on GitHub Action Packages 

DanaBot malware is back to infecting Windows after 6-month break

Phishing Campaigns “I Paid Twice” Targeting Booking.com Hotels and Customers

Q3 2025 Ransomware Report

Lazarus Group targets Aerospace and Defense with new Comebacker variant

Fantasy Hub: Another Russian Based RAT as M-a-a-S   

The Great Indonesian TEA Theft: Analyzing a NPM Spam Campaign

Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery

Unleashing the Kraken ransomware group 

Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover  

Pack-A-Mal: A Malware Analysis Framework for Open-Source Packages

Exploiting Data Structures for Bypassing and Crashing Anti-Malware Solutions via Telemetry Complexity Attacks

MalRefiner: Recovering Malware Semantics via Reinforcement Learning-Based Semantic NOP Removal

Integrated Analysis of Malicious Software: Insights from Static and Dynamic Perspectives

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)