U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks   TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io   RemotePE: The Lazarus RAT that lives […]

Security Affairs malware newsletter 2

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Malware Newsletter

Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks  

TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io  

RemotePE: The Lazarus RAT that lives in memory

Fast and Furious – Nimbus Manticore Operations During the Iranian Conflict

Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns

Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability

Introducing Showboat: A new malware family taunts defenses and targets international telecom firms

Laravel Lang Compromised with RCE Backdoor Across 700+ Versions 

Disrupting Glassworm: Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet

Malware-Slop: New Malicious npm Package Leaks Its Own GitHub Private Token  

Grandoreiro Malware Campaign Targets Europe and Latin America  

FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch  

The History of Fileless Malware – Looking Beyond the Buzzword

BTMOB: A stealthy RAT burrowing deep into Android devices    

Building an Adversarial Malware Dataset by Family and Type: Generation, Evasion, and Poisoning Evaluation

SEED: Semi-supervised Continual MalwarE Detection for Tackling ConcEpt Drift on a BuDget

Hybrid Intelligent Detection Approach for Android Malware Using Gradient-Boosting Tree Ensembles and Correlation–Differential Evolution Feature SelectionSelf-Organizing Neural Grove for Malware Detection in IoT Edge Devices

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)