Security Affairs
Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 163 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! ·      A new flaw in Electron poses a risk to apps based on the […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      A new flaw in Electron poses a risk to apps based on the framework
·      Malicious package containing Bytecoin cryptocurrency miner found on the Ubuntu Snap Store
·      UK mobile operator EE left a critical code system exposed with a default password
·      Chilis restaurant chain is the last victim of a Payment Card Breach
·      Critical Flaws in PGP and S/MIME Tools – Immediately disable tools that automatically decrypt PGP-encrypted email
·      Nigelthorn malware infected over 100,000 systems abusing Chrome extensions
·      PANDA Banker malware used in several campaigns aimed at banks, cryptocurrency exchanges and social media
·      Researchers disclosed details of EFAIL attacks on in PGP and S/MIME tools. Experts believe claims are overblown
·      Adobe issued security updates for 47 vulnerabilities in Acrobat DC and Reader
·      Dutch Government plans to phase out the use of Kaspersky solutions
·      Hackers shared technical details of a Code Injection flaw in Signal App
·      Massive DDoS attack hit the Danish state rail operator DSB
·      Rail Europe North America hit by payment card data breach
·      Anonymous defaced Russia govt website against Telegram ban
·      Mysterious hackers ingenuously reveal two Zero-Days to security community
·      Operation Hotel – Ecuador spent millions on spy operation for Julian Assange
·      Red Hat Linux DHCP Client affected by a command injection flaw, patch it now!
·      Mexican central bank confirmed that SWIFT hackers stole millions of dollars from Mexican Banks
·      Nethammer – Exploiting Rowhammer attack through network without a single attacker-controlled line of code
·      Russian Telegrab malware harvesting Telegram Desktop credentials, cookies, desktop cache, and key files
·      A New Mexico man sentenced to 15 Years in jail for DDoS Attacks and possession of firearms
·      CISCO issued security updates to address three critical flaws in Cisco DNA Center
·      Satori Botnet is targeting exposed Ethereum mining pools running the Claymore mining software
·      The new Wicked Mirai botnet leverages at least three new exploits
·      A dataset of 200 million PII exfiltrated from several Japanese websites offered on underground market
·      Chrome evolves security indicators by marking with a red warning for HTTP content
·      More than 800,000 DrayTek routers at risks due to a mysterious zero-day exploit
·      Updated – The new Wicked Mirai botnet leverages at least three new exploits

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]