Security Affairs
Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 164 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! ·      Experts propose a new variation of the Spectre attack to recover data from […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      Experts propose a new variation of the Spectre attack to recover data from System Management Mode
·      Misconfigured CalAmp server allowed hacker to take over a lot of vehicles
·      Google awarded a young expert a total of $36,337 for an RCE in the Google App Engine
·      Hacked Drupal sites involved in mining campaigns, RATs distributions, scams
·      Internet Systems Consortium rolled out security updates to address 2 flaws in BIND DNS Software
·      Judges convict crook of operating Scan4You Counter Antivirus Service
·      Roaming Mantis gang evolves and broadens its operations
·      North Korea-linked Sun Team APT group targets deflectors with Android Malware
·      Tech giants are all working on new Spectre and Meltdown attacks, so-called variant 3 and variant 4
·      The ZipperDown Vulnerability could affect roughly 10% of iOS Apps
·      TheMoon botnet is now leveraging a zero-day to target GPON routers
·      Chinese researchers from Tencent discovered exploitable flaws in several BMW models
·      Experts warn: it is too easy to steal WiFi access key from TalkTalk ‘s Super Routers
·      Huge Russia-Linked botnet VPNFilter ready to launch a massive attack on Ukraine
·      Turla APT group leverages for the first time the Metasploit framework for the Mosquito campaign
·      Bitcoin Gold hit by double-spend attack, exchanges lose over $18 million
·      Justice Department announces actions to disrupt the VPNFilter botnet
·      Kaspersky discovered a backdoor account and other issues in D-Link DIR-620 Routers
·      Many users reported in the past few weeks their Macs have been infected with a new Monero Miner
·      Xenotime, Threat actors Behind Triton Malware broadens its activities
·      Electron Windows Protocol Handler MITM/RCE (bypass for CVE-2018-1000006 fix)
·      More than 100 Million IoT devices potentially exposed to Z-Shave Z-Wave attack
·      Russian speaking hacker arrested for stealing $8,000 per day leveraging mobile malware
·      CVE-2018-7783 flaw in Schneider SoMachine Basic can be exploited to read arbitrary files on the targeted system
·      Experts show how to defeat AMDs Secure Encrypted Virtualization
·      Pre-installed malware found in 141 low-cost Android devices in over 90 countries
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]