Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 92

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Thirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Database Theft, and Persistent C2   Malicious LNK Files Distributing a Python-Based Backdoor and Changes in Distribution Techniques (Kimsuky Group)   Hackers Are Attempting to Turn ComfyUI Servers Into a […]

Security Affairs malware newsletter 2

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Thirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Database Theft, and Persistent C2  

Malicious LNK Files Distributing a Python-Based Backdoor and Changes in Distribution Techniques (Kimsuky Group)  

Hackers Are Attempting to Turn ComfyUI Servers Into a Cryptomining Proxy Botnet  

Pawn Storm Campaign Deploys PRISMEX, Targets Government and Critical Infrastructure Entities  

Hackers Are Attempting to Turn ComfyUI Servers Into a Cryptomining Proxy Botnet

Masjesu Rising: The Commercial IoT Botnet Built for Stealth, DDoS, and IoT Evasion

EXPMON detected sophisticated zero-day fingerprinting attack targeting Adobe Reader users      

New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations     

Critical Supply Chain Compromise in Smart Slider 3 Pro: Full Malware Analysis  

GlassWorm goes native: New Zig dropper infects every IDE on your machine  

ClickFix malware hits DoD cybersecurity vendor homepage  

Beyond BITTER: MENA Civil Society Targeted in Hack-For-Hire Operation Linked to BITTER APT  

Can Drift-Adaptive Malware Detectors Be Made Robust? Attacks and Defenses Under White-Box and Black-Box Threats

Explainability-Guided Adversarial Attacks on Transformer-Based Malware Detectors Using Control Flow Graphs

Mitigating Metamorphic Malware Through Adversarial Learning Techniques

AI-Amplification Indicator: An Actor-Level Scoring Framework for Ransomware Operations on the Dark Web

Automating the Detection of Evasive Windows Malware: An Evaluated YARA Rule Library for Anti-VM and Anti-Sandbox Techniques

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)