Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Security Affairs newsletter Round 165 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! ·      A bug in T-Mobile site allowed anyone see any customers account details ·      […]

newsletter

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      A bug in T-Mobile site allowed anyone see any customers account details
·      Coca-Cola data breach has affected about 8,000 workers
·      Security Affairs newsletter Round 164 – News of the week
·      BackSwap Trojan implements new techniques to steal funds from your bank account
·      Experts noticed an ongoing activity involving the RIG Exploit Kit to deliver the Grobios Trojan
·      Hackers defaced screens at Mashhad airport in Iran protesting the government
·      MalHide Malware uses the compromised system as an eMail relay
·      Researchers And The FBI Work Together to Take Down the Russian VPNFilter Botnet Targeting Home Routers
·      Abusing Interactive Voice Response systems – Legacy Telecom [CVE-2018-11518]
·      EOS Node Remote Code Execution Vulnerability — EOS WASM Contract Function Table Array Out of Bounds
·      Hacker stole $1.35 million from cryptocurrency startup Taylor
·      The Cobalt Hacking crew is still active even after the arrest of its leader
·      At least 90,000 Canadian bank customers may have been affected by two data breach
·      CVE-2018-11235 flaw in Git can lead to arbitrary code execution
·      New Banking Trojan MnuBot uses SQL Server for Command and Control
·      US-CERT issued an alert on two malware associated with North Korea-linked APT Hidden Cobra
·      Expert found a zero-day RCE in Microsoft Windows JScript component
·      Miscreants hijacked the defunct SpamCannibal blacklist service
·      US Federal court judge rejected a lawsuit by Kaspersky against the ban on its products
·      Crooks expand the original Mirai botnet code base with new capabilities and improvements
·      North Korea-linked Andariel APT Group exploited an ActiveX Zero-Day in recent attacks
·      Ticketfly website was compromised, the hacker also stole customers data
·      Visa payments DOWN: Millions affected by a service disruption
·      Yes, Germany BND foreign intelligence service can spy on the worlds biggest internet exchange
·      Crashing HDDs by launching an attack with sonic and ultrasonic signals
·      Experts believe the botmaster of the VPNFilter is attempting to resume the botnet
·      Flaws in Multidots WordPress Plugins expose e-Commerce websites to a broad range of attacks

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]