Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 90

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape New Malware Targets Users of Cobra DocGuard Software   Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets   Trivy Supply Chain Attack Expands to Compromised Docker Images   VoidStealer: Debugging Chrome to Steal […]

Security Affairs malware newsletter 2

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

New Malware Targets Users of Cobra DocGuard Software  

Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets  

Trivy Supply Chain Attack Expands to Compromised Docker Images  

VoidStealer: Debugging Chrome to Steal Its Secrets  

StoatWaffle, malware used by WaterPlum

Coruna: the framework used in Operation Triangulation

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

Analyzing FAUX#ELEVATE: Threat Actors Target France with CV Lures to Deploy Crypto miners and Infostealers Targeting Enterprise Environments

Fake install logs in npm packages load RAT 

From W-2 to BYOVD: How a Tax Search Leads to Kernel-Mode AV/EDR Kill

Novel WebRTC skimmer bypasses security controls at $100+ billion car maker         

GlassWorm Hides a RAT Inside a Malicious Chrome Extension

Telnyx Malware: TeamPCP Strikes Again Following LiteLLM Compromise 

Bearlyfy Releases Genie: F6 Analyzes the Group’s Recent Attacks

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

New BianLian Ransomware Activity Detected: SVG Phishing Campaign Targeting Venezuelan Companies

Pushan: Trace-Free Deobfuscation of Virtualization-Obfuscated Binaries

Mining the YARA Ecosystem: From Ad-Hoc Sharing to Data-Driven Threat Intelligence

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)